Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Most SOC teams don’t struggle with what they need to automate — they struggle with where to start. Between complex playbooks, brittle integrations, and the fear of breaking something in production, security orchestration, automation, and response (SOAR) often feels harder to adopt than it should be.

Dark web marketplaces continue to fuel cybercrime in 2026. This blog explores emerging trends, what threat actors are trading, and why dark web monitoring is essential for organisations.

Cato CTRL has identified a previously undocumented malware loader we track as “Foxveil.” We observed evidence that the malware campaign has been active since August 2025, and we observed two distinct variants (v1 and v2). Foxveil behaves like a modern initial-stage loader: it establishes an initial foothold, frustrates analysis, and retrieves next-stage payloads from threat actor-controlled staging hosted on Cloudflare Pages, Netlify, and, in some cases, Discord attachments.

It’s an unusually cold winter morning in Houston, and Craig Riddell is settling into his new role as Wallarm’s Global Field CISO. It’s a position that suits him down to the ground, blending technical depth, empathy, business acumen, and, what Craig believes, the most underrated skill in cybersecurity: curiosity. Like so many of us, Craig got into cybersecurity by accident. He first learned Unix under the guidance of a mentor while transitioning out of the military.

Today we're announcing our $50 million Series C, led by Insight Partners with participation from Quadrille Capital and our existing investors. But this isn't a story about funding.

Security teams need clear signals, fast investigations and enablement that fits into existing workflows. The latest CyCognito updates focus on improving posture visibility, expanding user learning in-app, and streamlining asset and issue review. Recent enhancements include a new beta Homepage, CyCognito Academy, list view improvements and expanded notification controls.

Chief Information Security Officers are realizing, in greater numbers than ever before, that cybersecurity can no longer be viewed as a siloed technical function but instead as a core enabler of business growth, innovation, and AI adoption, according to LevelBlue’s latest Persona Spotlight: CISO.

Today, we announced our Series C funding. I want to start by saying thank you to Delta-v Capital and Arthur Ventures for their partnership and conviction in what we’re building. We’re grateful for their support and for the trust they’ve placed in our team. They didn’t invest because Nucleus tells a good story.

Defense evasion is one of the main reasons cyberattacks go undetected for days or weeks. Attackers avoid breaking systems now. They prefer to hide inside them. For that, they use defense evasion techniques that allow them to blend into normal activity and avoid alerts. Tools like EDR and SIEM can detect parts of an attack, but cannot provide the complete picture. This creates detection blind spots. Teams also face alert fatigue, which prevents them from recognizing real threats.

Preemptive cybersecurity defense refers to the ability to detect and disrupt fraud and account takeover attempts before credentials are misused and damage occurs. According to a 2026 analyst brief from Frost & Sullivan, most enterprise fraud and cybersecurity controls still activate too late in the attack lifecycle to prevent loss.