Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Human error remains the primary exploitation vector in mobile security incidents, according to Verizon’s latest Mobile Security Index (MSI). “At 44%, user behavior is the top cited breach contributor, just ahead of app threats, network threats, and internet threats, which were each cited by 43% of survey respondents,” the report says.

Part of our two-part series on the evolution from EASM to EEM. This post introduces the core shift from visibility to real-world exposure validation and why the legacy approach to external risk is no longer enough. External Attack Surface Management, or EASM, was once revolutionary. It gave organizations their first real visibility into the sprawling digital footprint created by cloud adoption, remote work, and third-party services. But the threat landscape has evolved. And EASM has not kept up.

Recharging the battery of phones, tablets, or laptops in public places such as airports, stations, hotels, or cafés is quite normal and convenient. Everybody does it while traveling or working on the go. Most of these charging points rely on USB ports, which not only deliver power but also support data transfer. In recent years, cybersecurity authorities such as the FBI and the Federal Communications Commission (FCC) have warned users about a rising cyber threat known as juice jacking.

Account takeover (ATO) protection is the frontline defense that prevents criminals from using stolen or spoofed credentials to impersonate legitimate customers. The problem is speed. In 2024, Verizon reported that phishing kits were able to harvest the first credential in under 60 seconds, while banks typically only detected fraud several hours later. That lag helped drive a staggering surge in ATO with 83% of financial institutions reporting direct business impact.

To close out Trustwave’s, A LevelBlue Company, Cybersecurity Awareness Month 2025 coverage, we will take a look at securing critical infrastructure, one of the focus areas for the Cybersecurity and Infrastructure Security Agency (CISA). For our complete coverage, please see: Cybersecurity Awareness Month 2025: The Value of MSSPs and Cybersecurity Awareness Month 2025: 4 Steps to Build a Cyber Strong America.

76% of organizations are struggling to keep up with the sophistication of AI-powered attacks, according to CrowdStrike’s latest State of Ransomware Survey. “Most organizations (87%) consider AI-generated social engineering tactics more convincing than traditional methods,” the report says.

On April 10th, 2025 12:10 UTC, a security researcher notified Cloudflare of two vulnerabilities (CVE-2025-4820 and CVE-2025-4821) related to QUIC packet acknowledgement (ACK) handling, through our Public Bug Bounty program. These were DDoS vulnerabilities in the quiche library, and Cloudflare services that use it. quiche is Cloudflare's open-source implementation of QUIC protocol, which is the transport protocol behind HTTP/3.

In today’s enterprise environments, endpoints are more than just laptops and desktops. They are the critical bridge where people, applications, and data intersect. While much attention is given to malware prevention and threat detection, one security layer is often underestimated: device control.

In early September 2025, attackers used a phishing email to compromise one or more trusted maintainer accounts on npm. They used this to publish malicious releases of 18 widely used npm packages (for example chalk, debug, ansi-styles) that account for more than 2 billion downloads per week. Websites and applications that used these compromised packages were vulnerable to hackers stealing crypto assets (“crypto stealing” or “wallet draining”) from end users.