Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Researchers at RavenMail warn that a major phishing campaign targeted more than 3,000 organizations last month, primarily in the manufacturing industry. The phishing messages posed as legitimate business notifications, such as file access requests or voicemail alerts, and were designed to send users to credential-harvesting login pages. Notably, the campaign abused legitimate Google infrastructure and links to avoid being flagged by security tools.

Microsoft was the most commonly impersonated brand in phishing attacks during the fourth quarter of 2025, according to researchers at Guardio. Microsoft was followed by Facebook, Roblox, McAfee, Steam, AT&T, Amazon, Google, Yahoo, and Coinbase. “Scammers ramped up brand impersonation attacks throughout Q4 2025, timing their campaigns around when people are busiest online, shopping for deals, renewing subscriptions, or looking for jobs,” Guardio says.

Passwords were invented in the 1960s. Six decades later, we’re still using them to protect everything from email accounts to bank transfers to corporate networks. The problem isn’t just that they’re old technology, it’s that they were never designed for the world we live in now.

The ARMO-Rapid7 partnership connects broad attack surface coverage with deep cloud and Kubernetes runtime security and visibility. By correlating exposures with real workload behavior, organizations can identify meaningful risk earlier, focus remediation where it matters most, and respond to active threats with precision, improving security outcomes while operating more efficiently in cloud-native environments.

Have you ever watched AMC’s The Walking Dead? Before the walkers, before the chaos, there is a quieter moment that often goes unnoticed. The power is out. Roads are empty. Hospitals are running on borrowed time. The world has not fallen apart yet, but it is no longer working. That is what a day without ICS and OT would look like. Industrial control systems (ICS) and operational technology (OT) are the systems that run the physical world.

In today's security landscape, it's easy to get lost in a sea of acronyms. But one layer has become the undisputed foundation for modern application security: API security. Why? Because APIs are no longer just part of the application, they are the application. They are the connective tissue for microservices, third-party data, and the explosive new 'Agentic AI Action Layer' powered by protocols like MCP (Model Context Protocol). Securing the application is securing the APIs.

In 2026, incident response (IR) will continue its shift away from traditional malware-centric investigations toward identity-driven intrusions, abuse of trusted cloud services, and low-signal, high-impact activity that blends seamlessly into normal business operations. Rather than relying on technical exploits, threat actors are prioritizing legitimate access, persistence, and operational efficiency, enabling them to evade users, security controls, and automated detection.

Fast-paced changes in technologies, regulations, and growth expectations can quickly shift your risk environment. Without a structured approach to managing these risks, even the most innovative organizations can face costly disruptions, security incidents, and compliance missteps.

For a long time, cybersecurity has been built around two basic actions: detecting and responding to cyber threats. However, automated attacks, advanced malware, and AI-driven threats show that reacting is no longer enough. Today’s attacks move fast, and in most cases, the damage is already done by the time they are detected. This is nothing new: organizations need to get ahead of risk and protect their systems before incidents occur.

Security professionals often compare their jobs to a game of “Whack-a-Mole,” the arcade game where players try to hit little plastic moles on the head. The moles pop up in a randomly generated way, making it difficult to predict which one will show its little head next.