%term

WatchGuard Threat Lab's top six cybersecurity predictions for 2026

Dec 2, 2025 By WatchGuard In WatchGuard

WatchGuard has revealed its top six cybersecurity predictions for 2026, forecasting a year where AI-driven threats, regulatory pressures, and the decline of legacy tools will reshape the security landscape. Corey Nachreiner, chief security officer at WatchGuard Technologies, emphasises that organisations must prepare for rapid evolution in both attack methods and defensive strategies.

Read Post

WatchGuard

Read more about WatchGuard Threat Lab's top six cybersecurity predictions for 2026

Reach Security Ranked #5 on the TechRound100 | Exposing and Fixing Real Security Risk

Dec 2, 2025 By Reach Security In Reach Security

Honored to share that Reach Security has been named on the TechRound100, recognizing the most impactful and innovative startups of the year. This milestone reflects the problem we’re focused on solving: most organizations don’t lack tools—they lack visibility into how those tools are actually deployed. By exposing misconfigurations, shallow deployments, and missing protections, Reach helps teams fix the risks that matter most before they become incidents.

View Video

Reach Security

AI
Security

Read more about Reach Security Ranked #5 on the TechRound100 | Exposing and Fixing Real Security Risk

Cato CTRL Threat Research: From Productivity Boost to Ransomware Nightmare - Weaponizing Claude Skills with MedusaLocker

Dec 2, 2025 By Inga Cherny In Cato Networks

Claude Skills is a new feature from Anthropic that has gained rapid adoption, with more than 17,000+ GitHub stars already since its launch in October 2025, allowing users to create and share custom code modules that expand Claude’s capabilities and streamline workflows. But as this ecosystem grows, Cato CTRL uncovered a serious oversight into how Skills are executed.

Read Post

Cato Networks

Read more about Cato CTRL Threat Research: From Productivity Boost to Ransomware Nightmare - Weaponizing Claude Skills with MedusaLocker

Introducing Persona's Ashby integration

Dec 2, 2025 By Jenna Kim In Persona

Hiring teams face a new reality: your recruiters are now the first line of defense against workforce security threats. Gartner predicts that by 2028, one in four candidate profiles worldwide will be fake. Multiple forces are already paving the way for this surge in fake candidate identities.

Read Post

Persona

Read more about Introducing Persona's Ashby integration

Defining and Defending Against a Zero Day Attack

Dec 2, 2025 By LevelBlue In LevelBlue

Unexpected attacks are the hardest to fend off. In the realm of cyber, Zero Day vulnerabilities are among the greatest risks, as these software flaws are unknown and exploited before a fix is available, potentially compromising the thousands of organizations that are unwittingly using vulnerable software.

Read Post

LevelBlue

Read more about Defining and Defending Against a Zero Day Attack

Secure Your AWS Cloud with Falcon Next-Gen SIEM: Seamless Integration & Intelligent Detection

Dec 2, 2025 By CrowdStrike In CrowdStrike

See how Falcon Next-Gen SIEM delivers instant, frictionless integration with AWS for full visibility in minutes. Watch how pre-built detections analyze every API call, connecting events into clear attack stories. With automated response playbooks that take immediate action, you can detect faster, respond smarter, and stop cloud threats before they spread. CrowdStrike Falcon Next-Gen SIEM: Consolidate security operations with the world’s most complete AI-native SOC platform.

View Video

CrowdStrike

Read more about Secure Your AWS Cloud with Falcon Next-Gen SIEM: Seamless Integration & Intelligent Detection

Your SaaS Integrations are Leaking Sensitive Data - Salesloft /Salesforce incident #aws #apisecurity

Dec 2, 2025 By Wallarm In Wallarm

The Salesloft/Salesforce incident revealed the danger of BLA 5: Artifact Lifetime Exploitation. The flaw is simple: the application fails to expire tokens and sessions properly. Stolen OAuth tokens that should have been short-lived were used to steal AWS keys, Snowflake tokens, and passwords. Key Takeaway: If an artifact is meant to be short-lived (a token, a session, a temporary file), it must be retired immediately upon expiration. Rotate your keys aggressively!

View Video

Wallarm

Read more about Your SaaS Integrations are Leaking Sensitive Data - Salesloft /Salesforce incident #aws #apisecurity

Mutual TLS (mTLS) Authentication - A Complete Guide

Dec 2, 2025 By Tiexin Guo In GitGuardian

mTLS, or mutual Transport Layer Security, is a mechanism that establishes two-way authentication between two parties, ensuring they are who they claim to be.

Read Post

GitGuardian

Read more about Mutual TLS (mTLS) Authentication - A Complete Guide

3 takeaways from the 2025 EDUCAUSE annual conference

Dec 2, 2025 By Sam Breitbach In Persona

This year's EDUCAUSE brought together leaders from IT, security, enrollment, and student services. The theme, “Restoring Trust,” reflects the challenges that higher education institutions and professionals are facing. Fraudsters are using new tools and techniques to target faculty and students. Whether they’re trying to gain access to sensitive information or steal student aid, the potential danger is real.

Read Post

Persona

Read more about 3 takeaways from the 2025 EDUCAUSE annual conference

How Generative AI is Changing the DLP Landscape

Dec 2, 2025 By Bruce Chen In Cyberhaven

Generative AI has revolutionized productivity, but it has also introduced a new class of data risk that legacy DLP tools simply can’t see. From engineers pasting source code into ChatGPT to marketers rewriting strategy docs, sensitive IP is leaving the browser through "Shadow AI" channels daily. Learn why traditional pattern matching fails against LLMs and how a data lineage approach secures AI usage without halting innovation.

Read Post