Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The fraud is no longer a matter of “if” but “how soon!” Attackers are getting smarter, leveraging AI, deepfakes, synthetic identities, and cross-platform tactics that outpace legacy defenses. According to industry forecasts, fraud prevention tools and analytics will explode in demand as businesses scramble to stay ahead.

During routine threat hunting, we, the ManageEngine Malware Analysis Team, came across a cluster of Google Colab notebooks appearing in search results for popular software downloads. On the surface, they looked legitimate, with well written installation guides and download links.

The identity attack surface is expanding faster than ever. Every new cloud application, remote login, and digital touchpoint creates another entryway threat actors can exploit, targeting the very credentials that give employees, customers, and partners access to critical systems. One of the top, tried-and-true identity attack techniques threat actors have utilized with great success is called an account takeover.

The threat GitGuardian has long-anticipated is now a reality: criminal groups are executing systematic attacks targeting hardcoded credentials and over-permissive IAM configurations. The situation escalated when Shiny Hunters and Crimson Collective formed an alliance to coordinate efforts.

New details are emerging in recent weeks on how the Crimson Collective threat group has been conducting a large-scale campaign targeting Amazon Web Services cloud environments. Recent reports highlight how easily the attackers progressed once they obtained valid credentials. The Crimson Collective claims to have exfiltrated ~570 GB across ~28,000 internal GitLab projects; Red Hat has confirmed access to a Consulting GitLab instance but hasn’t verified the full scope of those claims.

The digital landscape across Asia/Pacific (excluding Japan) (APEJ) is characterized by rapid growth in the acceptance of Managed Detection and Response (MDR), and driven by a corresponding surge in cyber threats, according to IDC’s just released report IDC MarketScape: Asia/Pacific (Excluding Japan) Managed Detection and Response Services 2025 Vendor Assessment. IDC recognized Trustwave, A LevelBlue Company, as a Leader in the report.

OpenAI, the people behind ChatGPT, have launched an updated AI video- and audio-generation system with fascinating, and terrifying, implications for the spread of deepfakes.

The conversation about AI in cybersecurity is missing the point. While the industry has been focused on the emergence of AI-generated phishing emails, perhaps a far more profound shift has been somewhat ignored. Your workforce is no longer just human. It's a hybrid team of people, AI agents, copilots, assistants and digital partners. This creates a new and complex attack surface. The next great security challenge isn't just protecting a human from a machine.

Manufacturing is the core of the global economy, yet it is the most attacked industry today. And while much of the attention falls on external attackers, an equally dangerous risk comes from within. This article explores the unique cybersecurity challenges manufacturing organizations face, shows you real-life examples of manufacturing data breaches caused by insiders, and provides seven key measures to help you build a resilient insider threat program.