Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The FBI has issued an advisory warning that scammers are distributing QR code phishing (quishing) links via unsolicited packages sent by snail mail. Recipients may scan the code to find out where the package came from, which will land them on a phishing page. This is a variation of a “brushing scam,” where unscrupulous vendors send packages designed to harvest information that can be used in phony positive reviews.

I hear about a ton of similar-sounding scam calls, where the scammer is pretending to be from a service you use (or used), offering you a substantial monthly discount (30% or more) if you pay some fee ahead of time. Sometimes they take the advance fee using your credit card, and sometimes they tell you that you have to get store gift cards. Who would possibly believe that a legitimate vendor would want them to pay with store gift cards? Hundreds of thousands of people.

Shlomi Kushchi is a seasoned system architect at Jit.io, specializing in building security solutions for dev organizations. With extensive experience in cloud computing and event-driven, microservices architecture, he empowers developers to master advanced technologies. Security experts dedicated to shaping insightful editorial content, guiding developers and organizations toward secure cloud app development. Dive into a wealth of knowledge and experience in fortifying software integrity.

Lawyers and law firms are slowly seeking the benefits of cloud storage to help manage client data, share files securely, and keep important data backed up. In 2024, approximately 75% of attorneys used cloud storage for work-related tasks, up 6% from 2023. So, as lawyers start to adopt cloud storage, they may be wondering what the most secure cloud storage is for law firms.

Adobe Experience Manager (AEM) Forms on Java Enterprise Edition (JEE) has suffered two critical vulnerabilities CVE‑2025‑54253 and CVE‑2025‑54254 disclosed in early August 2025. According to Adobe, both flaws carry public proof-of-concept (PoC) exploits, though there are no known in-the-wild attacks as of today.

Apple has now stopped signing iOS 18.5, now that it publicly released iOS 18.6 on July 29, 2025. Although this seems like a mundane decision, it holds important consequences, especially for power users, developers, and security researchers. For iOS 18.6 owners, downgrading to iOS 18.5 is no longer an option, baked into the way Apple has stopped signing iOS 18.5. Apple’s refusal to sign older versions makes any problem regarding restoring, installing, or downgrading to iOS 18.5 impossible.

Federal agencies are moving fast to unlock AI's potential—from improving citizen services to driving mission outcomes. But with all that innovation comes a new wave of complexity and risk. Security, trust, and transparency can’t be afterthoughts. They need to be part of the build and AI adoption process from day one. AI-driven development is exponentially increasing both code speed and code insecurity, as AI generates code with up to 40% more vulnerabilities than human developers.

In a year defined by AI-driven transformation, Gartner’s 2025 Hype Cycle for Application Security couldn’t have come at a better time. The report outlines a seismic shift in how security leaders approach modern threats, and we are proud to share that Appknox has been recognized as a sample vendor in this year’s edition.

If you’ve been in digital assets long enough, you’ve felt the shift—from experimentation to execution. Banks, custodians, exchanges, and fintechs have laid the groundwork for a new financial ecosystem; one that can support the scale, compliance, and interoperability demands of global finance. But that isn’t just about where assets are stored. If you’re still treating custody as an endpoint rather than a gateway, that’s a problem.

DSPM has become essential in today’s complex security landscape. This piece explores how organizations are evolving beyond basic deployment, the trends reshaping DSPM, and how Netwrix helps deliver continuous, actionable data security at scale. Data Security Posture Management (DSPM) has rapidly matured into a critical component of modern cybersecurity.