Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As students return to classrooms, a different kind of "back-to-school" activity is ramping up: Hack-to-School. Cybercriminals and nation-state actors are intensifying their focus on educational institutions. According to Bitsight Threat Intelligence, the education sector is now the third-most targeted industry by cyber threat actors, facing a wide range of persistent and emerging risks.

If mobile apps were high school stereotypes, social media would be the popular kid everyone gossips about, but secretly rolls their eyes at. Everyone uses them, everyone knows the risks, and yet everyone keeps showing up at their parties. In our consumer survey earlier this year, 56% of U.S. respondents said they trust social media apps the least with their personal data. Not banks, not e-commerce sites - social media.

The entire world of technology is abuzz about AI/ML. It’s arguably the most disruptive technology to society since the smartphone. In fact, Gartner estimates that the number of companies using open-source AI directly will increase tenfold by 2027.

As Fortra’s new File Integrity Monitoring Buyer’s Guide states, “What was once a security control for simple file changes now ensures integrity across organizations’ entire systems.” The landscape has evolved significantly since Fortra’s Tripwire introduced file integrity monitoring (FIM) over twenty years ago.

If your company is shipping chatbots, copilots, or decision systems, you have probably heard the question many times: what is data privacy in AI, and how do we do it right. The answer is simpler than it looks. Data privacy in AI is a set of habits and controls that limit what personal or sensitive data you collect, how you use it, where you store it, and who can see it. When those habits are part of the build, AI products move faster, customers feel safer, and audits become routine.

Attackers are abusing iCloud Calendar invites to send phishing messages that pose as PayPal notifications, BleepingComputer reports. Since the messages are sent from Apple’s infrastructure, they’re more likely to bypass security filters. BleepingComputer explains, “This email is actually an iCloud Calendar invite, where the threat actor included the phishing text within the Notes field and then invited a Microsoft 365 email address that they controlled.

The FBI and the American Bankers Association (ABA) have issued a joint advisory warning of the growing threat posed by AI-generated deepfake scams. “Criminals may pose as loved ones, government officials, law enforcement personnel, or even celebrities, often using fear and urgency to convince victims to send money or share sensitive information,” the advisory says.

CrowdStrike is introducing Falcon Complete Hub, a new feature within the industry-leading CrowdStrike Falcon Complete Next-Gen MDR, to provide security teams and leaders with unified insight into their managed detection and response (MDR) operations. Modern adversaries are moving faster than ever: eCrime threat actors achieved an average breakout time of just 48 minutes in 2024, according to the CrowdStrike 2025 Global Threat Report.

Elastic Defend delivers endpoint protection for macOS Tahoe 26 from the moment it’s released, ensuring your macOS fleet stays secure without delay. Apple macOS Tahoe 26 raises the bar on performance, usability, and security. Elastic Security is ready on day one, giving organizations the confidence to roll out new machines, upgrade existing devices, or evaluate macOS Tahoe 26 for future deployments without delay.

DoorDash scams are serving up trouble. Learn how to avoid fraud, phishing, and shady schemes as a customer or Dasher. DoorDash has become a staple for more than 40 million U.S. users, whether they’re ordering takeout or delivering it. But as the app’s popularity grows, so does the attention from scammers. A wave of new schemes is targeting both customers and delivery drivers, a.k.a. Dashers.