Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Every time a developer hits “commit,” the global software ecosystem takes a collective breath. Why? Because in today’s fast-paced development cycle, the sheer volume of code changes—and the 1.2% of commits estimated to introduce a bug—means that tens of thousands of new vulnerabilities emerge every single year. Security teams are in a relentless, exhausting race against time, trying to find and fix flaws before malicious actors do.

As retailers gear up for the year’s biggest sales, cybercriminals are preparing for their own “Black Friday rush.” They’re not after TVs, they’re after data. Last year, phishing surged more than 600%1 during Black Friday week and ransomware attacks rose nearly 60%2.

Discover what’s changed in the OWASP 2025 Top 10 and how GitGuardian helps you mitigate risks like broken access control and software supply chain failures.

Nov 20, 2025 UK Cyber Security Bill: A Mandate for Resilience Read More Natalie Tischler Nov 18, 2025 GPT‑5 Pulls Ahead on Secure Code While Rivals Stall Read More Natalie Tischler Nov 12, 2025 Beyond Your Code: A Guide to Software Supply Chain Risk Management Read More Natalie Tischler.

Nowadays, identity theft has become one of the fastest-growing cybercrimes. In 2024, the United States' Federal Trade Commission received over 1.1 million identity theft reports¹, which is an increase of about 9.5% compared to 2023. What's even more disturbing is the fact that more than 47% of the Americans have their personal info exposed². Sometimes one mistaken click or download is all it takes to turn your life upside down.

While it shares a name with a popular cartoon character, there’s nothing cute about this DORA. The Digital Operational Resilience Act (DORA) has financial entitles and their service providers scrambling to meet DORA requirements or face fines and penalties. DORA is a cornerstone of the European Union's strategy to strengthen the financial sector against risks related to information and communications technology (ICT), although it has global implications that reach far beyond Europe.

Cybersecurity is a business-critical issue. Insider risk is now one of the fastest-growing threats to operational continuity, financial stability, and reputation. As hybrid work expands and regulations tighten, insider risk oversight is a board-level responsibility.

(Nov 24, 2025) JFrog continues to track, provide research and document another wave of the Shai-Hulud Software Supply Chain Attack which was originally reported by the JFrog Security Research team on 16-Sep-2025. Following the initial campaign, threat actors have returned with more advanced tactics, compromising an additional 796 new malicious packages across leading public registries.

Data governance and protection are crucial in safeguarding sensitive information. Proper classification and data labeling are essential to ensure that the right people access the right information. Failure to implement these practices can result in data breaches, financial losses, and reputational harm. To help with this, Microsoft offers sensitivity labels that classify and protect data as part of the compliance and security capabilities of Microsoft Purview Information Protection in Microsoft 365.