Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Professional phishing groups are targeting customers of brokerage firms in order to manipulate stock prices, KrebsOnSecurity reports. The attackers use a technique called “ramp and dump” to profit from the scheme. “With ramp and dump, the scammers do not need to rely on ginning up interest in the targeted stock on social media,” Krebs explains.

Attackers are using a Japanese Unicode character to replace forward slashes in phishing URLs, BleepingComputer reports. The attacks impersonate Booking.com with phony emails that inform users of a new login to their account. “The attack, first spotted by security researcher JAMESWT, abuses the Japanese hiragana character “ん” (Unicode U+3093), which closely resembles the Latin letter sequence '/n' or '/~', at a quick glance in some fonts,” BleepingComputer explains.

In this series, we first explored the psychology that makes HR phishing so effective, then showcased the real-world lures attackers use to trick your employees. Now, we’re going under the hood to answer the critical question: How do these attacks technically bypass security defenses?

Artificial Intelligence (AI) is reshaping how we work and lead. At 1Password, we see AI as a powerful accelerator that helps our teams focus on the work that matters most. To explore what it means to lead in this new era, we sat down with Nancy Wang, VP/Head of Engineering. Nancy shares how AI shows up in her day-to-day, how she inspires her team to be curious, and why human skills like trust matter more than ever.

Ariel Beck has over a decade of software engineer and system architect experience. As current Head of Architecture at Jit.io, Ariel believes in proactively shaping the tech landscape to create secure, scalable solutions. Security experts dedicated to shaping insightful editorial content, guiding developers and organizations toward secure cloud app development. Dive into a wealth of knowledge and experience in fortifying software integrity.

When it comes to driving directions, it is easy to become dependent on a navigation system, especially when you are in an unfamiliar area. Unfortunately, when you run into one of those pesky locations that still don’t have wireless coverage you can quickly find yourself without much of an idea of where to turn next. Managing network infrastructure shouldn’t feel like navigating in the dark.

Security teams need automation, clarity, and speed to stay ahead. This month’s updates continue to refine the CyCognito experience so you can maintain an accurate asset inventory, pivot through investigations quickly, and share the right information with stakeholders. In the past few weeks we delivered improvements across automation (including Action Rules), APIs improvements, new investigation and management options, and reporting controls for PDFs. Below is a detailed look at what is new.

Over the last year, I’ve spent countless hours with CISOs, CTOs, and security architects talking about a new wave of technology that’s changing the game faster than anything we’ve seen before: Agentic AI and Model Context Protocol (MCP) servers. If you think AI is still in the “cool demos and pilot projects” stage, think again. We’re already seeing autonomous agents reasoning, remembering, and taking actions in live production environments.

Kubernetes v1.34 is coming soon, and it brings a rich batch of security upgrades – from alpha features that hint at the future of zero-trust Kubernetes, to mature enhancements making their way into stable releases. Whether you’re managing a production cluster or exploring new security patterns, this release has something worth your attention.