Email has been the backbone of business communication for decades and as such, it remains the attacker’s favorite doorway into an organization. Phishing, Business Email Compromise (BEC) and supply-chain attacks continue to rise, with adversaries leveraging AI and compromised accounts to bypass legacy defenses. This presents many challenges for CISOs, IT Directors and SOC teams alike: it seems pretty clear that threats are evolving faster than traditional email security can keep up.

PAM solutions increasingly focus on zero standing privilege, just-in-time access, and session visibility to reduce identity-based risk and meet Zero Trust and cyber insurance requirements. Organizations should evaluate PAM platforms based on deployment flexibility, identity integration, and operational overhead.

Researchers at Gen warn that a phishing campaign is attempting to trick users into linking malicious devices to their WhatsApp accounts. The attack begins with an unsolicited message stating, “Hey, I just found your photo!” along with a link to a spoofed Facebook login page. Instead of trying to steal users’ Facebook credentials, however, the attackers are attempting to gain access to victims’ WhatsApp accounts.

In 2025, we saw attackers get bolder and smarter, using AI to amplify old tricks and invent new ones. The reality is, innovation cuts both ways. If you have tools, AI is going to make them even more dangerous. Last year proved that every leap forward in technology brings new risks right alongside the rewards. At CyberArk Labs, our mission is to uncover hidden vulnerabilities and provide actionable insights that help organizations fortify their defenses.

Founded in 1983 as a non-profit health care system, Covenant Health, Inc. sponsors skilled nursing homes, hospitals, assisted living residences, rehabilitation centers, and some health and elder services across New England.

Traditional cybersecurity operates on a simple premise: Keep cyberthreats out by building higher walls, adding more locks and deploying additional firewalls. But what happens when prevention fails? What happens when ransomware doesn't just breach your perimeter but spreads across your redundant systems, turning your backup infrastructure into a liability? The average ransomware claim now exceeds $1.18 million. For many organizations, that's not just a financial hit but a threat to their survival.

I’m excited to announce CrowdStrike’s agreement to acquire SGNL, a leader in identity-first security. This acquisition will extend CrowdStrike Falcon Next-Gen Identity Security to deliver continuous, context-aware authorization for human, non-human, and AI agent identities across SaaS and hyperscaler cloud environments. As risk conditions and threats change, access to applications, data, and AI agents should change with them.

Here’s a conversation that keeps happening: A compliance team passes their PCI audit in June. By September, they’ve had a card skimming incident traced to a third-party script nobody knew was running on their checkout page. Their tools didn’t catch it because none of them could actually see what was executing in the customer’s browser. That’s the gap PCI DSS 4.0.1 is forcing everyone to address.

Why Cloud Visibility Has Become Such a Pain Point for Enterprises Managing cloud visibility today feels overwhelming because your environment expands in ways you cannot always track. New cloud accounts appear before onboarding is complete, SaaS applications connect to production systems without security review, and identities multiply each time a new service is deployed. You are expected to monitor and protect an environment that evolves faster than documentation or tooling.