%term

The Zero-Markup Domain: Transfer Your Domain to Cloudflare for Price and Security

Dec 15, 2025 By Cloudflare In Cloudflare

Are you tired of rising domain renewal costs and sneaky WHOIS privacy fees? Unlike other registrars that mark up renewal costs, Cloudflare charges you ZERO markup, passing wholesale pricing directly to you. Top 3 Reasons to Transfer: Wholesale Pricing: No markup, ever. You pay what Cloudflare pays. Unbreakable Security: Free WHOIS Privacy and advanced domain locking. Seamless Integration: Instant access to Cloudflare's global CDN and DNS infrastructure.

View Video

Cloudflare

Read more about The Zero-Markup Domain: Transfer Your Domain to Cloudflare for Price and Security

The 2025 Cloudflare Radar Year in Review: The rise of AI, post-quantum, and record-breaking DDoS attacks

Dec 15, 2025 By David Belson In Cloudflare

The 2025 Cloudflare Radar Year in Review is here: our sixth annual review of the Internet trends and patterns we observed throughout the year, based on Cloudflare’s expansive network view.

Read Post

Cloudflare

Read more about The 2025 Cloudflare Radar Year in Review: The rise of AI, post-quantum, and record-breaking DDoS attacks

Arctic Wolf Observes Malicious SSO Logins on FortiGate Devices Following Disclosure of CVE-2025-59718 and CVE-2025-59719

Dec 15, 2025 By Arctic Wolf Labs In Arctic Wolf

In December 12, 2025, Arctic Wolf began observing intrusions involving malicious SSO logins on FortiGate appliances. Fortinet had previously released an advisory for two critical authentication bypass vulnerabilities (CVE-2025-59718 and CVE-2025-59719) on December 9, 2025. Arctic Wolf had also sent out a security bulletin for the vulnerabilities shortly thereafter.

Read Post

Arctic Wolf

Read more about Arctic Wolf Observes Malicious SSO Logins on FortiGate Devices Following Disclosure of CVE-2025-59718 and CVE-2025-59719

CrowdStrike Leads the Way in the 2025 MITRE ATT&CK Enterprise Evaluations

Dec 15, 2025 By CrowdStrike In CrowdStrike

The results of the 2025 MITRE ATT&CK Enterprise Evaluations are in and CrowdStrike excelled, achieving 100% detection, 100% protection, and zero false positives. The MITRE ATT&CK evaluation is an independent assessment that tests how cybersecurity products detect and stop real-world adversary behavior. The 2025 round was the most challenging cross-domain evaluation to date, a true platform test. For the first time, MITRE tested defenses across endpoint, identity, and cloud.

View Video

CrowdStrike

Read more about CrowdStrike Leads the Way in the 2025 MITRE ATT&CK Enterprise Evaluations

Microsoft Office 365 MFA Setup: What Admins Need to Know

Dec 15, 2025 By NAKIVO Team In NAKIVO

In November 2024, Microsoft announced that multi-factor authentication (MFA) would become mandatory for all administrator accounts across Microsoft 365 (formerly Office 365), Azure, and Intune. Starting in 2025, admins without MFA enabled will no longer be able to access Microsoft’s admin portals. This rollout is happening in phases at the tenant level, and administrators who haven’t yet configured MFA will need to update their settings to stay compliant.

Read Post

NAKIVO

Read more about Microsoft Office 365 MFA Setup: What Admins Need to Know

5 fraud and identity experts on 2025-2026 trends

Dec 15, 2025 By Louis DeNicola In Persona

As with previous years, we asked identity and fraud experts to reflect on the closing year and share a few predictions for the next. You’ll get unique perspectives from fraud fighters, researchers, and an executive. We asked them about unexpected fraud trends, which tactics will become more valuable, leadership’s changing perceptions, and AI, of course. But we kicked things off with a lighthearted question.

Read Post

Persona

Read more about 5 fraud and identity experts on 2025-2026 trends

Intel Chat: React2Shell, GeminiJack vulnerability, proRussia hacktivist arrested & Warp Panda [276]

Dec 15, 2025 By LimaCharlie In LimaCharlie

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. Original CrowdStrike article. CISA BRICKSTORM Backdoor breakdown. Analysis report PDF. Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows.

View Video

LimaCharlie

Read more about Intel Chat: React2Shell, GeminiJack vulnerability, proRussia hacktivist arrested & Warp Panda [276]

Understanding React2Shell: Critical Remote Code Execution in React Server Components and Next.js

Dec 15, 2025 By Marcelo Castro Escalada In Outpost 24

React2Shell is the name commonly used to describe a set of critical vulnerabilities affecting React Server Components (RSC) and frameworks that rely on them, including Next.js. Since disclosure, security teams have observed continued exploitation attempts targeting exposed applications, with attackers abusing the vulnerability to gain unauthorized code execution on affected servers.

Read Post

Outpost 24

Read more about Understanding React2Shell: Critical Remote Code Execution in React Server Components and Next.js

OWASP Top 10 for Agentic Applications 2026: Key Takeaways & How to Take Action

Dec 15, 2025 By Jack Pitts In Teleport

AI agents connect to APIs, execute code, move data, and make decisions with real permissions in live production environments — introducing a new class of security risks. To help organizations stay ahead, the OWASP GenAI Security Project released the OWASP Top 10 for Agentic Applications 2026. In this post, we’ll provide a summary of each agentic AI risk category defined by OWASP, along with actionable next steps to begin securing your agentic AI projects in 2026 and beyond.

Read Post