Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Change is coming Some people don’t like change. Change is inevitable. And sometimes, change can be a good thing too. A while back we took our old phpBB2 forum offline (Find out why – here). As expected, that decision prompted a range of reactions and some understandable concerns from members of the community. The reasons behind that choice, including why we knew it would not work for everyone, are set out in the original post and remain unchanged.

It’s been a big month at ARMO – we shipped several powerful new capabilities to help you get more visibility, move faster, and stay ahead of real threats. Here’s what’s new.

At Tines, we recently faced a significant engineering challenge: our output_payloads table in PostgreSQL was rapidly approaching 17TB on our largest cloud cluster, with no signs of slowing down. Once a table reaches PostgreSQL’s 32TB table size limit, it will stop accepting writes. This table holds event data, in the form of arbitrary JSON, which is critical to powering Tines workflows. Given the criticality of the data, we couldn’t risk any disruptions to it.

With hyper-distributed workloads and machine-speed threats, the traditional strategy of "securing the perimeter" as a tactic for server and virtual machine (VM) has become obsolete. Today, security must be integrated directly into the workload itself.

The global economy is shifting toward total automation. Almost every industry is moving from manual work to automatic or semi-automatic workflows that act proactively or respond on their own, deliver results faster and operate with minimal human intervention. MSPs should be at the center of this transformation. This is the beginning of the autonomous MSP era – service providers that deliver reliable, scalable operations with minimal manual work, very high productivity and consistent quality.

In cybersecurity, an inaccessible tool isn’t just a nuisance: it’s a vulnerability. With the European Accessibility Act tightening regulations across Sweden and the EU, “good enough” design is now a legal and security risk. At Detectify, we’re rebuilding our front-end from the ground up to eliminate any “usability tax” that could lead to missed alerts.

Scammers stole an estimated $17 billion worth of cryptocurrency in 2025, according to a new report from Chainalysis. Notably, the report found that AI-assisted scams stole 4.5 times more money than scams that didn’t leverage AI. “Our analysis reveals that, on average, scams with on-chain links to AI vendors extract $3.2 million per operation compared to $719,000 for those without an on-chain link — 4.5 times more revenue per scam,” the researchers write.

When it comes to disaster recovery and backup plans, understanding the RPO and RTO is crucial as these two critical metrics help signal the level of your overall data security. In short, Recovery Time Objective (RTO) and Recovery Point Objective (RPO) play a critical role in determining how quickly and effectively an organization can bounce back from an IT disaster, safeguarding business continuity, and minimizing potential data and financial losses.

Healthcare remains the most targeted sector for ransomware attacks, with 238 ransomware incidents reported to the FBI in 2024 alone. The Change Healthcare attack demonstrated the cascading impact a single breach can have across the entire healthcare ecosystem, affecting payment processing for providers nationwide and ultimately compromising data on an estimated 190 million individuals.

Model Context Protocol (MCP) servers facilitate the integration of third-party services with AI applications, but these benefits come with significant risks. If a trusted MCP server is hijacked or spoofed by an attacker, it becomes a dangerous vector for prompt injection and other malicious activities. One way attackers infiltrate software supply chains is through brand impersonation, also known as typosquatting—creating malicious resources that closely resemble trusted ones.