Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Botnets have become a core part of the infrastructure in today’s cybercrime ecosystem — not just as enablers of disruption, but as purpose-built networks engineered for profit, stealth, and scalability. Built from large networks of compromised devices and rented out via criminal marketplaces, botnets are now essential as-a-service components of any cyberfraudster’s toolkit. While the concept of a botnet is not new, their construction, use cases, and value have certainly advanced.

How many times have you experienced this scenario at work? A hot new AI tool emerges, promising game-changing productivity and innovative features. You can’t wait to try it out in your own workflow. But what is often your security team’s first instinct? Block it.

Chroma is an open-source vector store–a database designed to allow LLM chatbots to search for relevant information when answering a user’s question–and one of many technologies that have seen adoption grow with the recent AI boom. Like many databases, Chroma can be configured by end users to lack authentication and authorization mechanisms.

While organizations pay close attention to securing regular human accounts, service accounts often lack proper oversight. Yet their high level of access makes them a prime target for attackers seeking entry points into an organization’s network. In this article, we examine the core reasons service accounts may undermine organizational cybersecurity and outline five essential rules to help you secure your service accounts.

Brilliant AI, broken defenses? AI-powered apps are revolutionizing how we search, learn, and communicate, but the rapid pace of innovation has come at a cost: security is often an afterthought. As part of our AI App Security Analysis Series, we’ve been scrutinizing some of the most popular AI tools on Android for hidden vulnerabilities that could put millions of users at risk.

If the mere mention of identity governance and administration (IGA) stresses you out, you’re in good company. Managing digital identities and access privileges is a significant challenge that only grows more difficult as cloud adoption accelerates, and environments and threats become increasingly complex. Today, many organizations struggle to support the three key IGA business drivers: compliance, lifecycle management, and security.

In this episode of Security Matters, host David Puner sits down with Marene Allison, former Chief Information Security Officer (CISO) of Johnson & Johnson, for a candid and wide-ranging conversation on trust, identity, and leadership in cybersecurity. From securing global vaccine supply chains during the COVID-19 pandemic to navigating the rise of AI and machine identities, Marene shares hard-earned insights from her decades-long career in national security and the private sector.

At this year’s Money20/20 Europe, the focus was clear and pragmatic. Three themes came through consistently: digital identity, stablecoins, and open banking. Each reflects a broader shift underway. Institutions are moving from exploration to implementation. Regulatory frameworks are taking shape. Infrastructure is evolving to meet new demands. These priorities emerged across our discussions with partners, customers, and colleagues—and signal where the market is heading.

Over the past year, cybercriminal activity has shifted toward exploiting vulnerabilities found in company perimeters and infrastructure systems. Attacks are also being carried out within shorter and shorter timeframes. According to data from Google Threat Intelligence Group (GTIG) in 2024, 44% of zero-day attacks affected enterprise-focused technologies, compared to 37% in 2023.

Arctic Wolf has recently observed customers receiving unsolicited Microsoft multi-factor authentication (MFA) text messages. These messages originate from legitimate Microsoft short code numbers; however, the source and intent have not been confirmed. This issue appears widespread, affecting organizations across multiple industry verticals. Example of Text Message It is currently unclear whether this activity is due to a systemic issue on Microsoft’s side or part of a malicious campaign.