Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

nightfall

When Customer Data Quietly Walks Out the Door: Lessons from the Coupang Breach

Dec 19, 2025 By Chris Martinez In Nightfall
Large data breaches rarely begin with dramatic system failures. More often, they start with sustained, unauthorized access to sensitive data that goes undetected for months. The recent breach at Coupang, South Korea’s largest e-commerce platform, illustrates this pattern clearly. Nearly 34 million customer records were likely exposed over an extended period before detection.
Read Post
graylog

2025 Security Trends That Defined the SOC and What 2026 Will Demand

Dec 19, 2025 By Jeff Darrington In Graylog
2025 exposed a shift that had been forming for years. Security operations were not slowed by limited visibility or weak tooling. They were slowed because the effort required to interpret growing volumes of data increased faster than staffing, budgets, or governance frameworks could support. Alert queues expanded, dashboards multiplied, cloud bills shaped retention choices, and AI arrived before most organizations had clear policies to supervise it. It was not a talent problem.
Read Post
Internxt

Internxt Achieves SOC 2 Compliance

Dec 19, 2025 By Internxt In Internxt
Internxt is proud to announce that we have successfully achieved SOC 2 compliance, emphasising our continued dedication to security and privacy. By achieving this milestone, SOC 2 certifies that Internxt meets the needs of users regarding the controls of Internxt relevant to security, availability, and processing integrity of users’ data and the confidentiality of this information.
Read Post
1Password

Bringing secure, just-in-time secrets to Cursor with 1Password

Dec 19, 2025 By Nancy Wang In 1Password
Developers are moving faster than ever with AI. Cursor is redefining how software gets built, and 1Password is redefining how teams secure access to SaaS and AI. Today, we are announcing a new integration that brings these two worlds together in a way that keeps development speed high and credential risk near zero.
Read Post

AI, DDoS, and the Internet in 2025 | Cloudflare Radar Year in Review

Dec 19, 2025 By Cloudflare In Cloudflare
In this special Year in Review episode of This Week in NET, host João Tomé is joined by David Belson to break down the Cloudflare Radar 2025 Year in Review. Together, they explore what Cloudflare’s global network reveals about how the Internet evolved over the past year — from the rapid rise of AI crawlers and agent traffic, to record-breaking DDoS attacks, the spread of post-quantum encryption, and the growing impact of government-directed shutdowns and outages.
View Video

Continuous Vendor Risk Monitoring: Real-Time Cyber Risk Visibility with Bitsight

Dec 19, 2025 By Bitsight In BitSight
Gain real-time visibility into cyber risks across your entire vendor ecosystem with Bitsight Continuous Monitoring. Continuously track third- and fourth-party security performance, uncover hidden vulnerabilities, and identify high-risk changes before they impact your business. Powered by the industry’s most comprehensive cyber risk data, Bitsight helps security and GRC teams respond faster to critical threats—including zero-day vulnerabilities—while improving vendor collaboration and strengthening overall supply chain resilience.
View Video
ioncube24

Migrating the ionCube Blog: Infrastructure, Automation, and a Fresh Start

Dec 19, 2025 By Ben In ionCube24
WordPress. We love it. We know not everyone feels the same way. There are obvious reasons, one of which is the regular news (though not as regular as it used to be) of a plugin containing a vulnerability. Needless to say, that kind of news sucks. You have to admit though that WordPress has come a long way to make such things less sucky with an impactful auto update process. Unfortunately, the only kind of update which is beyond WordPress’s sphere is the back end, i.e. the AMP stack.
Read Post
astra

Critical React2Shell RCE Hits React and Next.js (CVE-2025-55182 / CVE-2025-66478)

Dec 19, 2025 By Sanskriti Jain In Astra
React2Shell is a severe remote, unauthenticated RCE vulnerability recently uncovered in React Server Components (RSC) and the Next.js App Router — tracked as CVE-2025-55182, with CVE-2025-66478 later merged as a duplicate — that allows attackers to execute arbitrary code on servers by exploiting insecure Flight protocol deserialization (CWE-502), earning the flaw a maximum CVSS score of 10.0.
Read Post
wallarm

CISO Spotlight: Lefteris Tzelepis on Leadership, Strategy, and the Modern Security Mandate

Dec 19, 2025 By Wallarm In Wallarm
Lefteris Tzelepis, CISO at Steelmet /Viohalco Companies, was shaped by cybersecurity. From his early exposure to real-world attacks at the Greek Ministry of Defense to building and leading security programs inside complex enterprises, his career mirrors the evolution of the CISO role itself. Now a group CISO overseeing security across multiple organizations, Lefteris brings a practitioner’s mindset to leadership and incident response.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.