Twenty-five years ago, we set out to tackle one of the most challenging problems in identity security: Securing privileged access. Today, CyberArk takes another giant step forward, extending our leading identity security to the rapidly evolving challenge of securing AI agents. And this is no small undertaking. Due to their autonomous mandate, AI agents are growing to be among the most privileged machine identities that enterprises have ever seen.

Data and proactive insights garnered therein are vital strategic assets in the modern digital era. Amidst this backdrop, global regulations notably starting with the European Union (EU) Global Data Protection Regulation (GDPR) have become the vanguard to: It’s important to note too, that data sovereignty enables individual ownership of data and supports individuals to fully control how it is used while assuring that their data is protected in compliance with local regulations.

On March 25, 2025, NIST released the initial public draft of NIST SP 800-228, "Guidelines for API Protection for Cloud-Native Systems." The document provides a comprehensive framework for securing APIs in cloud-enabled environments. However, for organizations looking to align with these objectives, the tooling requirements may seem initially overwhelming. Fortunately, Wallarm helps streamline the process by integrating many of these recommendations into a single, cloud-native solution.

New cyber threats emerge daily, demanding constant attention. Security isn't something you do once and forget about! According to IBM, the average cost of a data breach in 2024 was $4.88 million, a 10% increase from the previous year. That’s why it's crucial to integrate regular mobile app security audits into your strategy. Think of it as a health check-up for your app – catching problems before they become nightmares.

Arctic Wolf has observed an uptick in activity from the Silent Ransom Group, a cybercriminal group first identified in 2020 and notorious for its targeted cyber extortion campaigns driven by financial gain. This week, the group has been targeting the legal industry using “call-back” phishing tactics. The group sends emails impersonating services such as Duolingo or Masterclass, claiming a pending charge and urging recipients to call a phone number to resolve the issue.

Ever thought an image file could be part of a cyber threat? The Trustwave SpiderLabs Email Security team has identified a major spike in SVG image-based attacks, where harmless-looking graphics are being used to hide dangerous links. This blog post analyzes the various techniques cybercriminals are using to cleverly weaponize these image files in phishing attacks and what your organization can do to prevent these pixel-perfect tricks.