On February 12, 2025, Netskope Threat Labs reported a widespread phishing campaign using fake CAPTCHA images via Webflow CDN to trick victims searching for PDF documents on search engines. These PDF files lead to phishing sites designed to pilfer victims’ credit card and personal information. As we hunted for similar phishing campaigns, we discovered many more phishing PDF files with fake CAPTCHAs distributed across multiple domains.

Struggling with vault sprawl and NHI secrets? GitGuardian’s new HashiCorp Vault integration helps cybersecurity teams centralize secrets management, reduce blind spots, and strengthen security for today’s intricate infrastructures.

In this episode of Security Matters, we dive into the world of retail technology and cybersecurity. Imagine a bustling retail chain during its busiest shopping season, only to be disrupted by a cyberattack. Our guest, Jason James, Chief Information Officer (CIO) at Aptos Retail, shares his insights with host David Puner on how to stay ahead of these threats.

Only allowing one test story at a time when change control is enabled is restricting. That’s why builders can now create multiple drafts in a story. Set changes live faster by duplicating drafts and publishing smaller edits first. And in the spirit of speed and efficiency, easily delete drafts from a story using the API. Read more on change control →

Cyber threats are changing at an alarming rate in today's digital world. Because of this, cybersecurity is a major concern for companies of all kinds. However, it might be expensive and resource-intensive to have an internal security staff. Additionally, the constantly shifting threat scenario makes it difficult. Here's when MSSP cyber security is useful. A Managed Security Services Provider (MSSP) provides quick incident response, ongoing monitoring, and professional threat detection outsourcing.

We are often asked how Rubrik Security Cloud differs from AWS Backup. It's a valid question because, at first glance, the two solutions seem similar. Both have cloud-first, API-driven architectures. Both are built specifically to ensure reliable backup and recovery for data stored across AWS. Both support a wide range of the most popular AWS workloads including EC2, EBS, S3, RDS and EKS.

AI has made good on its promise to deliver value across industries: 77% of senior business leaders surveyed in late 2024 reported gaining a competitive advantage from AI technologies. While AI tools allow developers to build and ship software more efficiently than ever, they also entail risk, as AI-generated code can contain vulnerabilities just like developer-written code. To enable speed and security, DevSecOps teams can adopt tools to integrate security tasks into developer workflows.

Businesses must manage IT operations and cybersecurity in the day-to-day and ever-evolving digital world, which is becoming more and more complicated. Cyber threats, system warnings, and the increasing amount of data are too much for traditional IT management techniques to handle. This is where artificial intelligence for IT operations changes the game.

The long-anticipated CMMC rule (CFR 32) is now live, marking a crucial turning point for defense contractors. The Compliance Team at CISO Global recently passed our CMMC Audit and are well on the way to becoming a CMMC Certified Third-Party Assessor Organization, or C3PAO. Although CMMC’s arrival brings new challenges, there’s a practical solution that can make compliance more manageable: enclaves. Before we explore this approach, let’s understand where we are in the CMMC journey.