Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This release raises the bar for enterprise-grade vulnerability and exposure management. We’re delivering on the promise of smarter, faster risk reduction powered by automation, enriched data, and operational depth. From fix-level SLA tracking to scalable API workflows and stakeholder-ready reporting, every enhancement is designed to help teams do more with less, and prove it. Here’s a breakdown of some of the major product updates from Q2 2025.

Trustwave SpiderLabs researchers have recently identified an EncryptHub campaign that combines social engineering with abuse of the Brave Support platform to deliver malicious payloads via the CVE-2025-26633 vulnerability. In this blog post, we will break down the techniques used in the campaign and highlight the new tools employed by the threat group.

On August 12, 2025, Fortinet released fixes for a critical-severity vulnerability in FortiSIEM, tracked as CVE-2025-25256. The flaw arises from improper neutralization of special elements used in an OS command within the phMonitor service (TCP/7900). Successful exploitation could allow a remote, unauthenticated threat actor to execute unauthorized code or commands via crafted CLI requests.

Customers that have embraced DevOps often ask me for the best metrics to measure their program. I always advocate focusing on policy compliance as the number one metric for understanding your risk, as this provides a succinct measurement of the security of your applications. However, if you are looking to measure and motivate development teams, policy compliance doesn’t give you the granularity to introduce gamification or incentives.

The Tanium Connector for Microsoft Intune enables organizations to unify, manage, and report on all their endpoints—including those across multiple Intune tenants—through a single platform, streamlining security and operations workflows.

ClickFix campaign exploits CAPTCHAs, attack activity spikes ahead of CVE disclosures, and Vietnamese-speaking threat group deploys PXA Stealer.

In today’s rapidly evolving digital payment landscape, software security is no longer just a best practice—it’s a necessity. The PCI Software Security Framework (PCI SSF) sets the global benchmark for safeguarding payment applications and ensuring they are developed with security at the core. Whether you’re creating payment gateways, POS applications, or mobile payment apps, compliance with PCI SSF demonstrates that your software meets stringent security requirements.

ISO/IEC 27001:2022 provides a framework for managing information security using an Information Security Management System (ISMS). The October 2025 deadline to upgrade from the previous ISO 27001:2013 standard is coming fast, and organizations yet to transition risk losing their certification. Maintaining ISO/IEC 27001 certification is especially relevant for regulated industries, SaaS providers with enterprise customers, and global organizations handling sensitive data.

Did developers steal the spotlight of agentic workflows with the wave of AI coding assistants sweeping the media, startups, and tech? What about DevOps workflows, container security, and operating system vulnerability scanning? One of the most time consuming tasks of application security engineers and those responsible for production artifacts is tracking Common Vulnerabilities and Exposures (CVEs) and in what way they impact a bundled application.

Project Acacia is a research initiative led by the Reserve Bank of Australia (RBA) and the Digital Finance Cooperative Research Centre (DFCRC) that explores how digital forms of money—including central bank digital currencies (CBDCs), stablecoins, and deposit tokens—can support the development of wholesale tokenized asset markets in Australia. Project Acacia is being conducted in two phases.