Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The concept of responsible disclosure is a simple one. If you find a vulnerability, you let the affected organization or software vendor know before making the information public. This gives them time to patch the vulnerability before it can be exploited. It also helps maintain trust and fosters a collaborative environment between security researchers and companies. As a cybersecurity vendor, do we want our researchers to be credited when they discover vulnerabilities? Of course.

AI security threats are evolving at roughly the same speed that AI itself is: extremely fast. One of the most recent—and least understood—vulnerabilities involves vector and embedding weaknesses. These issues have gained attention with their addition to the OWASP Top 10 for LLMs, and the risks are becoming more urgent as Retrieval-Augmented Generation (RAG) continues to dominate enterprise AI adoption.

As many of you may know, MITRE’s DHS contract to manage the CVE and CWE programs expired on April 16, 2025. While emergency funding has since been restored for a short time, the long-term future of these programs still remains uncertain. Understandably, this situation has raised concerns throughout the cybersecurity community about the stability and continuity of vulnerability tracking and management systems that many organizations have come to rely upon.

The Latin American technology landscape is growing rapidly, with organizations embracing digital transformation and cloud-native development. This growth brings incredible opportunities to this market – but can also introduce significant security challenges that can slow innovation if not addressed proactively.

Security teams are faced with an ongoing challenge when it comes to exposure and vulnerability management. It’s not the actual discovery of the vulnerability that poses the challenge, but what to do once you discover one. Without a structured process, IT and security teams struggle to address vulnerabilities efficiently, and are in a constantly reactive mode, and struggle to address vulnerabilities efficiently, increasing potential risks.

At Seemplicity, we’re always evolving our Remediation Operations Platform to help teams remediate faster, collaborate more efficiently, and reduce risk. Our April release introduces several powerful enhancements across automation, AI, data exploration, and reporting. Here’s a look at what’s new.

Trustwave SpiderLabs continuously tracks a range of malicious activities originating from Proton66 ASN, including vulnerability scanning, exploit attempts, and phishing campaigns leading to malware infections. In this two-part series, SpiderLabs explores the malicious traffic associated with Proton66, revealing the extent and nature of these attacks.