Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The modern automation stack makes it almost trivial to connect enterprise tools: By combining these, you can create an “AI agent” that reads a message in Slack, uses an LLM to classify or summarize it, and then creates a new ticket in YouTrack—all in minutes.

Risk is an ever-present factor in business, influencing almost every decision that organizations make. From investments and operations to market expansion and product development, every decision carries with it inherent risks that could either be mitigated or amplified based on how well they are understood and managed. Quantitative risk analysis offers a structured, data-driven approach to assess these risks, paving the way toward more informed and resilient business decisions.

The line between the digital and physical worlds blurs completely when a cyber attack results in widespread, tangible disruption. For thousands of travelers, this became a harsh reality when major European airports were forced to delay flights due to a ransomware attack targeting a vendor in the supply chain.

BlueVoyant recently announced its strategic partnership with the Automotive Information Sharing and Analysis Center (Auto-ISAC), the central organization for cybersecurity collaboration in the automotive industry. Information Sharing and Analysis Centers (ISACs) are important organizations that provide a central resource within a given sector for gathering, analyzing, and sharing information on cyber threats and vulnerabilities.

Key insights from a fireside chat between Nightfall CEO Rohan Sathe and cybersecurity veteran Enrique Salem, Partner at BCV and Nightfall investor Twenty years ago, enterprise security teams scrambled to address shadow IT as employees brought consumer applications into the workplace. Today, we're witnessing the same phenomenon with AI tools—what we now call shadow AI. The fundamental question remains unchanged: What happens to our data?

The financial sector remains one of the most targeted industries for cybercriminals and nation-state actors due to the sensitivity of customer data, the high value of financial transactions, and the critical role these institutions play in global stability. Bitsight’s 2025 State of the Underground report found that underground markets listed nearly 14.5 million compromised credit cards in 2024, representing a 20% increase over 2023. This growth was driven entirely by a surge in US-issued cards.

In vulnerability management, every scan tells a story. The truth is that only some of those stories matter right now and that the challenge isn’t finding vulnerabilities. It’s knowing which ones are about to cost you. If you’re dealing with hundreds of vulnerabilities per asset, especially if you’ve adopted cloud solutions, you’re not alone. That’s become the norm. But you can’t patch everything, and you shouldn’t even try.

In our previous post, The ABC’s of Ishing, we broke down the foundational tactics used by cybercriminals to deceive users and gain unauthorized access. This follow-up report expands on that foundation by exploring three evolving phishing threats that go beyond traditional email lures. Angler Phishing, Calendar Phishing, and Captcha Phishing each exploit trust in everyday digital tools—social media platforms, calendar invites, and CAPTCHA challenges.