Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In today's fast-paced world of digital transformation, APIs serve as the backbone of modern applications, enabling innovation and efficient data sharing. Nevertheless, the rise in API usage has expanded the attack surface, making solid security protocols essential. This post delves into how the partnership between Salt Security and HCL AppScan API Security is transforming API governance, equipping organizations to actively manage API security through thorough discovery and contextual risk assessment.

Last week, one of the biggest concerns in the cybersecurity industry created a crisis that was avoided at the last minute. On April 16th, 2025, the MITRE Corporation announced: “The current contracting pathway for MITRE to develop, operate, and modernize CVE and several other related programs, such as CWE, will expire.” Official letter from MITRE Corp announcing the implications and expiration of the CVE Program.

At first, hearing this common refrain from security leaders comes as a shock. But if you know about the limitations of legacy data loss prevention (DLP) solutions, this statement makes perfect sense. Legacy DLP can leave security teams with the assumption that they have full control over their data risk profile and vectors. In reality, blind spots can occur in any security configuration.

Erlang/OTP ships with an SSH daemon that many telecom, IoT, Elixir/Phoenix, RabbitMQ and CouchDB deployments leave running for convenience. A flaw in how that daemon parses pre-authentication SSH protocol messages enables an attacker to break out of the key-exchange state machine and open an arbitrary channel before credentials are verified.

When I read Eyal’s blog, Why FWaaS is the Only Way Out of Endless Appliance Patching, I imagined a time in the immediate now (oxymoron intended); a time where the word “patching” is as quaint as rotary phones. In my mind, I was Marty McFly, jumping out of the DeLorean, shocked to discover that in the year 2025, we’re still patching appliance boxes. But here’s the kicker: everything has changed. Except the way we think about patching.

Welcome to the 2025 Identity Security Landscape rollout—and to the “it’s complicated” phase of our relationship with AI. Each year, CyberArk surveys security leaders across the globe to understand their top identity security concerns. This year, AI delivered the trifecta: attack weapon, defense tool and risk multiplier.

Imagine this: a customer clicks a paid search ad that looks exactly like your brand—same logo, same layout, even your brand tone. They enter their login credentials, maybe their payment details… and they’ve just handed everything over to a scammer. This is domain spoofing in 2025. And it’s scaling faster than most businesses are prepared for.

According to our independent survey of individuals across the UK, USA, Netherlands, France, Denmark, Sweden, the DACH region, and Africa who use a laptop as part of their work, 90.1% find simulated phishing tests relevant. What’s more, 90.7% agreed that these simulations improve their awareness of real phishing attacks.

A new report from Sophos found that ransomware attacks accounted for over 90% of incident response cases involving medium-sized businesses in 2024, as well as 70% of cases involving small businesses. “While the overall number of incidents in 2024 was slightly down—in part because of better defenses and the disruption of some major ransomware-as-a-service operators—ransomware-related crime is not fading away,” Sophos says.

Safepay is a newcomer to the ransomware landscape. Since its first published attack in October 2024, the group has attacked over 50 organizations worldwide. SafePay maintains a dark web blog and a presence on the TON network for victim communications. The group employs the increasingly common double extortion model, combining data encryption with the theft of sensitive information to pressure victims into payment.