What you need to know about the Krispy Kreme Data Breach

The popular doughnut and coffeehouse chain Krispy Kreme was established in 1937 in Winston-Salem, North Carolina. It has grown over the years and currently operates 1,500 shops and 17,900 points of access in 40 nations. Krispy Kreme has a workforce of more than 22,800 workers worldwide. It recently adopted a digital transformation initiative, which included online ordering modes for better operational efficiency.

Automation and AI in Cybersecurity: $2.22 Million in Savings

Over 2024, the average global cost of a data breach reached $4.88 million. This is 10% up from the previous year and the highest amount to date. These figures, published in the Cost of Data Breach Report 2024, also reveal that companies implementing artificial intelligence and automation in their cybersecurity strategies saved an average of $2.22 million compared to businesses that did not adopt them.

How to Prevent Phishing and Account Takeover from DNS Cache Poisoning in Real Time

For security teams, it’s no great revelation to say that DNS cache poisoning prevention is essential for guarding against attacks using that vector. But it’s easier said than done. While traditional network-layer defenses like DNSSEC reduce poisoning risk, they can’t fully prevent it. Downstream – after redirection – bad actors await, ready to harvest credentials, bypass MFA, and take over accounts.

What Every CISO Needs to Know About HIPAA and Online Tracking Technologies in 2025

In 2025, HIPAA enforcement has expanded beyond internal systems and EHRs to include what happens in users’ browsers. That means even seemingly harmless scripts — like ad pixels or analytics tags — can expose protected health information (PHI).

What To Know About the Aflac Cyber Attack

Aflac, one of the largest American insurance companies, reported that cybercriminals breached its systems on June 20, 2025. Suspicious activity first occurred on Aflac’s U.S. network on June 12, and Aflac initiated its incident response plan to contain the spread of the cyber attack within several hours. At the time of this writing, Aflac’s investigation is still in the early stages, and the insurance giant hasn’t reported on how many of its customers were affected.

Securing the Future of Generative AI: Why Security Can't Keep Pace with Innovation

By James Rees, MD, Razorthorn Security The artificial intelligence revolution isn’t coming. It’s here and it’s moving faster than anyone predicted. Children now trust ChatGPT more than their parents for information. AI-generated content is becoming indistinguishable from human work. Entire industries are being reshaped by technology that seemed like science fiction just a few years ago.

A 101 Guide to GDPR Vulnerability Assessment

The GDPR has compelled a shift in how companies manage personal data. At the heart of GDPR is the requirement to safeguard customer data from unauthorized access, loss, or alteration. GDPR vulnerability assessment is a basic requirement, whether you’re based in the EU or not. If you process the data of EU residents, this assessment isn’t optional.

Shift Security Left! Integrate Security Early in Your SDLC! #cybersecurity #securityteam

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

Vulnerability Management Metrics and KPIs: What to Track and Why It Matters

Vulnerability management is not just about spotting weaknesses. It is about fixing them effectively and staying ahead of attackers. And the urgency has never been clearer: the 2025 Verizon DBIR shows a 34% increase in attackers exploiting vulnerabilities to gain initial access and cause breaches compared to last year’s report. So, how can you be sure you are on the right track? Are you reducing risk efficiently? Are critical vulnerabilities being remediated before they are exploited?