Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AI red teaming is the process of simulating adversarial behavior to test the safety, security, and robustness of artificial intelligence systems. It draws inspiration from traditional cybersecurity red teaming (where ethical hackers emulate real attackers to expose flaws) but applies that mindset to machine learning models, data pipelines, and the broader AI stack.

This blog has been adapted from a section of 1Password’s ebook: Why SSO is not enough for identity security. To read the complete ebook, click here. Single sign-on (SSO) solutions are designed to manage and secure access to SaaS applications. By integrating with a company’s identity provider (IdP), SSO allows teams to authenticate an identity to multiple applications via a single log-in.

Accounts receivable (AR) underpayments can throw a wrench into financial management. Whether due to client misunderstandings, billing discrepancies, or simple rounding errors, these issues can complicate record-keeping, delay account reconciliation, and eat into your organization’s bottom line. Effectively managing AR underpayments is essential, ensuring both financial accuracy and a smoother billing process.

May 2025 marked one of the most active months for reported healthcare breaches in the United States. The HHS OCR Breach Portal documented 74 breach incidents involving more than 4.2 million individuals. This represents a 23% increase in affected records compared to April 2025. This month’s spike reveals a troubling trend: healthcare organizations are facing intensified cyber threats with limited improvements in prevention.

The use of artificial intelligence in cyberattacks is now a growing concern. From the automated creation of malware to more sophisticated phishing campaigns, AI’s ability to enhance the scale and effectiveness of threats has become a cause for alarm. However, Version’s 2024 Data Breach Investigations Report (DBIR) states that only 2% of analyzed data breaches directly involved the use of this technology.

In the ever-vigilant effort to secure the open-source ecosystem, Veracode’s continuous monitoring systems recently flagged a pair of npm malware packages—solders and @mediawave/lib. The malicious behavior, however, is not at all obvious at first because of a layer of unusual Unicode obfuscation that caught our attention. Our investigation focused on the solders package, which leverages a common yet critical attack vector: a postinstall script in its package.json.

Sometimes preparing dinner can be a complicated task. You’re juggling a stir-fry, boiling pasta, prepping a salad, and all you want is to say “Chop the onions” and have it done. No switching between tasks, no looking up steps. Just state the intent, and it’s executed. We wanted that same level of simplicity when interacting with our environment, including sites, users, topology, and real-time data. That led us to build Cato’s Model Context Protocol (MCP) Server.

MainStreet is a community-oriented bank in Fairfax, Virginia. Established in 2004, it is under the MainStreet Bancshares Incorporated, a small-cap financial holding organization. The financial institution follows a “branch-lite” model with six physical locations, though it offers significant banking services like mobile and online banking.

Swiss-owned luxury jeweler, Cartier, has had its website hacked and customer data compromised in the incident. Cartier, a subsidiary of Richemont, produces some of the world's finest watches, bracelets, and necklaces, which have been worn by Michelle Obama, Taylor Swift, and Angelina Jolie.

Apex predators in cybersecurity are the top-tier threat actors that most security teams never see coming. These aren’t script kiddies or opportunistic ransomware groups. We’re talking about nation-state APTs, elite criminal syndicates, and sophisticated actors with unlimited budgets and custom toolkits.