Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

persona

What is identity muling, and how can you prevent this new fraud vector?

Jan 23, 2026 By Louis DeNicola In Persona
An identity mule is someone who is compensated for sharing their identity. They may be asked for pictures of their identification documents and video selfies. Or, instructed to create an account and complete an identity verification flow before handing over the account’s credentials to a bad actor. The fraud cat-and-mouse game is taking a new turn. As organizations get better at detecting deepfakes, some bad actors are using real people’s identities to commit fraud.
Read Post
persona

As online fraud expands, here's how you can stay ahead

Jan 23, 2026 By Louis DeNicola In Persona
Globally, companies lost an average of 7.7% of their annual revenue to fraud, according to TransUnion’s 2025 Digital Identity Risk Accelerates Fraud Losses report. In the US, companies reported revenue losses of 9.8%, a 46% increase from the previous year. That’s hundreds of billions of dollars heading into the hands of fraudsters. And those stats don’t account for the loss of trust, hit to brand reputation, and time and resources spent on mitigating and resolving the fraud.
Read Post
Arctic Wolf

CVE-2026-21962: Maximum-severity Vulnerability in Oracle HTTP Server/WebLogic Proxy Plug-In

Jan 23, 2026 By Andres Ramos In Arctic Wolf
On January 20, 2026, Oracle patched a maximum‑severity vulnerability in its Fusion Middleware suite affecting Oracle HTTP Server and the WebLogic Server Proxy Plug‑in, tracked as CVE‑2026‑21962. An unauthenticated remote threat actor can exploit this flaw to gain unauthorized creation, deletion, or modification access to critical data. The issue stems from improper handling of incoming requests by the WebLogic Server Proxy Plug‑ins for Apache HTTP Server and Microsoft IIS.
Read Post
knowbe4

Warning: "Fancy" QR Codes Are Making Quishing More Dangerous

Jan 23, 2026 By KnowBe4 Team In KnowBe4
Scammers are increasingly using visually stylized QR codes to deliver phishing links, Help Net Security reports. QR code phishing (quishing) is already more difficult to detect, since these codes deliver links without a visible URL. Attackers are now using QR codes with colors, shapes, and logos woven into the code’s pattern. “Fancy QR codes further complicate detection,” Help Net Security says. “Their layouts no longer resemble the familiar black and white grid.
Read Post
11:11 systems

Turning Network Chaos into Strategy: A NaaS Success Story

Jan 23, 2026 By Brad Gerlach In 11:11 Systems
For many organizations, the network has quietly become one of the biggest barriers to growth. It is the almost invisible nervous system of the enterprise, yet when it fails or becomes overly complex, it is the only thing anyone talks about. As projects expand, offices multiply, and cloud adoption accelerates; IT teams are finding the network is an increasingly difficult piece of the puzzle, and hard to control.
Read Post
keeper

Why Did I Receive an Instagram Password Reset Email?

Jan 23, 2026 By Ashley D'Andrea In Keeper
If you received an unexpected password reset email from Instagram at the beginning of January 2026, you’re not alone. In early January, many Instagram users reported receiving password reset emails they did not request. This appears to have been the result of Instagram’s password reset functionality, resulting in widespread confusion about the legitimacy of those messages.
Read Post

Find and Redact Your Data With Protegrity Developer Edition

Jan 23, 2026 By Protegrity USA Inc. In Protegrity
Dan Johnson, a software engineer at Protegrity, demonstrates how to use the Protegrity Developer Edition to identify and redact Personally Identifiable Information (PII) from unstructured text. Building on our installation guide, we walk through real-world use cases using the Python SDK and Core Edition to transform "useless" raw data into secure, usable information for your AI and ML workflows.
View Video

Automating User Access Reviews: How IGA Delivers Real Business Value

Jan 23, 2026 By CyberArk In CyberArk
Still managing user access reviews manually? You’re not alone — and it’s costing you. This teaser highlights how automated User Access Reviews (UARs can reduce effort, improve audit readiness, and deliver real business value. In the full webinar, CyberArk experts share real-world examples, ROI insights, and how automation can cut review effort by up to 80%. Watch the full webinar on our website to learn how automated IGA transforms access reviews from a burden into a business advantage.
View Video

CVE-2025-55131: Node.js Memory Exposure Risk

Jan 23, 2026 By Indusface In Indusface
Node.js patched a serious vulnerability (CVE-2025-5513) that could expose uninitialized memory and leak secrets like tokens or application data due to a race condition in the buffer allocation logic. This vulnerability affects the vm module with timeouts and is part of a broader coordinated security update across all active Node.js release lines.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.