Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The latest ransomware players and tactics, new insights on stolen passwords, and two attacks involving O365.

As adults, we rarely question the safety of the medicine we consume. This confidence stems from knowing that these products undergo rigorous, independent testing before reaching pharmacy shelves. Security solutions, especially those critical to enterprise operations, deserve the same level of scrutiny. Before trusting a platform to safeguard our data and systems, it’s essential to verify that it can counter the sophisticated threats we face today.

With a high-stakes battle between OpenAI and its alleged Chinese rival, DeepSeek, API security was catapulted to priority number one in the AI community today. According to multiple reports, OpenAI and Microsoft have been investigating whether DeepSeek improperly used OpenAI’s API to train its own AI models.

Corporations need more advanced systems and approaches in place in order to deal with the increasing complexity of cyberattacks. This need for appropriate measures has given rise to a set of practices alongside the Managed Detection and Response (MDR) cybersecurity framework. With the help of ongoing threat hunt, continuous monitoring, and quick incident reactions, hackers are always a step or two behind a firm that uses MDR services.

Following the emergence of data-leak sites (DLSs) for extortion group’s Morpheus and GD LockerSec in January 2025, Cyjax has discovered a DLS which claims that the infamous Babuk ransomware group has returned. Read on to find out what we know so far.

This report will provide an overview of the various extortion groups, hacktivists, and initial access brokers (IABs) targeting the Middle East throughout 2024 and highlight the relevant observed trends. Specifically, this report will look at incidents affecting Egypt, Iran, Iraq, Saudi Arabia, Yemen, Syria, Jordan, United Arab Emirates, Israel, Lebanon, Oman, Kuwait, Qatar, and Bahrain.

Trust is the cornerstone of the hospitality industry. Guests rely on you to safeguard their personal data, payment information, and loyalty rewards. However, in today's digital landscape, this trust faces constant risks. APIs, which serve as the unseen connections among various systems and applications, are particularly vulnerable to cyber threats. A single flaw can compromise sensitive data and cripple your brand’s reputation.

Most fresh installs of operating systems or applications come with preconfigured settings that are usually insecure or not properly configured with security in mind. Use the leverage provided by multiple frameworks such as CIS Benchmarks or NIST NCP to find out if your organization needs to augment or adjust any baselines to become better aligned with the policies your organization is trying to adhere to.

PowerSchool was founded in 1997 and is known for its expertise in providing cutting-edge education technology within the education community. It currently serves over 60 million students globally. The company has a robust intelligent system tailored to meet each student’s individual needs and serves educators in over 90 countries globally, including the United States. PowerSchool has its headquarters in Folsom.

Here's a closer look at one such advanced malware employed with tools by Black Basta—to name a few, Zbot, DarkGate, and customer-designed payloads on order as well—and how these latter help in extracting data coupled with sustaining unauthorized access at some distance. Introduction.