Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AI dominated headlines this year and threat actor groups made bold moves in 2025. From threat actors like Imperial Kitten and scammers using tools like Sora AI to mimc real human voices to Congressional action on the PILLAR act and a $50 billion rural healthcare investment from the U.S. government, there are a lot of moments this year that make up Cyber Santa's Naughty and Nice List for 2025.

In this clip from This Week in NET, Systems Engineer Steve James gives a hands-on demo of a real-time multiplayer chess game running inside ChatGPT, built with the Agents SDK and Cloudflare Workers. Beyond the demo, we talk about what developers can build today with AI agents — and why, given the pace of innovation, it’s genuinely hard to predict what applications and experiences will emerge in 2026.

Optimism and pessimism are described as two sides of the same insanity, while real security work is grounded in facts and risk. Security professionals are often labelled pessimistic for focusing on problems, yet this mindset protects systems by facing threats without sugar coating or denial.

Different viewpoints and psychological safety improve both problem solving and emotional support in security teams. The clip highlights how rushing to fix other people’s struggles can backfire, and shows why listening without assuming you know the solution is often the most effective response.

This tutorial demonstrates how to set up the Google Drive Integration for monday.com, enabling seamless access to your Google Drive files directly within monday.com. With this app, you can view, search, and manage your Drive files without leaving your monday.com workspace. Experience smooth 2-way synchronization between Google Drive and monday.com for better collaboration and file management. With the monday.com Google Drive Integration, you can.

Are agentic AI threats just hype or reality? Security Visionaries host Max Havey digs into the world of agentic AI-enabled threats and cyber espionage with guests Neil Thacker, Global Privacy and Data Protection Officer at Netskope, and Ray Canzanese, Head of Netskope Threat Labs. IN THIS EPISODE.

About Indusface: Indusface is a leading application security SaaS company, securing over 6,500 customers across 95 countries with its award-winning platform. Backed by leading institutional investors, Indusface is a category leader in cloud WAAP, with repeated recognition from top analysts and industry platforms including Gartner, Forrester, GigaOm, and G2. The industry's only AI-powered, all-in-one AppSec platform helps businesses discover, detect, remediate, and protect web applications and APIs at internet scale, backed by a 100% uptime guarantee.

In this episode of Security Matters, host David Puner welcomes back David Higgins, senior director in CyberArk’s Field Technology Office, for a timely conversation about the evolving cyber threat landscape. Higgins explains why today’s attackers aren’t breaking in—they’re logging in—using stolen credentials, AI-powered social engineering, and deepfakes to bypass traditional defenses and exploit trust.

AI assistants with broad enterprise access are creating a new attack vector. Chris Luft and Matt Bromiley discuss the Gemini Jack vulnerability, where attackers used prompt injection to turn Google's AI assistant into an unwitting accomplice in data exfiltration. The attack embedded hidden instructions in documents or emails. When employees asked Gemini normal questions like "show me our budgets," the AI retrieved the poisoned document and executed the attacker's commands without anyone clicking anything.

Detection is information; Blocking is mitigation. For Business Logic Abuse, simple detection alerts are not enough. Your tools must be able to actively block those manipulative, stateful attacks in real-time. Furthermore: Stop "one-and-done" security testing! You must continuously tune your testing by adopting an adversary's perspective. Tune your defense as constantly as attackers tune their exploits.