Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Our latest Phishing Threat Trends Report explores the evolving phishing landscape in 2025, from renewed tactics to emerging attack techniques. Ransomware may be an “old” threat, but new tactics are making people more susceptible than ever. In this edition, we break down a highly advanced attack detected by KnowBe4 Defend that bypassed native security and a secure email gateway (SEG)—and would have been nearly impossible to stop if launched.

There are thousands of people worldwide trying to scam you, hoping they can make you a victim, steal your money, and harm you in some way. While some of it is done by individuals or small gangs of people, a lot of it happens on an industrialized scale. In countries around the world, there are large teams of people living and working together, controlled by managers, with profits going up the corporate ladder to people who think they are the next Elon Musk.

Threat actors are abusing Microsoft’s infrastructure to launch phishing attacks that can bypass security measures, according to researchers at Guardz. The attackers compromise multiple Microsoft 365 tenants in order to generate legitimate transaction notifications that contain phishing messages.

Kubernetes has revolutionized how we deploy and manage applications at scale. One of its key components is the way it handles storage – especially when it comes to persistent storage for stateful applications. In this article, we will dive into converting a Persistent Volume Claim (PVC) to a CSI-backed Persistent Volume (PV) and explore various Container Storage Interface (CSI) drivers available for Kubernetes, including AWS EBS, Azure, GlusterFS, and others.

Research is the cornerstone of CrowdStrike’s focus on innovation, and it enables us to stay a step ahead of the most sophisticated adversaries. The work of our dedicated team of researchers and data scientists is reflected in the industry-leading protection delivered by the AI-native CrowdStrike Falcon platform. This team is not only involved in groundbreaking new developments — it is also constantly exploring ways to make existing cybersecurity technology more effective.

In today’s competitive digital landscape, data is at the heart of business operations. Every transaction, login, and digital interaction generates data, which, when leveraged effectively, drives growth, enhances customer experiences, and improves operational efficiency. However, collecting and managing this data comes with risks—particularly through data logging and data hashing.

Over the years, we have framed our Application Security features against market-defined product groupings such as Web Application Firewall (WAF), DDoS Mitigation, Bot Management, API Security (API Shield), Client Side Security (Page Shield), and so forth. This has led to unnecessary artificial separation of what is, under the hood, a well-integrated single platform.

Forrester Research has recognized Cloudflare as a Leader in it's The Forrester Wave: Web Application Firewall Solutions, Q1 2025 report. This market analysis helps security and risk professionals select the right solution for their needs. According to Forrester: In this evaluation, Forrester assessed 10 Web Application Firewall (WAF) vendors across 22 criteria, including product security and vision. We believe this recognition is due to our continued investment in our product offering.

You’ve spent several hours meticulously designing your application, ensuring that every line of code is flawless. Everything looks perfect, and you deploy it with confidence. But then things take an awkward turn. Your secure connections start to fail, leaving you scratching your head and wondering what went wrong. SSL/TLS issues can be incredibly frustrating for DevOps teams, often leading to hours of debugging and troubleshooting.

Discover all the ways IT automation can transform efficiency, security, and innovation in your organization with this comprehensive guide.