Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Asia-Pacific region is home to the highest concentration of manufacturing sites on the planet, so it comes as no surprise that manufacturers here absorb more attacks than the rest of the world combined. LevelBlue SpiderLabs compiled the Manufacturing Threat Landscape 2025 report, which noted that 56% of all attacks targeting the manufacturing sector occurred in the APAC region. This is compared to 22% in North America, Europe (16%), and Africa (2%).

AI agents are rewriting the rules of efficiency, but one hidden flaw could turn them against you. Prompt injection attacks let hackers hijack your AI, steal data, and break safeguards straight through everyday inputs. No code exploit is required, only a clever manipulation. Identity and Access Management (IAM) plays a massive role in AI security to protect at first hand.

Ransomware incidents are often perceived as sudden, destructive events triggered by malicious payloads. In reality, many modern ransomware attacks begin much earlier and in a far less visible way: with compromised credentials and pre-existing access sold in underground markets. Threat intelligence collected from access broker activity and credential exposure sources indicates that ransomware operators increasingly rely on purchased access rather than direct exploitation.

For 83 days, attackers moved freely through Conduent's systems and exfiltrated 8 terabytes of healthcare records, Social Security numbers, and personal data belonging to tens of millions of Americans. No alarm sounded. No transfer was blocked. The breach was discovered when systems stopped working. Not because anyone detected the data leaving.

Wi-Fi doorbells such as Ring and Nest have become a staple in home security. They promise peace of mind, showing you live footage of your doorway to deter thieves. Up until now this has been an effective security method, but doorbell footage has started going missing, and deauth devices are responsible.

The new SafeBreach extension for VS Code integrates Breach Studio’s powerful custom attack development capabilities directly into the world’s most popular IDE to enable security teams to engineer custom attack simulations with unprecedented speed and precision. Security engineers can leverage Git-native version control, AI-assisted authoring, and real-time IntelliSense linting to eliminate friction and reduce failed executions.

Security vendors love the man-in-the-middle attack. It’s the boogeyman of every TLS marketing page. Some shadowy figure intercepting your traffic, reading your secrets, stealing your data. A man-in-the-middle attack is when an attacker positions themselves between two parties on a network to intercept the traffic flowing between them. In the context of TLS, that means an attacker who can present a valid certificate can read everything in plaintext and proxy it on to the real server.

Typosquatting, registering a typoed version of a popular package and waiting for a developer to accidentally type and install the wrong package, has been around for a decade in npm. It’s nothing new— the registry has protections for it. Then AI came along and changed everything again. Slopsquatting is the new, AI flavor of typosquatting. Instead of betting on human typos, attackers bet on AI hallucinations, the package names that LLMs confidently recommend that don't actually exist.