Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In late July 2025, Arctic Wolf observed an increase in ransomware activity targeting SonicWall firewall devices for initial access. In the intrusions reviewed, multiple pre-ransomware intrusions were observed within a short period of time, each involving VPN access through SonicWall SSL VPNs. While credential access through brute force, dictionary attacks, and credential stuffing have not yet been definitively ruled out in all cases, available evidence points to the existence of a zero-day vulnerability.

Today, we’re thrilled to announce Mend Forge, our new AI native innovation engine and your window into what’s next in application security. At Mend.io, we believe that security innovation shouldn’t happen in a black box. The security landscape is shifting fast, driven by the explosive growth of AI generated code, AI powered applications, and rapidly evolving software supply chains.

In late July 2025, users discovered that ChatGPT chats, initially shared via link, were appearing in search engine results on platforms such as Google, Bing, and DuckDuckGo. These shared conversations included personal content relating to mental health, career concerns, legal issues, and more, without any indication of a data breach. Instead, the exposure resulted from a now-removed feature that enabled discoverability via search indexing.

On May 16th, 2025, the Japanese Parliament enacted a landmark piece of cybersecurity legislation: the Japan Active Cyberdefense Law. It was a historic moment for the country's digital defense, empowering law enforcement and military agencies to conduct pre-emptive cyber operations before they materialize.

Microsoft E5 can be an excellent security investment, but without targeted configuration, integration, and continual threat alignment, its value remains untapped. Over the years, building out custom SOC, MDR, and MXDR services has shown us how to move from licenced capability to reduced response times, cleaner telemetry, and security teams who trust the picture in front of them.

IT leaders tell me the same story repeatedly. They’ve built large, sometimes expensive, security stacks, but they don’t trust them. Dozens of tools are running across the estate: separate agents, standalone scanners, multiple SIEMs, and identity providers layered on top of Microsoft’s native stack. Despite this, gaps remain. When you peel back these stacks, we often find redundant technology performing overlapping functions but not integrating well.

We can all agree that Microsoft 365 powers the daily operations of many modern organizations. These often include data critical for business continuity, which simply flows through Teams, OneDrive, and SharePoint; therefore, even a short service outage could negatively impact productivity or regulatory compliance. However, despite its importance, disaster recovery, or DR, for Microsoft Office is often misunderstood or assumed to be fully covered by Microsoft.

Having a dependable internet connection is necessary in today's connected world. However, what can one do if he experiences the following: video call freezing, online game lagging, and file transfers stalling? The probable cause is packet loss, which everyone must learn to enjoy uninterrupted, high-performance internet.

Your security team just flagged a critical vulnerability in production that last cycle’s scan missed. Now you are juggling incident tickets, compliance gaps, and a CISO demanding answers. This is not about blame. It’s about coverage. In environments where containers spin up and down every second, endpoints scatter across continents, and CI/CD pipelines deploy code multiple times a day. Traditional scanners simply can’t keep pace.

When most people think about Identity and Access Management (IAM), they picture employees logging into systems. But in reality, the majority of access requests today come from non-human identities such as service accounts, automation scripts, containers, bots and APIs. These identities power modern infrastructure. They deploy code, manage resources, sync data and trigger processes. While they are essential, they also contribute to a massive attack surface that continues to grow.