According to the British Retail Consortium (BRC), shoplifting in the UK is surging. Reported cases jumped from 3.7 million to 20.4 million within a year. Viral social media clips show brazen daylight shoplifting. Reports quote frustrated shopkeepers afraid to intervene. Experts in retail, law, and economics debate the causes, blaming the economy, policing, organized crime, and justice systems. While physical shoplifting dominates headlines, digital shoplifting is equally bold and costly.

With the dynamic start of the new US Presidential Administration, on the heels of our global annual kick-off, and with colleagues across our offices starting Lunar New Year celebrations last week, it’s a good time for Fireblocks to share our outlook on digital assets policy for the rest of the year. Years in our industry are often unprecedented.

The recent UK Home Office proposal designed to hinder and disrupt ransomware operations through several proposed measures, including a targeted ban on ransomware payments, has again brought this question into the public square. The question of whether to pay a ransom demand is a decades-long argument with ardent opinions on both sides.

Today's transforming cyber threat landscape is an age of major malice regarding malware. Lumma Stealer remains one of the most fascinating malicious pieces out here. The aim of this blog is to tell you about all recent activities regarding this malware within the year 2025. Thereby, focusing on some practical real-based scenarios, where incidents have unfolded using this malware as a sample analysis, with line-by-line analysis of malware along with dissected code infection patterns.

As the Kubernetes landscape continues to evolve, there is often the need to adapt to newer, more robust distributions. SUSE has announced the end of life of RKE (Rancher Kubernetes Engine) in favor of RKE2, a Kubernetes distribution designed with enhanced security, resilience, and scalability. For organizations running workloads on RKE, this shift marks an important milestone—but it also raises questions about how to migrate workloads safely and efficiently.

‍As digital threats grow more sophisticated and cyber regulations expand in scope, business stakeholders are beginning to recognize the need to learn more about cybersecurity and how it impacts organizational performance. With this recognition comes the elevation of chief information security officers (CISOs) into the boardroom, tasked with explaining these cyber intricacies and offering strategies that can help safeguard operational resilience and drive long-term growth.

A KnowBe4 Threat Lab publication Authors: Daniel Netto, Jeewan Singh Jalal, Anand Bodke, and Martin Kraemer Executive Summary Attackers exploit redirects that lack safeguarding mechanisms to borrow the domain reputation of the redirect service, obfuscate the actual destination and exploit trust in known sources. Whitelisting URLs, only allowing a predefined set of URLs to be rewritten, is an effective countermeasures against the vulnerability on the server side.

The top cyber threats facing the manufacturing industry are ransomware, supply chain attacks, insider threats, phishing and social engineering attacks. In 2023, the manufacturing sector accounted for 25% of all cyber attacks, making it the most targeted industry. As the manufacturing industry increasingly relies on the Internet of Things (IoT) to improve efficiency and productivity, addressing security risks has become essential.

Published first as a whitepaper in late 2024, the 2025 OWASP Top 10 for LLM Applications is yet another monumental effort from OWASP made possible by a large number of experts in the fields of AI, cybersecurity, cloud technology, and beyond—including Mend.io Head of AI Bar-El Tayouri. LLMs are still new to the market but beginning to mature, and the OWASP Top 10 for LLM Applications is maturing alongside it.

Creating an enterprise security-first culture is one of the most impactful things a CISO can do to protect their organization. Sure, high-tech solutions and fancy tools are important, but they are largely ineffective when staff are unable or unwilling to play their part in preventing, identifying, and reporting security incidents. However, in the quest to develop a positive cybersecurity culture, many Chief Information Security Officers (CISOs) inadvertently create a toxic environment.