Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

EIP-7702 comes with a lot of promise for better UX, better onboarding, retail adoption, cheaper wallet operations and many more great features. The hype is real and is justified. However, it does come with a tradeoff between new capabilities and risk. The recent ByBit hack showed the consequences of inadvertently delegating control to a malicious actor.

Adversaries don’t need to force their way in when they can slip through an organization’s overlooked assets. Subdomain takeovers are a prime example of how attackers exploit misconfigured or abandoned DNS records to gain access, launch phishing campaigns, distribute malware, or take other malicious actions — all while operating under the guise of a legitimate corporate domain.

CrowdStrike Incident Response (IR) services sees firsthand why organizations facing today’s evolving threat landscape require advanced capabilities to detect, respond, and remediate cyberattacks in near real time. These observations continue to shape our approach to delivering unparalleled incident response.

Artificial intelligence (AI) and generative AI (GenAI) are rapidly transforming the public sector, moving beyond theoretical possibilities to real-world applications. Proper data preparedness, stewardship, and governance will play critical roles in successful GenAI implementations. We recently hosted a webinar, Public sector data stewardship for the AI era, with industry experts Max Klaps, research director at IDC, and Dave Erickson, distinguished architect at Elastic.

Not all network traffic is what it seems. Some flows conceal secrets, quietly exfiltrating sensitive data beyond your defenses. MITRE ATT&CK T1048 - Exfiltration Over Alternative Protocol is a stealth technique adversaries use to smuggle data out of your environment by bypassing traditional security controls.

The KnowBe4 Threat Research team has observed a sustained increase in the use of Scalable Vector Graphics (SVG) files to obfuscate malicious payloads. SVGs are vector based, rather than pixel-based like PNGs and JPGs. This means the graphic elements can be scaled up without loss of quality - making them perfect for sharing graphics, such as logos and icons, via email.

Artificial Intelligence (AI) is no longer just a tool—it is a game changer in our lives, our work as well as in both cybersecurity and cybercrime. While organizations leverage AI to enhance defences, cybercriminals are weaponizing AI to make these attacks more scalable and convincing .

Microsoft warns that a widespread malvertising campaign hit nearly one million devices around the world. The campaign, which began on illegal streaming sites, impacted both consumer and enterprise devices across a wide range of industries. “Analysis of the redirector chain determined the attack likely originated from illegal streaming websites where users can watch pirated videos,” Microsoft says.

Cybersecurity has advanced beyond the reliance on firewalls and antivirus software. As cyber threats become more sophisticated and unpredictable, traditional security tools alone are no longer enough. Modern attacks exploit unknown, unmanaged, and overlooked assets, making Attack Surface Management (ASM) essential for a proactive and comprehensive defense.

Sysdig’s 2025 Cloud-Native Security and Usage Report identifies promising trends in how organizations are developing, using, and maintaining everything within their cloud environments. The eighth annual report shares the results of an analysis of millions of containers and cloud accounts. This year’s findings reveal several key areas that have improved, including cloud threat detection and response, AI security, and vulnerability management.