OpenClaw as a Security Threat
Open-source AI tools are exploding in popularity. But what risks are they introducing inside your organization? If AI is in your environment, this is a conversation you cannot ignore.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
From DevOps to Runtime: Engineering the Right CWPP Strategy for Your Cloud Environment
Cloud-native architectures have fundamentally changed how organizations build, deploy, and scale applications. But they have also introduced new security challenges, especially when it comes to protecting workloads that span virtual machines, containers, Kubernetes, and serverless environments.
What is Vanta?
Vanta is the Agentic Trust Platform—built to help companies earn trust and prove it, continuously. Every company’s trust journey starts with two connected goals: earning and proving that trust. You earn trust by demonstrating a strong security foundation to customers, partners, auditors, and your board. You prove trust by continuously strengthening that foundation—managing risk, monitoring threats, and acting on real-world feedback.
Wiz names Vanta among its most popular integrations
Wiz recently published its first Wiz Integration Network (WIN) Partner Index 2025, which looks at which tools and vendors Wiz users are connecting with most. We were honored to show up on this list—not once—but four different times. The WIN Partner Index is built from actual customer adoption and usage, offering a practical view into which integrations deliver the most meaningful impact as security teams grow.
The One App this Creator Installs on Every New Device
There’s one app that creator Ivan Kam installs on every new device. Any guesses what it is?
Acronis Cyberthreats Report H2 2025: Cybercriminals are now scaling attacks with AI
Cybercriminals are spending less time using AI to develop new kinds of cyberattacks. Unfortunately, that’s not good news. According to the Acronis Cyberthreats Report H2 2025, cybercriminals are focusing on using AI to scale and refine the attacks they’ve already developed. As a result, they’re working more efficiently. The Acronis Cyberthreats Report H2 2025 delves into many more cybersecurity trends and goes into much deeper detail on the evolving impact of AI on cyberthreats.
Intelligence Agencies: Proxy Action & 'Plozny Jurak'
In today’s cyber landscape, intelligence services often rely on proxy networks to expand their reach. Through ransomware affiliates, access brokers, and loosely connected cybercriminal ecosystems — sometimes referred to conceptually as “Plozny Jurak” — states can benefit from disruptive or espionage activity without direct attribution. To dive deeper, watch the full podcast, Blueprint Thieves: Inside Iran’s Industrial Espionage Machine, at the links below.
Snyk and Cline: Securing the Future of Autonomous Coding
We are thrilled to announce a strategic partnership with Cline Bot Inc. to bridge the gap between autonomous speed and enterprise trust. By embedding Snyk’s security intelligence directly into Cline’s autonomous loops, we are delivering an end-to-end automated secure coding workflow that empowers developers to innovate with confidence. The evolution of AI coding tools is accelerating rapidly. We have moved from simple completion to sophisticated chat, and now to full autonomy.
Why AI Agents are Next! The Death of APIs? #AI #Shorts
Why AI Agents are next is the biggest question in tech right now! In this breakdown, we look at how we're moving from static APIs to Agentic Interaction. While frameworks like MCP (Model Context Protocol) are gaining ground, the real challenge is creating a "Passport" system for AI agents from different companies to communicate securely. Key Insights: –Why AI Agents will replace traditional SaaS workflows.–The shift from deterministic APIs to dynamic agentic behavior.–The "AI Passport" – the missing piece for cross-company AI security.
GrayZone Platform
BlueVoyant analyzed a sophisticated and extensive campaign that leverages corporate shell companies, professional infrastructure, and code-signing certificates to distribute potentially unwanted applications (PUAs). This operation has established a persistent, platform-like foothold on user systems through software that presents a façade of corporate legitimacy. It combines continuous system access with ongoing data collection.