Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The dictionary (at least the online version) defines the word trend as a general direction in which something is developing or changing. It also does have a secondary definition relating to fashion, but unless we want to cover off on some questionable choices I made when younger, we can skip that one. When does something move beyond being a trend, and create a lasting shift in behavior–or for the purposes of our discussion, technology?

Most organizations assume a clear boundary between external users, who submit support tickets or service requests, and internal users, who handle them using privileged access. However, when an internal user triggers an AI action from a model context protocol (MCP) tool, such as summarizing a ticket, that boundary can break.

Code integrity guarantees that software code remains uncorrupted, authentic, and protected throughout the lifetime of that software. Code integrity also protects software from changes made without proper authorization for malicious attack purposes through the installation of back doors, which is a simple form of malware, initiating unauthorized updates.

In today’s digital landscape, the importance of adopting a proactive approach to cybersecurity, which involves predictive and retrospective strategies, cannot be overstated. While traditional protective and reactive defenses remain crucial as the first line of defense, they are no longer sufficient on their own. With cyber threats becoming increasingly sophisticated and constantly evolving, organizations must augment these defenses with a proactive approach to stay ahead of potential threats.

In Q2 2025, Scattered Spider has been noted as a prolific threat actor targeting several sectors across multiple countries. As of June 2025, the group appears to have moved towards targeting the insurance sector. This is not novel victimology within the landscape, with attacks consistently targeting the sector, particularly in the extortion sphere. This blog explores the attacks Scattered Spider has conducted in 2025, as well as similar attacks around the insurance sector in the year.

In mid-May 2025, Cloudflare blocked the largest DDoS attack ever recorded: a staggering 7.3 terabits per second (Tbps). This comes shortly after the publication of our DDoS threat report for 2025 Q1 on April 27, 2025, where we highlighted attacks reaching 6.5 Tbps and 4.8 billion packets per second (pps). The 7.3 Tbps attack is 12% larger than our previous record and 1 Tbps greater than a recent attack reported by cyber security reporter Brian Krebs at KrebsOnSecurity.