Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AI is a part of just about every organization—whether you're deploying AI, leveraging vendors who use it, or perhaps even building a model yourself. With AI moving faster than the pace of regulation, it’s natural for concerns around AI security and responsible usage to be top of mind. ‍ We hear from customers and prospects often who are looking for guidance to prove and demonstrate AI compliance and best practices.

While it’s well-known that email represents a significant source of cybersecurity threats, it’s not just the text included in emails that’s worrisome; images can be malicious as well. What’s more, images in emails may also present a threat of a different kind, including data leaks and content that’s not suitable for the workplace.

Cybersecurity Insiders’ Insider Threat Report 2023 states that 74% of organizations are moderately or more vulnerable to insider threats, which demonstrates why organizations need resilient data loss prevention strategies. Your organization needs strong access controls and detailed monitoring systems to protect sensitive information effectively.

In my previous blog, I covered the essentials of data sovereignty as a data protection concern for security professionals across domains. Data protection and digital trust will be paramount in the future due to data sovereignty and regulatory compliance mandates. As the Internet of Things (IoT) expands exponentially, the resultant security and privacy risk nexus further requires a holistic approach to data protection centered on both personal and enterprise data protection strategies.

The California Consumer Privacy Act (CCPA) is the first comprehensive California data privacy law granting consumers control over how their personal information is collected, used, and shared. It was enacted in 2018 and took effect on January 1, 2020, signaling a national shift in privacy regulations. With increasing emphasis on transparency and accountability, businesses must now adhere to a new standard in consumer data protection California.

On April 24, 2025, watchTowr published technical details and a proof-of-concept (PoC) exploit for a critical vulnerability in Commvault Command Center, CVE-2025-34028, which had been disclosed earlier in April. Commvault Command Center is a web-based interface used to manage data protection, backup, and recovery operations across enterprise environments.

A new report from Valimail has found that 50% of organizations lack effective protection against email spoofing. Specifically, many organizations have lenient DMARC policies that don’t actually prevent spoofing. DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication protocol that helps prevent attackers from spoofing organizations that have the protocol in place.

Recently, I received an email at work from a company with whom I've had previous interactions. The email lacked context and contained an attachment, immediately raising suspicion. I reported it to our infosec team using the Phish Alert Button (PAB). A short while later, our team confirmed it was indeed a malicious email. Subsequently, the sender organization informed us that they had been compromised, and phishing emails had been distributed from their account.

Cloud-Native Application Protection Platforms (CNAPPs) combine tools that scan your code, check your open-source libraries, protect your cloud workloads, and monitor your cloud configurations. But CNAPPs aren’t a silver bullet. They lack external active testing and blackbox cloud asset discovery, two capabilities that can leave exploitable vulnerabilities undetected. CNAPPs depend on APIs and deployment hooks to see what’s running.

As 9 out of 10 valuable web apps are missing testing, we’re launching new capabilities to help teams know what else, beyond core applications, is likely to require in-depth testing. The new features automatically classify discovered web assets based on attacker reconnaissance techniques and deliver recommendations on where to run DAST, bridging the gap between broad and deep testing across the entire attack surface.