Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cloud is the new battleground, and more adversaries are joining the fight: New and unattributed cloud intrusions were up 26% in 2024, according to the CrowdStrike 2025 Global Threat Report. As adversaries accelerate cloud attacks, CrowdStrike delivers full-cycle agentic AI — from detection triage to threat response — giving defenders the edge to act at machine speed before adversaries can break through.

Snyk is delighted to announce a significant milestone for our customers and partners in the Asia-Pacific (APAC) region: the launch of a dedicated Snyk API & Web infrastructure instance, which is now available and hosted locally within the region. This investment addresses the critical needs of our growing customer base in the region, ensuring that they can benefit from our modern, developer-first DAST capabilities while meeting local data residency and compliance requirements.

Unless you lived under a rock for the past several months or started a digital detox, you have probably encountered the MCP initials (Model Context Protocol). But what is MCP? Is this just a glorified API call, or is there really something there? This post thoroughly explains what MCP is and why it makes LLMs more powerful. It also provides a comprehensive threat model analysis and reviews the fundamental security vulnerabilities.

We are in the middle of an AI gold rush. Generative AI (Gen AI) has exploded from research labs into everyday business workflows at breakneck speed. Marketing, software development, customer support, HR, companies across industries deploy Gen AI tools to boost efficiency, automate tasks, and gain an edge. But security trails behind. In the rush to innovate, organizations chase speed and visibility, leaving risk management behind.

1Password has signed a strategic collaboration agreement (SCA) with AWS to help modern enterprises close security blind spots, accelerate secure cloud adoption, and manage access in increasingly complex hybrid and AI-driven environments. This collaboration represents a long-term commitment to co-innovation, global growth, and enabling the adoption of AI tools, all while expanding support for the shared customers of 1Password and AWS.

A new integration between 1Password and AWS Secrets Manager makes it faster and easier to sync secrets across environments – all from within the 1Password desktop app. This update enables all 1Password and AWS Secrets Manager joint customers to simply and securely deliver secrets to AWS Secrets Manager. It’s the fast, familiar 1Password experience you know and trust – now extended to include environment variables and secrets support.

Vibe coding might sound like a trendy term, but it's really just developing software without automated checks and quality gates. Traditional engineering disciplines have always relied on safety measures and quality controls, so vibe coding should be no different in my honest opinion.

On June 4, Asana identified a bug in its Model Context Protocol (MCP) server and took the server offline to investigate. While the incident was not the result of an external attack, the bug could have exposed data belonging to Asana MCP users to users in other accounts.

On June 12, 2025, a global outage at Google Cloud Platform (GCP) brought critical infrastructure to a halt. The ripple effects were immediate. Services from Palo Alto Networks and Cloudflare—both of which rely on GCP—experienced outages that lasted hours. Enterprises depending on these services were left blind and exposed. This wasn’t a first. It won’t be the last. But it was a wake-up call. When SASE, SSE, or SD-WAN platforms go down, the business is down. Productivity stalls.