Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk

SHA1-Hulud, npm supply chain incident

Nov 24, 2025 By Brian Vermeer In Snyk
On November 24th, 2025, we identified a new supply chain attack in the npm ecosystem, referred to as SHA1-Hulud. We believe this is a second wave of the Shai-Hulud attack, which occurred in September 2025. Snyk will continue monitoring this active incident until it is resolved. Updates on this incident will be on our trust center.
Read Post

SPARK 2025: B2C2 CEO Cactus Raazi on Institutional Liquidity & Stablecoin Conversions w/ Fireblocks

Nov 24, 2025 By Fireblocks In Fireblocks
SPARK 2025 | Customer Story In this discussion from SPARK 2025, Cactus Raazi, CEO of The Americas at B2C2, shares invaluable insights on the institutional adoption of digital assets, the strategic partnership between B2C2 and Fireblocks, and the future of stablecoins in the real economy.
View Video

Are Passwords Really Dead in 2025?

Nov 24, 2025 By Razorthorn Security In Razorthorn
Our latest discussion tackles persistent challenges in cybersecurity, specifically focusing on identity and access management (IAM). Experts highlight how attackers are now logging in rather than breaking in, underscoring the critical need for robust password encryption policies. This shift puts a spotlight on effective data protection and online security measures to safeguard against evolving threats.
View Video

Solving Al Agent Sprawl: API Governance Across Multi Gateway Environments

Nov 24, 2025 By Salt Security In Salt Security
As organizations accelerate adoption of AI agents, autonomous workflows powered by LLMs and MCP servers are rapidly proliferating across internal systems, partner networks, cloud environments, and API gateways. The result? A sprawling, often invisible attack surface: shadow APIs, duplicate endpoints, context drift, unmanaged agent access, inconsistent policies, and risk of data exposure or compliance failures.
View Video

OWASP Top 10 2025 Edition - The 443 Podcast - Episode 350

Nov 24, 2025 By WatchGuard Technologies In WatchGuard
This week on the podcast, we cover OWASP’s update to the top 10 web application security weaknesses and its changes from the 2021 list. We also cover a recently uncovered adversary-in-the-middle campaign that’s pushing malicious software updates to targeted systems. We conclude with our opinions on Microsoft’s latest AI features, which are coming to Windows.
View Video
protecto

Why User Consent Is Revolutionizing LLM Privacy Practices

Nov 24, 2025 By Protecto In Protecto
Ask most people what “consent” means and you’ll hear about a banner that asks to collect cookies. That was yesterday. Modern LLMs ingest emails, tickets, docs, chats, and logs. They create embeddings, reference snippets with retrieval, and sometimes fine-tune on past conversations. If you do not wire user consent into each of those steps, you either violate laws, lose user trust, or both. That is why user consent is revolutionizing LLM privacy practices.
Read Post
cloudflare

Get better visibility for the WAF with payload logging

Nov 24, 2025 By Paschal Obba In Cloudflare
As the surface area for attacks on the web increases, Cloudflare’s Web Application Firewall (WAF) provides a myriad of solutions to mitigate these attacks. This is great for our customers, but the cardinality in the workloads of the millions of requests we service means that generating false positives is inevitable. This means that the default configuration we have for our customers has to be fine-tuned.
Read Post
WatchGuard

The Efficiency Shift: How AI Turns Noise into Clarity

Nov 24, 2025 By Iratxe Vazquez In WatchGuard
Artificial intelligence (AI) is everywhere in cybersecurity marketing. Real AI is not about detecting more. It is about making decisions faster and more precisely, so that humans can spend their time on what truly matters. Endpoint security efficiency is the ability to deliver maximum protection with minimum operational effort, turning noise into clarity and alerts into meaningful incidents. AI is the engine that makes this possible.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.