Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

cloudflare

The 2025 Cloudflare Radar Year in Review: The rise of AI, post-quantum, and record-breaking DDoS attacks

Dec 15, 2025 By David Belson In Cloudflare
The 2025 Cloudflare Radar Year in Review is here: our sixth annual review of the Internet trends and patterns we observed throughout the year, based on Cloudflare’s expansive network view.
Read Post
vanta

Vanta announces the availability of two multi-product solutions in AWS Marketplace

Dec 15, 2025 By Vanta In Vanta
We’re excited to announce the availability of two multi-product solutions in AWS Marketplace today. ATG and Vanta: Fast Track to Compliance Acceleration, along with Digital Trust Accelerator with Cognisys & Vanta to allow organizations to easily discover, try, test, buy, and deploy—as well as manage—thousands of software solutions. This new drop includes pre-built AI agents and ready-to-integrate tools, all in one place. ‍
Read Post
cloudflare

React2Shell and related RSC vulnerabilities threat brief: early exploitation activity and threat actor techniques

Dec 11, 2025 By Cloudforce One In Cloudflare
On December 3, 2025, immediately following the public disclosure of the critical, maximum-severity React2Shell vulnerability (CVE-2025-55182), the Cloudforce One Threat Intelligence team began monitoring for early signs of exploitation. Within hours, we observed scanning and active exploitation attempts, including traffic originating from infrastructure associated with Asian-nexus threat groups.
Read Post
cato networks

Mitigating Credential Phishing in the Age of AI and Cloud Convergence

Dec 10, 2025 By Dr. Guy Waizel In Cato Networks
Phishing remains one of the most effective methods for stealing credentials and breaching enterprise environments. Despite advanced email and browser protections, attackers now leverage AI, and automation to outpace traditional defenses. The Verizon 2024 Data Breach Investigations Report found that 68% of breaches involve the human element, often triggered within seconds of a phishing lure, just 21 seconds to click and 28 seconds to submit credentials.
Read Post

AI, Creators & Agentic Commerce - A Conversation with Cloudflare CSO Stephanie Cohen

Dec 10, 2025 By Cloudflare In Cloudflare
In this episode of This Week in NET, host João Tomé sits down with Stephanie Cohen, Cloudflare’s Chief Strategy Officer, for a candid conversation about AI, content creators, financial services, partnerships, and the future of the Internet. Stephanie shares how Cloudflare is helping keep the Internet open and resilient — from giving creators transparency and control over AI scraping, to enabling new models of agentic commerce through partnerships with Visa and Mastercard, to empowering organizations of all sizes through Cloudflare’s global network.
View Video

Deepfake Candidates Are Getting Hired - Here's How

Dec 9, 2025 By Cloudflare In Cloudflare
Hiring in 2025: Is the person you hired even real? Deepfakes resumes. Outsourced interviews. Candidates landing jobs they never intended to do. We've moved from KYC to KYE, and organizations haven't caught up yet. In the latest episode of The Connectivity Cloud Podcast, we explore how attackers are weaponizing the job market with Vladimir Krupnov and Blake Darché. For anyone in hiring, HR tech, or security leadership, this is a must-listen.
View Video

How Salt Security & AWS Simplify API Security

Dec 9, 2025 By Salt Security In Salt Security
See your Blind Spots in Minutes, not Months: How Salt Security & AWS Simplify API Security AI agents and cloud-native architectures have unleashed a wave of APIs and with them, new attack surfaces. Most security teams are struggling to keep up, especially in dynamic AWS environments where shadow and zombie APIs can easily go undetected. This Salt Security and AWS webinar explores a better approach to API discovery and security in AWS without the burden of in-line traffic collection or sensor deployments.
View Video
teramind

How AWS WorkSpaces & Teramind Enhance Workforce Intelligence

Dec 9, 2025 By Teramind In Teramind
Teramind, an ISV Accelerate AWS Partner, delivers a crucial layer of visibility, security, and productivity management that highly complements the Amazon WorkSpaces Family services. This partnership ensures customers move beyond the architectural security and agility provided by AWS to gain granular control over user behavior, insider risk, and operational efficiency within their virtual desktop infrastructure (VDI).
Read Post
armo

The 3 Biggest Cloud Workload Threats (and Why Teams Miss Them)

Dec 8, 2025 By Ben Hirschberg In ARMO
In this article, we’ll break down the three most prevalent runtime threat vectors behind most modern cloud breaches – and why traditional cloud security tools fail to detect them. Let’s get one thing clear: the cloud itself hasn’t become more dangerous – but cloud-native architectures fundamentally changed the threat landscape. In the datacenter era, most threats targeted hosts, networks, and endpoints.
Read Post
Azure Tenant Hardening Basics: Identity, Conditional Access, and "Default Safe" Settings

Azure Tenant Hardening Basics: Identity, Conditional Access, and "Default Safe" Settings

Dec 8, 2025 By SecuritySenses In SecuritySenses
When you spin up a new Azure tenant, it's easy to assume that Microsoft has locked the doors and barred the windows for you. The interface is sleek, the services are powerful, and the infrastructure is world-class. But here is the uncomfortable truth: while the cloud infrastructure is secure, your specific configuration of it likely isn't. A default Azure Active Directory (now Microsoft Entra ID) environment is designed for usability and adoption, not maximum security. It prioritizes getting your team connected over keeping bad actors out.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.