A new class of AI-powered browsers are rewriting the rules of data security. While CISOs focus on traditional vectors, employees are unknowingly creating permanent backdoors to your most sensitive data through browsers that remember everything, sync everywhere, and share it all with AI models. The bottom line: If you're not actively protecting against AI browser exfiltration, you're already leaking data. Here's why it's happening, what it costs, and how to stop it today.

We have just released the 2025 State of Cloud Security study, where we analyzed the security posture of thousands of organizations using AWS, Azure, and Google Cloud. In particular, we found that: In this post, we provide key recommendations based on these findings, and we explain how you can use Datadog Cloud Security to improve your security posture.

If you attended AWS re:Invent last year, it probably felt like there was an AI solution for everything. Models, copilots, agents; by the end, someone had to pitch an AI solution to summarize all of the other AI solutions. This year, it may still feel like the AI announcements multiply faster than the models themselves. Under all of the hype, one message still resonates: AI innovation only works when it’s built on a secure foundation.

Organizations across the globe are confronted with a new set of challenges, ranging from shifting regulatory requirements to the rising influence of technology and globalization. It is no longer enough to simply adhere to a list of rules; companies must now embed compliance into the very fabric of their operations to thrive.

As global regulations requiring age-appropriate access to online content and services expand, organizations face a critical challenge: How do you effectively check a user's age without creating a frustrating experience or compromising their privacy? The International Organization for Standardization (the ISO) has provided a clear answer with its new standard, ISO 27566-1.

BlueVoyant’s Threat Fusion Cell (TFC) and Security Operations Center (SOC) have uncovered a cyber campaign that signals a concerning evolution in the threat landscape: the rise of the "LLM-Enabled Developer." In-depth analysis suggests the actor behind an ongoing ClickFix campaign leveraged publicly documented advanced attack chains, powered by AI-generated code, to deploy a less sophisticated, but capable Node.js RAT.

Golden ticket attacks target the KRBTGT account in Active Directory, allowing attackers to forge Kerberos tickets and impersonate domain admins. Tools like Mimikatz make this attack simple and long-lasting, since forged tickets can remain valid for years. Netwrix Threat Manager, Privilege Secure, and Identity Threat Detection & Response (ITDR) help detect anomalies, rotate KRBTGT credentials, and enforce Just-in-Time access to prevent compromise.