We’re entering the Spring season, which can mean only one thing - You Did WHAT With Tines?! (YDWWT) Is back! Our bi-annual competition invites Tines builders to submit their most impressive workflows with a chance to win some exciting prizes, including a trip to a very special customer event.

In most cases, migration from Bitbucket to Azure DevOps is driven by the need for better integration within the Microsoft ecosystem. This is especially true when scalability for larger projects and a unified development environment support modern software development practices. Companies undergo such a migration for strategic reasons.

On February 12, 2025, Palo Alto Networks announced CVE-2025-0108, a high severity (8.8) authentication bypass vulnerability affecting Palo Alto Networks PAN-OS management web interface. Successful exploitation of this vulnerability allows unauthenticated attackers with network access to invoke certain PHP scripts without proper authentication. While it does not lead to remote code execution, it impacts the confidentiality and integrity of the affected system.

When it comes to security, 2024 was unfortunately a standout year for the healthcare sector. Kroll found that the healthcare industry was the most breached, had fairly immature incident response practices, and unfortunately suffered numerous cyberattacks culminating in a year that left healthcare boards thinking deeply of the overall risk to their businesses.

The deadline for European Union member states to pass the new EU NIS2 regulation into national law was October 17, 2024, yet only a few countries have transposed it into law, leaving others lagging behind, with regulations in draft or public consultation phases, or not at all. In the absence of certainty for firms (or what NIS2 calls entities), confusion is understandable, but steps can be currently taken considering what we already know.

The growth of remote work and widespread cloud adoption has transformed how and where employees access corporate network resources as well as private and public applications and web sites. Today’s workforce demands access to corporate resources from anywhere, whether at home, on the go, or in traditional office settings. For organizations, this shift continues to present challenges in managing and securing user access without compromising usability or increasing risk.

On February 12, 2025, Palo Alto Networks published a security advisory for CVE-2025-0108, an authentication bypass vulnerability in the management web interface of PAN-OS. The vulnerability was responsibly disclosed to Palo Alto Networks by Assetnote, who published a blog article with technical details about how to exploit the vulnerability the same day it was disclosed. Since then, proof-of-concept exploit code has emerged publicly.

At KnowBe4, we constantly strive to stay ahead of emerging threats and create training content to warn users about the latest tactics used by cybercriminals. One of the ways we do this is through our internally produced demo video productions, which used to star the incredible Kevin Mitnick and his legendary hacking demos. In these modules we showcase real-world attack scenarios and provide actionable insights on how to defend against them. Last year my colleague Dr.

Several Russian threat actors, including the SVR’s Cozy Bear, are launching highly targeted spear phishing attacks against Microsoft 365 accounts, according to researchers at Volexity. The attackers are impersonating employees at the US State Department, the Ukrainian Ministry of Defence, the European Union Parliament, and well-known research institutions.

Software Bills of Material (SBOMs) are documents which contain a list of components and dependencies of a given software ecosystem, like a list of ingredients in a recipe. On its own, an SBOM can provide some context to how the application was created, what kinds of functionality it may contain, as well as provide a glimpse into the lifecycle of the software project.