Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CXOs spend nearly 34% of their day reviewing reports, often bloated with metrics that don’t move the needle. Yet, despite all the dashboards and analytics tools available, most leaders still struggle to answer one question confidently.

Privileged access management (PAM) was once thought of in simple terms: secure the credentials of a handful of administrators managing on-premises systems. Vault the passwords, rotate them regularly, and record every privileged session It worked for a world with clear boundaries and predictable users. That world is now a museum piece. But here’s the shift: It’s not that PAM has changed. The very definition of privilege has evolved.

On October 10, 2025, crypto markets experienced their largest liquidation event in history. A whopping $19.5 billion was liquidated across all markets with approximately $1 trillion in total market cap wiped out. Binance halted trading. Ethereum Layer 2s lagged. Arbitrum fees spiked above $500, with median fees jumping to $116. The entire ecosystem was under unprecedented stress. This was the ultimate real-world test of mission-critical infrastructure.

If you were online yesterday, you probably noticed that a surprising amount of the internet simply wasn’t there. Uber, X, Canva, ChatGPT, and dozens of others all began returning internal server errors. For a few hours, it looked like the web had taken the afternoon off. As usual, the immediate assumption was that someone must be attacking the internet. Even Cloudflare initially suspected a large-scale DDoS event. When many unrelated services break at once, it often signals malicious activity.

Dissecting the active-in-the-wild OS command injection vulnerability and its implications for enterprise threat monitoring In November 2025, threat intelligence teams began warning of a newly discovered zero-day vulnerability in a widely-deployed web application firewall appliance. The vulnerability — CVE-2025-58034 — allows authenticated attackers to execute arbitrary OS commands via crafted HTTP requests or CLI commands.

Users and organizations should be prepared for a surge in phishing attacks over the next several weeks, as attackers take advantage of the holiday shopping season, according to a new report from Zimperium. The report notes that mobile phishing attacks increase fourfold during the holiday season. Many of these attacks impersonate well-known brands and online retailers, such as Amazon and eBay.

Ransomware attacks spiked in October 2025, with more than 700 organizations sustaining attacks, according to a new report from Cyfirma. “In October 2025, ransomware activity surged globally, marking a significant resurgence after a period of mid-year stability,” the report says. “Victim counts climbed to 738, driven by renewed campaigns from leading operators and the emergence of several new groups.

If you are dealing with securing cloud infrastructure, containers and applications, you probably have several security tools in place including cloud posture (CSPM/CNAPP), container security and runtime security. Tool coverage might look good on paper, but how can you know they work against real attacks? ARMO CTRL (Cloud Threat Readiness Lab) helps you test your cloud security tools by deploying a safe, controlled attack lab that mimics real attack behaviors end‑to‑end.

AI agents are finally moving past cute demos and into actual production workflows. With AWS AgentCore, teams can build agents that write tickets, call APIs, deploy infrastructure, invoke external tools, and make changes faster than any human operator ever could. That’s powerful, but it also introduces a brand-new operational and security surface. And here’s the uncomfortable truth: most organizations have no idea what their agents are actually doing. Agentic AI isn’t magic.

This blog kicks off our new series, Inside the Agent Stack, where we take you behind the scenes of today’s most widely adopted AI agent platforms and show you what it really takes to secure them. Each installment will dissect a specific platform, expose realistic attack paths, and share proven strategies that help organizations keep their AI agents safe, reliable, and compliant.