Cursor AI has quickly become the hot AI code editor, rapidly gaining popularity with developers looking to write code faster and more efficiently. But while Cursor accelerates coding, how can devs trust that Gen AI code is secure?

The intersection of IoT (Internet of Things) and OT (Operational Technology) in healthcare has become a focal point in securing critical infrastructure. With the industry accounting for 9% of global GDP and integrating thousands of devices, from bedside monitors to surgical robots, the stakes couldn’t be higher. The journey from isolated systems to hyper-connected healthcare environments has unlocked unparalleled efficiency and innovation. Yet, it has also introduced unprecedented security risks.

As 2024 comes to a close, we went around the room and asked some of Trustwave’s top executives what cybersecurity issues and technology they saw playing a prominent role in 2025. Over the next several weeks their thoughts will be posted here, so please read on and stay tuned! As we approach 2025, cybersecurity landscapes are set to evolve in unprecedented ways, with artificial intelligence (AI) taking center stage for both cyber defenders and threat actors alike.

Mobile app security testing tools are like a unified command center for enterprise organizations. They automate the detection of potential threats, standardize testing protocols across agencies, help prioritize risks, and enable rapid response to the most critical threats. If your organization has several mobile applications developed by multiple third-party vendors, fragmented security oversight and inconsistencies in app development must be commonly observed.

Shadow IT refers to the use of information technology systems, devices, software, applications, and services without explicit approval from an organisation's IT department. While it sounds sinister, and has certain implications, it is not always done maliciously or with the intent of breaching security. It encompasses a wide range of digital activities where employees leverage unapproved tools to be more productive or achieve specific goals.

We recently started a new blog series featuring our CEO and co-founder Rom Carmel. In this series, we discuss real issues from the field. So, check out what Rom Carmel has to say about the three complaints he hears the most in access management.

Risk management is at the heart of any effective disaster recovery (DR) plan or playbook. No business is immune to disruptions, whether from natural disasters, cyberattacks, or technical failures. The question isn’t if, but when these threats will materialize. A proactive approach to risk management allows businesses to identify, assess, and mitigate these threats before they can bring operations to a standstill.

On the 18th of November 2024, Palo Alto published advisories disclosing two vulnerabilities affecting the Web Management Interface in PAN-OS. The most critical of these vulnerabilities is CVE-2024-0012 with a severity rating of 9.3. Exploitation of this vulnerability allows a remote, unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges.

Identity is the new battleground in today’s rapidly evolving cyber threat landscape. Microsoft Active Directory (AD), a cornerstone of enterprise identity management, is a frequent target for attackers. For organizations, protecting these critical environments without adding complexity is essential. Many organizations struggle to get full visibility into changes made within Active Directory.