Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

npm now freezes high-impact accounts after risky account changes

npm shipped a new protection this week for its most depended-on accounts. When npm detects a sensitive action on a high-impact account, like an email swap or the use of a 2FA recovery code, it puts that account into a 72-hour read-only state and sends an alert to the previous email address. The package installs and downloads keep working as normal during this time, and the freeze lifts automatically at the end of the waiting period.

Microsoft WinRM Data in Graylog

If you’re running Windows in your environment, WinRM is one of the most valuable, and most abused channels in your infrastructure. Graylog provides a purpose-built way to make those logs immediately actionable. The Microsoft WinRM Content Pack, available with an Illuminate license and Graylog Enterprise or Graylog Security, delivers ready-to-use parsing rules, streams, GIM categorization, and a dashboard so you can turn raw WinRM operational events into structured, searchable security intelligence.

The MSP's Invisible Enemy: How to Pinpoint Friction in Cybersecurity

In managed security, failures rarely happen because of a lack of technology. They happen because of friction, small operational bottlenecks that slow down detection, skew prioritization, or delay incident response. That friction is silent, but deadly. More than any single tool, it determines an MSP’s actual capacity to protect its clients at scale. So, the real question isn't whether you have enough visibility. It’s: Where are your operations failing without you even realizing?

Persona's Sentinel helps you assess risk at every moment

You've built rigorous identity verification flows. You're running liveness detection, document checks, and behavioral analysis. And when users make it through, you rightfully clear them as trusted. But when users aren’t in a verification flow, you lose insight into the device, network, and behavioral signals that could flag a major risk. Sentinel extends passive signal collection to any moment in the user's life cycle.

FTC Report: Americans Lost $3.5 Billion to Imposter Scams Last Year

Imposter scams were the most commonly reported type of fraud in 2025, with Americans reporting $3.5 billion in losses, according to new data from the US Federal Trade Commission (FTC). Reported losses have increased nearly three times since 2020, and the true number is likely much higher since many scams go unreported. Losses across all types of fraud surged to $16 billion, a 25% increase compared to 2024.

Security Orchestration Tools: A CISO's Guide to SOAR

Your SOC probably already has good tools. A SIEM collects logs. An EDR catches suspicious endpoint behavior. Firewalls, identity systems, ticketing platforms, and threat intelligence feeds all do their part. Yet the team still spends too much time copying indicators from one console to another, validating the same alert twice, and documenting the response after the fact. That's the operational gap security orchestration tools are meant to close.

Why crypto companies still struggle to gain banking trust

The cryptocurrency industry has made significant progress in regulatory compliance over the past several years. New licensing frameworks and stricter anti-money laundering requirements have raised standards across the market. Even so, many legitimate crypto businesses continue to face difficulty when opening or maintaining banking relationships.

The "Macs Don't Get Viruses" Myth Is Officially Dead in 2026

For many years, Apple users have believed that Mac computers are naturally protected from cyber threats. This perception was shaped by the relatively low number of attacks targeting macOS in the past. However, the cybersecurity environment in 2026 presents a very different reality. As Apple's global market share has expanded and Mac users have become increasingly valuable targets, cybercriminals have shifted their focus toward developing attacks specifically designed for macOS.

Strategies for Building a Reliable Transportation Workforce

The transportation industry keeps economies moving. From food and medical supplies to retail products and industrial equipment, nearly every sector depends on efficient logistics. Yet one challenge continues to affect fleets of all sizes: building and maintaining a dependable workforce. Driver shortages, changing regulations, and increasing customer expectations have made talent acquisition and retention more important than ever. Companies that invest in workforce development are better positioned to maintain service quality, reduce turnover, and remain competitive in a demanding market.