Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

North Korean threat actor Kimsuky has escalated its social engineering tactics by leveraging military ID deepfakes to deceive South Korean targets. According to a recent analysis by South Korean cybersecurity firm Genians, the group is now using AI-generated images to impersonate military personnel, making phishing campaigns more convincing and harder to detect.

The cybercrime world took a major hit this month with the RaccoonO365 domain takedown, a coordinated move by Microsoft’s Digital Crimes Unit (DCU) and Cloudflare. By seizing 338 malicious domains, investigators disrupted a sprawling phishing-as-a-service ( PhaaS) network that had stolen more than 5,000 Microsoft 365 credentials across 94 countries. This action signals a shift toward large-scale, proactive disruption of phishing operations that exploit everyday users and global enterprises alike.

CrowdStrike is introducing Risk-based Patching in CrowdStrike Falcon for IT to close the gap between security and IT teams. With AI-powered Risk-based Patching and CrowdStrike Falcon Exposure Management, organizations can identify, prioritize, and fix the vulnerabilities most critical to them through a single console and workflow while accelerating security and IT consolidation.

CrowdStrike is unveiling groundbreaking innovations across Counter Adversary Operations. Threat AI, a system of AI-powered agents built on the CrowdStrike Falcon platform, is the industry’s first agentic threat intelligence system. It provides mission-ready agents to reason, hunt, and take action against any stage of adversary activity. In addition, the new Threat Intelligence Browser Extension for Google Chrome extends intelligence everywhere analysts work.

AI is transforming how organizations operate, from automating workflows to fueling innovation and competitive advantage. It’s the backbone of the modern enterprise. But while the opportunities AI presents are enormous, they come with new risks: models can be stolen, cloud workloads can be hijacked, and data can be poisoned. Every layer of the AI stack — from GPUs and training data to inference pipelines and SaaS apps — is a new target.

With time, effort, and a blessing from the LinkedIn networking Gods, a high-level executive's identity can be transformative for a company. More than just a name and title, these executives become symbols of authority and trust, someone employees, customers, and partners instinctively follow. Personas like Elon Musk and Tim Cook instill confidence and belief in their employees and consumers by championing their products and their ethos.

A trend that has long been on the rise is finally having its day. A recent industry report revealed that 91% of security professionals believe that ultimate accountability for cybersecurity incidents lies with the board itself, not with CISOs or security managers. If the security discussion hadn’t fully made its way into C-suite conversations before, it has now.

The healthcare industry, despite being highly regulated, is one of the most targeted for breaches, necessitating tight measures. While these measures are necessary, they often restrict the free flow of information, critical for analysing patient outcomes and improving internal operations. Tokenization has long been a reliable method for masking protected health information (PHI). But not all tokenization is created equal.

Financial cybersecurity has never been a static discipline. Over two decades in this industry, I’ve seen it transform from a compliance checkbox to a cornerstone of business resilience—usually after a painful lesson. Today, we’re heading into the most significant paradigm shift for financial security since online banking: the convergence of artificial intelligence and machine identity governance.