%term

Zero-day vulnerabilities: what they are and how to respond

Dec 30, 2025 By Adoniel Martinez In Sentrium

Zero-day vulnerabilities often attract attention and concern because of their unpredictability. They are, by definition, weaknesses that are unknown to software vendors and therefore have no official fix at the point of discovery. When discovered and exploited by malicious actors, they allow attackers to bypass controls before organisations even realise there is a problem.

Read Post

Sentrium

Read more about Zero-day vulnerabilities: what they are and how to respond

Quantum Threats to Machine Learning: The Next Security Reckoning

Dec 30, 2025 By Exabeam In Exabeam

At Exabeam, we’ve built our foundation on innovation in machine learning and artificial intelligence technologies that have transformed how organizations detect and respond to threats. We take pride in the rigor of our model security: encrypted data, tightly controlled access, continuous validation, and relentless red teaming. But true security isn’t about reaching a finish line; it’s about anticipating what’s next.

Read Post

Exabeam

Read more about Quantum Threats to Machine Learning: The Next Security Reckoning

Authenticate Users in Joomla Using the REST API: A Practical Guide for Developers

Dec 30, 2025 By Identity & Access Management (IAM) In miniOrange

Modern Joomla applications are no longer limited to traditional website workflows. Today, Joomla powers mobile apps, headless frontends, third-party integrations, and backend services that rely heavily on REST APIs. In all these cases, secure API authentication becomes a foundational requirement.

Read Post

miniOrange

Read more about Authenticate Users in Joomla Using the REST API: A Practical Guide for Developers

The CISO's Take: Navigating Cyber Risk in Financial Services

Dec 30, 2025 By SecurityScorecard In SecurityScorecard

“If you are solving problems at human speed, you are at a huge disadvantage, because your attackers are operating at machine speed.” As cyber risk – in both the financial services sector and more broadly – accelerates at the pace of automation and AI, securing our future requires practitioners to be more strategic than the threat actors after our assets.

View Video

SecurityScorecard

Read more about The CISO's Take: Navigating Cyber Risk in Financial Services

LevelBlue SpiderLabs: Ransomware Attacks Up 17% in 2025

Dec 30, 2025 By LevelBlue In LevelBlue

Ransomware attacks increased by 17.2% percent year-over-year in 2025, with the group Qlin dominating the threat landscape, according to data generated by the LevelBlue SpiderLabs team. These attacks focused primarily on the manufacturing and technology sectors, with the US by far being the most targeted nation. 2025 continued the trend of yearly increases; however, over the last few years, the rate of attacks has somewhat slowed.

Read Post

LevelBlue

Read more about LevelBlue SpiderLabs: Ransomware Attacks Up 17% in 2025

SecurityScorecard CISO Steve Cobb as Cyber Santa | Cyber Santa's 2026 Predictions

Dec 30, 2025 By SecurityScorecard In SecurityScorecard

The New Year is upon us and with a new year comes new changes. Cyber Santa is back with his predictions for the coming year and how cyber will evolve in the next 365 days. SecurityScorecard CISO Steve Cobb returns in his jolly red hat and white beard to shake his snow globe and see what's ahead for the cybersecurity industry in 2026 and what you need to know going into the new year. CISO responsibility, data sprawl, and AI governance are the top 3 on the list of emerging priorities.

View Video

SecurityScorecard

Read more about SecurityScorecard CISO Steve Cobb as Cyber Santa | Cyber Santa's 2026 Predictions

Jon Oltsik: Shifting Left and Threat Informed Defense

Dec 30, 2025 By Nucleus Security In Nucleus

Security researcher and analyst Jon Oltsik talks about the importance of shifting lift and employing threat informed defense in this short clip.

View Video

Nucleus

Read more about Jon Oltsik: Shifting Left and Threat Informed Defense

2025 Data Security Insights and Resources to Prepare for 2026

Dec 30, 2025 By Irena Mroz In archTIS

Data security in 2025 was less about reacting to breaches and more about surviving in a world where data is everywhere, attackers are faster, and trust is fragile. While the core goal of protecting sensitive information hasn’t changed, how organizations approach security has evolved significantly.

Read Post

archTIS

Read more about 2025 Data Security Insights and Resources to Prepare for 2026

Third-Party Risk Management: Best Practices and Trends

Dec 30, 2025 By foresiet In Foresiet

In the quiet corners of the darknet, threat actors aren’t always looking for a way to break through your front door. Instead, they’re hunting for the “side door”—the niche cloud provider you use for analytics, the marketing firm with access to your customer data, or the logistics partner with a direct line into your ERP. As we move into 2026, Third-Party Risk Management(TPRM) has evolved from a periodic compliance exercise into a high-stakes game of digital chess.

Read Post

Foresiet

Read more about Third-Party Risk Management: Best Practices and Trends

New ConsentFix Technique Tricks Users Into Handing Over OAuth Tokens

Dec 30, 2025 By KnowBe4 Team In KnowBe4

Researchers at Push Security have observed a new variant of the ClickFix attack that combines “OAuth consent phishing with a ClickFix-style user prompt that leads to account compromise.” The technique, which the researchers call “ConsentFix,” tricks victims into copying and pasting a localhost URL containing an authorization token, then pasting it into a phishing page.

Read Post