Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Today’s man-in-the-middle (MitM) attacks go far beyond coffee-shop Wi-Fi: they target browsers, APIs, device enrollments, and DNS infrastructure. Using automated proxykits and supply-chain flaws, attackers hijack session cookies, tokens, and device credentials—turning one interception into persistent, high-value access. Concerningly, these are not edge cases.

Today’s enterprises are more fluid than ever. Employees work from personal devices, contractors join from unmanaged devices, and IT teams are expected to secure it all—without adding complexity or degrading performance. But most secure access tools were never built for this reality. The Cato Browser Extension offers a better way forward. It brings zero-trust access to unmanaged devices, BYOD, or third-party systems without installing endpoint software.

We’re excited to share new updates and enhancements for September, including: For more information on these updates and others, please read the complete list below and follow the links for more detailed articles.

In a typical enterprise environment, NTP server configurations may differ not just between vendors, but even across OS variants within the same vendor. Ensuring that these configurations are correct and standardized is critical for time synchronization, which underpins security, logging, and automation.

The Quadient DS-700iQ is a high-volume folder-inserter machine designed for automating the process of assembling, folding, and inserting mail into envelopes for large mailing operations. It features a modular design that can handle complex mailing jobs, supports multiple feeders and enclosures, and offers integration with barcode/OMR/2D scanning for document integrity and sorting.

Most dashboards are like a busy beach with one lifeguard watching the entire shoreline. They keep an eye on everything, but the sheer scope means that critical issues—like risks in AI applications—can get lost in the crowd. Mend.io’s AI Security Dashboard changes that. It’s like a lifeguard tower posted directly at the AI section of the beach, keeping a sharp, dedicated watch on AI specific risks that other tools overlook.

Why device identity during manufacturing and onboarding is the foundation of Zero Trust security.

Tell me if you’ve heard this one before: a company audits its checkout page and discovers 47 scripts running. Only 12 were approved. The other 35? A mystery, and a risk. Nobody knows who added them or whether they’ve been compromised. That’s what we’re here to talk about today.

The threat groups Qilin and Akira together conducted about one-quarter of the 402 ransomware attacks tracked by Trustwave SpiderLabs in September, with the manufacturing and technology sectors receiving the brunt of these efforts. This information was derived from a new SpiderLabs ransomware tracking tool that gathers information from a variety of open intelligence sources and our own proprietary research.

Companies face more sophisticated, unpredictable cyber threats. Zero Day vulnerabilities are among the greatest risks, as these software flaws are unknown and exploited before a fix is available, potentially compromising thousands of organizations. Stopping zero-day attacks is a top priority for security teams, requiring faster identification, detection, and mitigation to prevent damage. But how do these attacks work, and what practices really help?