On March 4, 2025, Broadcom released patches for three zero-day vulnerabilities exploited in the wild, affecting ESXi, Workstation, and Fusion. These vulnerabilities, discovered by Microsoft, range in severity from high to critical. Details of the exploitation have not been revealed at this time, and Arctic Wolf has not identified a public Proof-of-Concept (PoC) exploit.

KnowBe4’s Threat Lab recently observed a phishing campaign targeting educational institutions. Over a 30 day period, 4,361 threats were reported, originating from 40 unique sender domains. 65% of these domains were compromised educational institution IDs. The ultimate aim of these attacks was to harvest credentials resulting in the potential data loss, compromise and further phishing emails.

Runtime security is all about real-time protection, actively monitoring and responding to threats as they happen, not just hardening, setting up barriers or reacting to attacks after the fact. Think of it this way: traditional security measures prevent most intruders, but what about the ones that manage to get in? Runtime security alerts you to any suspicious activity and takes immediate action to stop it. Why is this so important for containers?

In an era of AI-generated content, deepfakes, and manipulated media, disinformation is no longer just a concern for governments and social media platforms – it’s a cybersecurity threat. According to Gartner’s 2025 trend forecast, disinformation security will be a key focus area as AI-generated content, deepfakes, and synthetic media continue to challenge digital trust. But what exactly is disinformation security, and why has Gartner identified it as a critical business risk?

For Star Trek fans, space may be the final frontier, but in security, discovering Application Programming Interfaces (APIs) could be the technology equivalent. In the iconic episode “The Trouble with Tribbles,” the legendary starship Enterprise discovers a space station that becomes overwhelmed by little fluffy, purring, rapidly reproducing creatures called “tribbles.” In a modern IT department, APIs can be viewed as the digital tribble overwhelming security teams.

“We need to get stuff done – but I’m not supposed to let you.” Shipping high priority code, meeting tight release deadlines, fighting incident fires —there are countless reasons why today's engineering teams need to move at lightspeed. This need for speed may put them at odds with security objectives.

Generative AI (GenAI) is transforming the cybersecurity landscape, requiring Chief Information Security Officers (CISOs) and their teams to adapt quickly to both opportunities and challenges, according to the Gartner report 4 Ways Generative AI Will Impact CISOs and Their Teams. As organizations integrate GenAI into business processes, it is critical to secure not only the technology’s development but also its consumption across the enterprise.