Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A newly disclosed vulnerability in Ivanti Connect Secure (ICS) VPN appliances has been weaponized in the wild by a Chinese nation-state threat actor, UNC5221. Tracked as CVE-2025-22457, this critical stack-based buffer overflow vulnerability allows unauthenticated remote attackers to execute arbitrary code, posing a significant risk to enterprise networks.

On March 25, 2025, NIST released the initial public draft of NIST SP 800-228, "Guidelines for API Protection for Cloud-Native Systems." The document provides a comprehensive framework for securing APIs in cloud-enabled environments. However, for organizations looking to align with these objectives, the tooling requirements may seem initially overwhelming. Fortunately, Wallarm helps streamline the process by integrating many of these recommendations into a single, cloud-native solution.

Read also: Five Smokeloader botnet customers arrested, servers seized, alleged "Scattered Spider" member pleads guilty, and more.

Software supply chain attacks cost businesses $45.8 billion globally in 2023 alone, and is projected to exceed $80.6 billion by 2026. According to Gartner’s projection, 45% of organizations will experience software supply chain attacks this year. These emphasize the importance of software supply chain security and the need for every organisation to prioritize it.

Let’s explore what iOS Supervised Mode is and how it enhances security and control over company-owned iPhones and iPads. The blog will highlight the key features, differences from unsupervised mode, and step-by-step guidance on enabling supervision using miniOrange MDM solutions.

QR code phishing accelerates as tactics evolve, LockBit 3.0 rebrands as Babuk Locker 2.0 ransomware, and Qilin affiliates target the downstream customers of an MSP.

CrowdStrike has won the 2025 Google Cloud Security Partner of the Year Award for Workload Security, recognizing our leadership in securing cloud environments at scale. Announced at Google Cloud Next 2025, the award highlights our commitment to joint innovation and delivering best-in-class protection for Google Cloud customers. As part of this growing partnership, we also introduced new CrowdStrike Falcon Cloud Security enhancements purpose-built for Google Cloud environments.

The rise of blockchain has fundamentally reshaped the financial ecosystem. Since Bitcoin’s genesis in 2009, permissionless blockchains have introduced an open, decentralized model for transacting value—fueling everything from DeFi to NFTs. Meanwhile, traditional financial institutions (FIs), drawn to the benefits of blockchain yet cautious of its risks, have leaned into permissioned systems that offer control, privacy, and compliance.

ISO 42001 takes a risk-based approach and structure like other ISO standards and covers: with a focus on AI governance. Under the Annex A, it provides a list of controls, used to manage AI risks and ensure responsible deployment of AI systems. Under Annex B, it explains how to implement these controls, giving organisations the flexibility to adapt them based on their specific needs.