Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The number of ransomware attacks increased by 50% in 2025, even though the number of victims who decided to pay the ransom fell to an all-time low, according to a new report from Chainalysis. The size of the ransom for victims who did pay increased significantly, growing 368% year-over-year to nearly $60,000. The total ransom payments observed by Chainalysis last year amounted to $820 million.

Security awareness programs are built on measurement. Before you can reduce human risk, you need a clear understanding of where knowledge gaps exist across your workforce. For many organizations, that process starts with a baseline assessment. For years, KnowBe4’s Security Awareness Proficiency Assessment (SAPA) has provided that foundation.

Long-time followers of mine know that I am not an AI hype person. Some people might even call me an AI critic. I prefer to call myself an AI realist. I do not think AI will kill us all (despite our best efforts to bypass all guardrails and common sense). I do not think AI will replace all jobs. I do not think AI will replace all cybersecurity jobs. But I do think AI allows improvements in many areas, including cyber defenses, over traditional tools and techniques.

More than 90% of successful cyberattacks start with email, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA). That’s not because security teams lack tools, but because attackers target human decision-making. For years, organizations treated email security as a filtering problem: block enough malicious messages, and risk goes down. That assumption no longer holds.

As I wrote in my recent book, How AI and Quantum Impacts Cyber Threats and Defenses, as we humans use AI more and more, AI will begin to communicate with itself using new AI-only communication methods that humans cannot easily see or read. If there is no human-readable audit trail or code, this is a very, very bad thing. It must be stopped at all costs. Humans are absolutely beginning to use AI more and more to do things they used to do manually. Soon, we will all be using multiple AI agents.

OSINT stands for open-source intelligence. It is the collection, analysis, and dissemination of information from publicly available sources, such as social media, government reports, newspapers, and other public documents. OSINT is commonly used by intelligence agencies, private investigators, and law enforcement to gather information about an individual or organization. The OSINT framework showcases the multiple ways in which organizations can gather intelligence.

Most data breaches don’t happen because systems fail. They happen because people make routine errors. Attackers know this, which is why social engineering has become the dominant attack vector, exploiting everyday actions like emailing files or responding to messages. Today, 70–90% of successful cyber attacks involve social engineering, resulting in data exposure that technical safeguards can’t intercept.

Fake calendar invites have been a problem on Gmail for years. Even though they could appear on other calendar services, I hadn’t seen or read about a lot of it. Gmail had been taking the brunt of the fake calendar invites. However, I got a scam Microsoft Outlook calendar invite recently, and other Outlook users are complaining more as well. So, what was previously happening mostly in Gmail has now moved over to Outlook, too. I am a busy guy.

Email attacks have become one of the key ways for hackers to target organizations and individuals. The sheer number of tools available has made it easier than ever for non-technical cybercriminals to launch sophisticated cyber attacks. As a result, many resources are available for each stage of the kill chain – from reconnaissance to delivery to weaponization. This article focuses on the second stage of the cyber kill chain – weaponization.

Messaging platforms are now a major vector for phishing and other social engineering attacks, according to a new report from NCC Group’s Fox-IT. The researchers warn that legitimate messaging apps such as WhatsApp, Telegram, Discord, Signal, LinkedIn, and Gmail-integrated messaging serve as avenues through which attackers can target users while evading email security filters.