Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Qubit Conference Prague 2025 brought together some of the sharpest minds in cybersecurity—and Cato CTRL made sure to leave a mark. Not only did we share insights on AI-powered security, but we also marked a major milestone: the opening of our new R&D office in Prague. This expansion strengthens our global footprint and taps the best in the local engineering and development talent to help with the kinds of projects we present at Qubit.

Starting on July 19th, 2025, an npm supply chain security incident has been attacking maintainers of popular open-source npm packages on the npm registry.

Real maturity doesn’t come until AI is integrated into the operational fabric.

We’re thrilled to share some exciting news that truly validates our mission to secure the world’s software: Veracode has been recognized as a leading vendor in both Static Analysis (SAST) and Software Composition Analysis (SCA) in the June 2025 VDC Research Vendor Impact Awards! What makes this recognition even more significant is that these awards are based on aggregated ratings from VDC Research’s global “Voice of the Engineer” survey.

Recognizing the need to better protect organizations that rely on operational technology (OT), Trustwave is advancing its OT security services portfolio. Trustwave now delivers end-to-end visibility and threat response across IT and OT environments, enabling better detection, investigation capabilities, and response to threats targeting critical infrastructure by being integrated Trustwave’s Co-Managed SOC and penetration testing services.

We’re excited to announce a major Seemplicity release packed with new AI-driven features that help you fix faster, prioritize better, and streamline remediation at scale. This release introduces breakthrough capabilities that reduce noise, provide clarity, and eliminate bottlenecks between identifying risks and resolving them.

On July 19, 2025, Microsoft disclosed CVE-2025-53770, a critical zero-day Remote Code Execution (RCE) vulnerability. Assigned a CVSS 3.1 base score of 9.8 (Critical), the vulnerability affects SharePoint Server 2016, 2019, and the Subscription Edition, along with unsupported 2010 and 2013 versions. Cloudflare’s WAF Managed Rules now includes 2 emergency releases that mitigate these vulnerabilities for WAF customers.