Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

One of the most pressing cyber threats businesses face today is the rampant rise in leaked credentials. Data from Cyberint, a Check Point company, reveals a staggering 160% increase in leaked credentials so far in 2025 compared to 2024. This isn’t just a statistic; it’s a direct threat to your organization’s security.

Cloud complexity is growing. So are the risks—and the opportunities. As organizations scale their infrastructure across hybrid environments to innovate quickly, security strategies must evolve just as fast. The rapid adoption of multi-cloud environments and the proliferation of human and machine identities have intensified the challenge.

If you think AI-generated code is saving time and boosting productivity, you’re right. But here’s the problem: it’s also introducing security vulnerabilities… a lot of them. In our new 2025 GenAI Code Security Report, we tested over 100 large language models across Java, Python, C#, and JavaScript. The goal? To see if today’s most advanced AI systems can write secure code. Unfortunately, the state of AI-generated code security in 2025 is worse than you think.

It seems everyone loves phishing attacks. Trustwave's Ed Williams, Vice President of SpiderLabs, during a recent Trustwave webinar, discussed the ongoing threat posed by the increasingly sophisticated phishing incidents that remain the primary vector for initial access in cyberattacks. What Williams interestingly noted was that threat actors are not the only group using phishing to gain access to organizations.

Every pipeline shift introduces a new blind spot. SAST catches coding flaws, and SCA catches dependency risks; however, as delivery moves to CI/CD, new risks have emerged, not in the code itself, but in how it is executed. From broken access controls and authentication drift to logic flaws behind feature flags, these threats show up in production. Continuous DAST in CI/CD pipelines isn’t just “another layer” but a runtime check that’s most likely to catch what gets exploited.

DAST often underdelivers, not because the tool is broken, but because it’s misapplied. It gets dropped into pipelines without strategy, runs against partial environments, skips authenticated areas, and generates findings that teams ignore. The result is predictable: wasted cycles and lost credibility. DAST best practices focus on addressing operational failures that render scans ineffective.

Your app isn’t just HTML anymore. It is containers talking to microservices, SPA front ends calling GraphQL, and third‑party SDKs everywhere. That mix creates blind spots and unpredictable OWASP Top 10 gaps. Continuous DAST looks through every layer, including mobile backends, APIs, and container workloads, simulating attacker behaviour across your entire technology stack. Hence, no more guessing which component hides the next SSRF, injection, or misconfiguration.

You may have read our recent blog about the EgnyteGov platform achieving FedRAMP Moderate Equivalency, and why it’s a significant milestone. In this latest blog, I’ll explain how Egnyte’s FedRAMP Moderate Equivalency benefits our current and prospective customers in managing their critical data.

Pharma fraud: How illegal online pharmacies endanger your health and your wallet Even when a website looks legitimate, buying medicine online can expose you to scams that might seriously impact your finances, data or even physical health. When you’re in urgent need of medication – whether it’s a routine antibiotic, a high-demand weight loss treatment, or something more private – the internet can seem like the quickest, most discreet option.

Ransomware activity continues to increase, and Bitsight data illustrates the scale of this growth. In our State of the Underground 2025 report, Bitsight TRACE observed a nearly 25% rise in unique ransomware victims publicly listed on leak sites. Additionally, the number of leak sites operated by ransomware groups grew by 53%.