Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In late June 2025, Arctic Wolf issued a security bulletin addressing a critical out-of-bounds read vulnerability in Citrix NetScaler ADC and Gateway that Citrix disclosed, tracked as CVE-2025-5777. This vulnerability affects NetScaler devices configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.

Last week, we hosted the Product Spotlight: Build agents in Tines, and it was a hit. We had so many questions that we couldn’t answer them all live, so we’re continuing the conversation here. Before we jump into the Q+A, here’s a quick recap of the webinar in case you missed it: In this session, Head of Product Stephen O'Brien introduced the AI Agent action and shared how it builds on our ongoing evolution of workflows.

The 2025 SANS SOC Survey reveals that while technology keeps evolving, the core problems facing SOC teams remain stubbornly in place. Teams are understaffed. Tool sprawl is growing. And performance metrics often miss the mark. Many SOCs lack the workflows, strategy, and staff to connect tools, streamline processes, and reduce manual work. And now they face a new challenge: making AI actually deliver value. Let’s dig into the key findings.

With the average phishing campaign now harvesting its first set of credentials in under 15 minutes , the efficacy of a detection strategy is measured in seconds, not hours.. Relying on scanning and takedown or traditional threat intelligence feeds – that inherently lag behind real-time user engagement – is no longer a viable defense against even unsophisticated credential theft and account takeover (ATO) scams.

The National Institute of Standards and Technology (NIST) has unveiled a new metric that promises to revolutionize the way vulnerability management is prioritized. Likely Exploited Vulnerabilities (LEV) is a ranking designed to help organizations focus their efforts on the flaws that cybercriminals are actively using to perpetrate real-world attacks. Thousands of vulnerabilities are reported every year but only a small fraction is exploited in the wild.

CPS 234 and ISO 27001 are two industry-accepted standards that help protect organisations from cyber attacks—one of the biggest threats and concerns Australian organisations experienced in 2024. The standards can be said to share the same end goal—increasing cyber resilience while helping manage information security more effectively. ‍ Despite this shared goal, CPS 234 and ISO 27001 come with notable differences.