Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Short-lived credentials reduce exposure – but they aren’t secure by default. Here’s what ephemeral identity gets right, and where it can fail.

Over the last two years, various systems and applications have been integrated with generative artificial intelligence (gen AI) capabilities, turning regular applications into gen-AI powered applications. In addition, retrieval augmented generation (RAG)-which is the process of connecting gen-AI and large language models (LLMs) to external knowledge sources-and other agents have been incorporated into such systems, making them more effective, accurate, and updated.

Understanding the current landscape of insider threats in cybersecurity is essential for any organization aiming to strengthen its security posture. As the nature of internal risks evolves, tracking the latest trends empowers security leaders to make smarter, more proactive decisions. In this article, we break down the latest research, share expert insights, and highlight real-world incidents to help you assess your organization’s vulnerabilities and refine your insider threat management strategy.

AI agents are on the rise. They can spin up, act independently, use tools, and make decisions—often without real-time human oversight. They promise incredible productivity but also introduce new risks and challenges that can’t be ignored. As these agents become more autonomous and integrated into enterprise operations, they blur the lines between human and machine responsibilities. This raises critical questions: How do we ensure they act ethically?

Cybersecurity incidents nearly tripled in the first half of 2025, jumping from 6% in the second half of 2024 to 17% in 2025, according to a new report from LevelBlue. Business email compromise (BEC) remains the most common method for initial access, but non-BEC tactics rose by 214%. The researchers observed a major surge in social engineering attacks, driven by the recent popularity of the ClickFix tactic.

In today's world, cyberattacks are a constant threat. While technical defenses are crucial, people often remain the easiest attack vector for cybercriminals. To gauge the resilience of French employees against cyberattacks, we looked at the impact of security awareness training (SAT) and phishing simulations in strengthening their defenses. Our latest report, "Go Phish: How Susceptible Are French Employees To Malicious Attacks?", aims to provide some insight.

Most MSPs think they’re ready. They have backups. Maybe cloud syncs. Some monitoring. No major restore incidents… yet. But here’s the reality: MSPs don’t lose clients over support delays or feature gaps. They lose them when recovery fails silently, unexpectedly, and publicly.

On August 5, 2025, Trend Micro released a short-term mitigation tool addressing two critical command injection vulnerabilities (CVE-2025-54948 and CVE-2025-54987) in Apex One. These flaws affect the on-premise Apex One Management Console and have been exploited in the wild. Both stem from a command injection issue that allows unauthenticated, remote threat actors to execute arbitrary code on vulnerable systems. While the vulnerabilities are similar, they differ based on the targeted CPU architectures.

Today, Snyk is launching a powerful enhancement to our API discovery capabilities through a strategic partnership with Akamai. This integration is designed to solve one of the most significant challenges in modern application security: the difficulty of providing API schemas for DAST scanning. By directly ingesting API inventories and their corresponding schemas from Akamai, we are transforming a difficult manual process into a seamless, automated workflow within the Snyk platform.

Today, businesses must rethink GRC (Governance, Risk, and Compliance) to stay ahead of the game. With a proactive approach, GRC isn’t a cost center; it’s a strategy to streamline innovation at scale. We’ll discuss how to build your foundation for GRC with a proactive stance, helping you grow and protect your business.