Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In late May, I wrote a blog post titled “One Year of LevelBlue: Milestones, Momentum, and a Vision for the Future.” Year one for LevelBlue was definitely a time of growth, change, and excitement! Today, I am writing to highlight LevelBlue’s continued momentum in the market through two recently announced acquisitions. On June 11, LevelBlue announced its acquisition of Aon’s Cybersecurity and IP Litigation Consulting groups, Stroz Friedberg and Elysium Digital.

In this guest post, Eric Newcomer, Principal Analyst at Intellyx, explains why data is essential for building and running effective AI workflows. In the current phase of AI transformation, everyone is discovering many applications for gen AI, especially chats with LLM trained data, public as well as private. One interesting application of AI is building modern workflows to automate operational processes.

Key takeaways Cyber threats today are anything but simple. With attackers using every trick in the book — and inventing new ones all the time — businesses need more than a one-size-fits-all approach to cybersecurity. You require diverse cybersecurity solutions to face a variety of threat vectors. These threats are diverse, evolving, and target multiple layers of your IT environment.

Artificial intelligence is no longer a distant vision—it’s a present-day force reshaping how enterprises manage, process, and secure their data. Among the most influential innovations driving this transformation is Microsoft Copilot. Marketed as an AI-powered productivity enhancer, Copilot integrates seamlessly with Microsoft 365 applications, unlocking new levels of efficiency across industries.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Another round of phishing emails due any moment then…

The tension between security teams and developers is palpable. Developers are considered impatient risk-takers, while SecOps folks are barely tolerated as a hindrance to adopting new tools and workflows. Weekly sprints, tight deadlines, and looming security threats (especially in the GenAI and vibe coding era) exacerbate this tension.

The move to remove PowerShell 2.0 from Windows 11 is strategic and long overdue. Microsoft is making this move to embrace modern, secure, and efficient system tools. PowerShell 2.0 has many inherent security issues tied to the deprecated framework and its reliance on deprecated encryption & validation protocols.

You are the CISO of a mid-sized enterprise that is experiencing rapid growth, i.e., your security stack is becoming increasingly complex by the month, compliance auditors are asking more challenging questions, and your board wants measurable proof that security investments are actually reducing risk. Meanwhile, attack vectors are evolving daily, and your current risk assessments consistently lag behind.

Laravel APP_KEY leaks enable RCE via deserialization attacks. Collaboration with Synacktiv scaled findings to 600 vulnerable applications using 260K exposed keys from GitHub. Analysis reveals 35% of exposures coincide with other critical secrets including database, cloud tokens, and API credentials.

Cyberattacks on supply chains in 2025 have become more frequent and severe, moving from isolated incidents to major multi-sector crises. These crises involve data theft in software patches, ransomware disrupting food, pharmaceutical, and financial pipelines. As attackers target vendors as entry points, defensive measures must adapt. This includes enhanced vendor vetting, code provenance controls, firmware security, and robust third-party risk response.