Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We’re excited to share new updates and enhancements for July, including: For more information on these updates and others, please read the complete list below and follow the links for more detailed articles.

Imagine a tireless, ever-learning army that never sleeps and never makes mistakes—an army of AI agents, not humans. What began as simple bots has evolved into sophisticated, autonomous entities operating in perfect sync at machine speed. This is no longer science fiction: autonomous AI is accelerating fraud, turning slow, manual crimes into rapid, relentless attacks. Agentic AI fraud isn’t coming—it’s here. Most organizations remain unprepared.

Modern applications have undergone a paradigm shift, with containers becoming the default choice for deployment. While their flexibility and scalability are well-recognized, their adoption has also surfaced new and complex security challenges. Organizations are now grappling with how to embed trust across their software supply chains, maintain compliance, and mitigate risks—especially as they increasingly incorporate open-source components and AI-generated code into their workflows.

Wireless networks have traditionally been a weak point in corporate cybersecurity. However, what was once a localized risk, limited to an office space, has now evolved into a more sophisticated threat, making detection more difficult.

Imagine: A newly acquired dataset is being prepared for use as a vector database to retrieve information, create recommendation systems, be used for threat detection or similarity-based alert triage. During integration, however, operational challenges surface. Platform constraints prevent full-scale ingestion, prompting an arbitrary reduction in the size of the dataset. As a result, performance degrades significantly.

In late July 2025, Arctic Wolf observed an increase in ransomware activity targeting SonicWall firewall devices for initial access. In the intrusions reviewed, multiple pre-ransomware intrusions were observed within a short period of time, each involving VPN access through SonicWall SSL VPNs. While credential access through brute force, dictionary attacks, and credential stuffing have not yet been definitively ruled out in all cases, available evidence points to the existence of a zero-day vulnerability.

Today, we’re thrilled to announce Mend Forge, our new AI native innovation engine and your window into what’s next in application security. At Mend.io, we believe that security innovation shouldn’t happen in a black box. The security landscape is shifting fast, driven by the explosive growth of AI generated code, AI powered applications, and rapidly evolving software supply chains.

In late July 2025, users discovered that ChatGPT chats, initially shared via link, were appearing in search engine results on platforms such as Google, Bing, and DuckDuckGo. These shared conversations included personal content relating to mental health, career concerns, legal issues, and more, without any indication of a data breach. Instead, the exposure resulted from a now-removed feature that enabled discoverability via search indexing.

On May 16th, 2025, the Japanese Parliament enacted a landmark piece of cybersecurity legislation: the Japan Active Cyberdefense Law. It was a historic moment for the country's digital defense, empowering law enforcement and military agencies to conduct pre-emptive cyber operations before they materialize.

Microsoft E5 can be an excellent security investment, but without targeted configuration, integration, and continual threat alignment, its value remains untapped. Over the years, building out custom SOC, MDR, and MXDR services has shown us how to move from licenced capability to reduced response times, cleaner telemetry, and security teams who trust the picture in front of them.