Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

knowbe4

Report: Ransomware Attacks Surged Globally in October

Nov 20, 2025 By KnowBe4 Team In KnowBe4
Ransomware attacks spiked in October 2025, with more than 700 organizations sustaining attacks, according to a new report from Cyfirma. “In October 2025, ransomware activity surged globally, marking a significant resurgence after a period of mid-year stability,” the report says. “Victim counts climbed to 738, driven by renewed campaigns from leading operators and the emergence of several new groups.
Read Post

Are we on the path to AI defenders vs. AI attackers?

Nov 20, 2025 By LimaCharlie In LimaCharlie
Swarms of AI bots are now being used to continuously test security perimeters. In this episode, Michael Baker, VP and Global CISO at DXC Technology, discusses the shift to AI-driven security operations. He recently met with startups working on agentic pentesting to find vulnerabilities before bad guys do. The advantage? You control these bots and get immediate feedback. The threat? Adversaries are building the exact same capabilities right now.
View Video
armo

Introducing CTRL: ARMO's Cloud Threat Readiness Lab

Nov 20, 2025 By Ben Hirschberg In ARMO
If you are dealing with securing cloud infrastructure, containers and applications, you probably have several security tools in place including cloud posture (CSPM/CNAPP), container security and runtime security. Tool coverage might look good on paper, but how can you know they work against real attacks? ARMO CTRL (Cloud Threat Readiness Lab) helps you test your cloud security tools by deploying a safe, controlled attack lab that mimics real attack behaviors end‑to‑end.
Read Post
sumologic

You can't secure what you can't see: Why AgentCore logs matter

Nov 20, 2025 By David Girvin In Sumo Logic
AI agents are finally moving past cute demos and into actual production workflows. With AWS AgentCore, teams can build agents that write tickets, call APIs, deploy infrastructure, invoke external tools, and make changes faster than any human operator ever could. That’s powerful, but it also introduces a brand-new operational and security surface. And here’s the uncomfortable truth: most organizations have no idea what their agents are actually doing. Agentic AI isn’t magic.
Read Post
Zenity

Inside the Agent Stack: Securing Azure AI Foundry-Built Agents

Nov 20, 2025 By Lana Salameh In Zenity
This blog kicks off our new series, Inside the Agent Stack, where we take you behind the scenes of today’s most widely adopted AI agent platforms and show you what it really takes to secure them. Each installment will dissect a specific platform, expose realistic attack paths, and share proven strategies that help organizations keep their AI agents safe, reliable, and compliant.
Read Post
indusface

Cloudflare Outage Nov 2025: Architectural Lessons for Building Resilient Infrastructure

Nov 20, 2025 By Karthik Krishnamoorthy In Indusface
The internet’s fragility was evident again during the recent Cloudflare outage. A single internal fault rippled outward and disrupted major websites and business applications. X, ChatGPT, media platforms, dashboards and thousands of other services simultaneously showed 5xx errors. And this is not new.
Read Post
protecto

How Enterprise CPG Companies Can Safely Adopt LLMs Without Compromising Data Privacy

Nov 20, 2025 By Anwita In Protecto
A major publicly traded CPG company wanted to adopt LLM to improve performance marketing, analytics, and customer experience. However, the IT team blocked AI usage and uploads to external AI tools as interacting with public AI models could expose sensitive brand, consumer, and financial data. This isn’t an isolated problem. It’s a pattern across enterprises: business agility collides with security requirements.
Read Post
safeaeon

How AI-Driven Attacks Are Putting Gmail Security At Risk

Nov 20, 2025 By SafeAeon Inc. In SafeAeon
Gmail has always been a common target for cybercriminals, and with the arrival of advanced AI tools, the threat level has increased significantly. Now, attackers no longer rely on generic phishing emails or scam methods. They are using AI to create convincing messages and imitate real support agents to make attacks look more genuine. This change in attack patterns has made Gmail users more vulnerable because they can’t differentiate between real and fake messages.
Read Post

Ask SME Anything: What is Universal ZTNA?

Nov 20, 2025 By Netskope In Netskope
Most traditional access tools (VPNs, firewalls, and NACs) were never built for today’s hybrid world. If your legacy access tool is slowing you down, you need a different approach. In this episode of Ask SME Anything, Netskope expert Francisca Segovia explains how universal ZTNA redefines secure access for every user and device, anywhere. Life’s too short for slow connections. Reimagine your access architecture now with universal ZTNA from Netskope.
View Video

Stateless vs. Stateful: The Difference in Cyber Attacks #StatefulAttack #businesslogic #apisecurity

Nov 20, 2025 By Wallarm In Wallarm
The Hacker is Having a Conversation with Your API. There are two kinds of attacks you MUST understand: Stateless (Brute Force): One-and-done, instant gratification. Think SQL Injection. Stateful (Sophisticated): A persistent conversation over time. This is the signature of Business Logic Abuse. Why does this matter? Stateful attacks are executed by sophisticated threat actors who have done their due diligence on your architecture. You must evolve your defenses to monitor the entire session, not just single requests!
View Video

Copyright © 2026 OpsMatters™. All rights reserved.