As with previous years, we asked identity and fraud experts to reflect on the closing year and share a few predictions for the next. You’ll get unique perspectives from fraud fighters, researchers, and an executive. We asked them about unexpected fraud trends, which tactics will become more valuable, leadership’s changing perceptions, and AI, of course. But we kicked things off with a lighthearted question.

React2Shell is the name commonly used to describe a set of critical vulnerabilities affecting React Server Components (RSC) and frameworks that rely on them, including Next.js. Since disclosure, security teams have observed continued exploitation attempts targeting exposed applications, with attackers abusing the vulnerability to gain unauthorized code execution on affected servers.

AI agents connect to APIs, execute code, move data, and make decisions with real permissions in live production environments — introducing a new class of security risks. To help organizations stay ahead, the OWASP GenAI Security Project released the OWASP Top 10 for Agentic Applications 2026. In this post, we’ll provide a summary of each agentic AI risk category defined by OWASP, along with actionable next steps to begin securing your agentic AI projects in 2026 and beyond.

Information security management is now seen as highly important by consumers, and ISO 27001 is the highest accolade within this expectation. By 2025, ISO 27001 certification will be more than just a nice-to-have. It’ll be essential for many organizations, especially newer startups that offer services to big companies.

Artificial intelligence is transforming how organizations operate, innovate, and compete. From employees using GenAI tools to boost productivity to engineering teams building sophisticated AI agents and applications, AI has become central to modern business operations. AI now operates across every part of the enterprise, spanning endpoints, applications, identities, cloud services, data, and SaaS platforms.

In 2015, only about 40% of websites used HTTPS. Today HTTPS is used over 95% of the time. The ACME protocol made that shift possible. The Automatic Certificate Management Environment (ACME) protocol enables software to automatically prove domain control to a certificate authority without any human involvement. No more generating CSRs by hand. No more copy-pasting into web forms. No more waiting for validation emails. ACME largely solved certificate issuance.

It’s evident that the cybersecurity industry took notice of the remarkable growth and maturation Acronis achieved in 2025. Through comprehensive analyst evaluations, rigorous third-party testing and user reviews, leading organizations across the cybersecurity spectrum have validated the development of Acronis as a comprehensive leader in cyber protection. A complete list of analyst reports and user review recognitions, as well as test results Acronis accumulated in 2025, includes.