Artificial intelligence (AI) is one of the hottest buzzwords across industries, seemingly connected to almost every aspect of technology. AI models are helping software and tech products take their services to the next level, enhancing speed, accuracy, and efficiency. But this leap forward also introduces a deceptive shadow: AI-powered cybercrime. Companies may feel adequately protected against standard cyber threats, but many underestimate AI-powered cybercrime risks.

Efficient cyber threat detection is the cornerstone of an effective cybersecurity program. This post ranks the top eight cyber threat detection tools dominating the cybersecurity solution market in 2025.

Advocating for a larger budget is a common need for most security professionals. With so many business obligations fighting for priority and funding, even vital concerns like Vendor Risk Management can fall through the cracks. However, third-party cyber risks can devastate businesses in the blink of an eye—meaning maintaining a proper third-party risk management program should be at the top of your priority list.

The explosion of AI has led to the creation of tools that make it more accessible, leading to more adoption and more numerous, less sophisticated users. As with cloud computing, that pattern of growth leads to misconfigurations and, ultimately, leaks. One vector for AI leakage is exposed Ollama APIs that allow access to running AI models. Those exposed APIs create potential information security problems for the models’ owners.

Since the launch of ChatGPT in late 2022, gen AI (generative artificial intelligence) has transformed nearly every facet of our lives, including our professions and workplace environments. Adoption has been driven by employees looking for faster, better ways to perform. For example, applications like ChatGPT, DALL-E, and Jasper are helping employees across industries boost productivity, overcome roadblocks, and brainstorm creative solutions.

Mitel’s MiCollab Unified Communications solutions are widely used by businesses to streamline communications. However, two critical vulnerabilities, CVE-2024-35286 and CVE-2024-41713, have been identified across several versions of Mitel MiCollab. CVE-2024-35286 has been identified in versions 9.8.0.33 and earlier and CVE-2024-41713 has been identified in versions 9.8 SP1 FP2 (9.8.1.201) and earlier.

In August 2022, LastPass suffered a data breach with escalating impact, ultimately resulting in a mass user exodus toward alternative password manager solutions. This post provides an overview of the timeline of events during the LastPass cyber attack and critical lessons to help you avoid suffering a similar fate. Learn how UpGuard streamlines Vendor Risk Management >

External attack surface management (EASM) is the continuous exercise of managing cybersecurity risks associated with an organization’s external-facing digital assets. The process includes monitoring, identifying, reducing, and mitigating risks present across an organization’s external attack surface.

Each year, we revisit our risk rating system to ensure it best reflects the needs of security practitioners safeguarding their organizations and supply chains. For our recentupdate, we’ve made two closely related changes: we’ve recategorized some of our existing findings to make an organization’s risk profile more understandable and recalibrated our scoring algorithm to more clearly illustrate the impact of specific risks.

Humans are often regarded as the weakest link in a cybersecurity program. Whether resulting from manipulative cybersecurity tactics or limited cybersecurity awareness, human errors remain the most prevalent attack vectors in every information security program, no matter how sophisticated your cybersecurity stack may be.