Stablecoins in Banking: Strategic Insights from the 2025 Survey

The strategic conversation around stablecoins has moved beyond innovation labs and pilot programs. It’s now a focus in executive leadership meetings and shareholder reports. In June, Bank of America’s CEO highlighted stablecoins as a potential new form of transaction account, one the industry must be ready for. SMBC has signed a multi-party MOU to explore wholesale stablecoin infrastructure.

2025 Gartner SRM Summit: From Gatekeeper to Enabler. How Security Leaders Can Embrace AI Agents with Confidence

The 2025 Gartner Security & Risk Management Summit was a wake-up call, and an opportunity, for anyone responsible for securing the future of AI. With over 1,700 AI use cases now reported across federal agencies and enterprise adoption growing at a breakneck pace, the message was clear: AI is no longer on the horizon. It’s here, it’s active, and it needs securing.

CrowdStrike Researchers Investigate the Threat of Patchless AMSI Bypass Attacks

Microsoft introduced AMSI (Antimalware Scan Interface) with Windows 10 in 2015. This interface standard allows third-party security products to be integrated with applications running on a Windows PC to improve detections for fileless and script-based attacks. Naturally, adversaries immediately began efforts to defeat AMSI.

KnowBe4 Collaborates with Microsoft: Strengthening Email Security Through Strategic Integration

In today's rapidly evolving threat landscape, cybercriminals are becoming increasingly sophisticated in their attack methodologies, particularly when it comes to email-based threats. Organizations worldwide are recognizing that a single-vendor approach to security, while valuable, may not provide the comprehensive protection needed to defend against the full spectrum of modern cyber threats.

Your Code Might Be Using Risky AI Models

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

All SSO security is not created equally

This blog has been adapted from a section of 1Password’s ebook: Why SSO is not enough for identity security. To read the complete ebook, click here. Single sign-on (SSO) solutions integrate with a company’s identity provider (IdP) to allow users to authenticate to multiple applications via a single log-in. By reducing the number of access points and employee credentials, SSO reduces a company’s attack surface.

ISO 27001 beyond IT: Building a culture of security across the enterprise

The digital era has spurred organizations to rethink how they protect sensitive data, necessitating a robust and holistic approach to security. Although ISO 27001 is widely recognized as a framework for managing IT security, forward-thinking leaders are discovering that its principles can be extended far beyond IT departments.

Planning for a Post-quantum World, Now!

One of the primary concerns occupying future-gazers within the technology industry is the impact that quantum advances will have upon established encryption methods. Quantum computing is advancing at pace, and alongside the enthusiasm for what that will enable is a practical concern for the way quantum processing might render some of today’s security approaches ineffective.

Cost Insights. Enhanced Alerts. Smarter Security. And More. Meet CurrentWare v11.0.1.

Modern workplaces need monitoring software that goes beyond activity reports - tools that optimize tech spend, strengthen security posture, and drive smarter outcomes. CurrentWare v11.0.1 is built to do exactly that. Whether you’re trying to cut costs, prove compliance, or prevent internal threats before they escalate, this update arms you with the tools to act faster and smarter. Ready to see how? Let's dive in. Unused software isn't just sitting idle; it's silently draining your budget.

Pre-Authenticated RCE Chain Disclosed in Sitecore XP

On June 17, 2025, watchTowr disclosed technical details for a pre-authenticated remote code execution (RCE) exploit chain in Sitecore Experience Platform (XP), an enterprise content management system. Although Sitecore released a fix for these vulnerabilities in May 2025, no official CVE identifiers have been assigned at this time. The three vulnerabilities are currently tracked as WT-2025-0024, WT-2025-0025, and WT-2025-0032 by watchTowr and impact Sitecore XP versions 10.1 through 10.4.