Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Artificial intelligence is accelerating digital transformation at an unprecedented pace. New AI-driven applications, copilots, data pipelines, APIs, and cloud services are spinning up faster than ever before. But while innovation moves at machine speed, governance often lags behind. The result? A rapidly expanding external attack surface filled with forgotten assets, abandoned cloud resources, and misconfigured DNS records — many of them quietly waiting to be hijacked.

Cybercriminals are abusing legitimate invoices and dispute notifications from popular services to send scam emails that bypass security filters, according to researchers at Kaseya’s INKY. The attackers have used this technique to impersonate PayPal, Apple, DocuSign, HelloSign, and others. “These platforms often allow users to enter a ‘seller name’ or add a custom note when creating an invoice or notification,” the researchers write.

Enterprise IT relies heavily on Active Directory (AD) for user, access, and authentication management. A compromise can harm systems, data, and accounts. Why Swift Response Matters A fast, effective response can contain an AD incident, while delays can turn it into a major organizational crisis, including: A clear AD response plan is essential to systematically: Long downtime, damage to organization’s reputation, and problems with compliance can result from neglecting proactive AD recovery.

Login abuse is one of the common types of cyberattacks. It happens quietly, often showing up as a spike in failed sign-ins or customers locked out of their accounts. On the surface, these events look routine. In reality, they are usually early signs of automated attacks targeting login systems. This pattern is commonly known as credential stuffing. In this method, attackers use automation to test large volumes of stolen usernames and passwords across multiple services.

The Cybersecurity Infrastructure Security Agency (CISA) issued an alert this week based on an attack that struck Poland’s energy sector in late 2025. The attack compromised the operational technology (OT) and industrial control systems (ICS) in 30 renewable energy and heating plants, impacting 500,000 people and also that nation’s manufacturing sector.

As organizations migrate critical applications to the cloud, cloud-based DDoS attacks and defenses have become a growing concern amid the increasing number of cyber threats. Unlike traditional threats, these attacks are increasingly targeted, sophisticated, and capable of disrupting services in ways that can impact entire business operations and business continuity.

Researchers at Okta warn that a series of phishing kits have emerged that are designed to help threat actors launch sophisticated voice phishing (vishing) attacks that can bypass multifactor authentication. “The most critical of these features are client-side scripts that allow threat actors to control the authentication flow in the browser of a targeted user in real-time while they deliver verbal instructions or respond to verbal feedback from the targeted user,” Okta says.

We are witnessing the end of the "Human-in-the-Loop" era and the beginning of the "Agent-to-Agent" economy. Until recently, most AI interactions were hub-and-spoke models where a human user prompted a central model, reviewed the output, and then took action. That model provided a natural safety brake. If the AI hallucinated or suggested a malicious action, a human was there to catch it. That safety brake is disappearing.