Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Your backup system is supposed to be your safety net. It’s the insurance policy that lets you sleep at night knowing that even if disaster strikes, your business can recover. But there’s a problem: ransomware attackers know about your backups too. And they’re coming for them first. According to data shared in our recent webinar with Pellera, 89% of organizations that experienced ransomware attacks saw clear indications that attackers specifically targeted their backup infrastructure.

KnowBe4 Threat Labs has uncovered an emerging advanced phishing campaign targeting Microsoft 365 users globally to steal their credentials. The attackers are wielding a powerful new tool that’s completely changing the game for cybercriminals—turning what used to be complex, technical phishing setups into simple one-click launches that can bypass certain technical controls. Welcome to the era of “Quantum Route Redirect.".

The package states it is for the GitHub Actions Toolkit, which has a legitimate npm package @actions/artifact. Therefore this malware package is a clear typosquat with the swapping of the letters “ti” for “it”. We took a look at the “harness” binary as indicated in version 4.0.13.

BlueVoyant’s Threat Fusion Cell (TFC) and Security Operations Center (SOC) have uncovered a cyber campaign that signals a concerning evolution in the threat landscape: the rise of the "LLM-Enabled Developer." In-depth analysis suggests the actor behind an ongoing ClickFix campaign leveraged publicly documented advanced attack chains, powered by AI-generated code, to deploy a less sophisticated, but capable Node.js RAT.

Last week at the AI Security Summit, something profound happened. The first cohort of AI Security Engineers in the world earned their certification — a milestone that symbolized not just new skills, but a new mindset. For decades, security has been about control. Rules, gates, and policies that define what’s safe and what’s not. But the age of Agentic AI — systems that perceive, reason, act, and learn — is forcing us to evolve beyond static defenses.

The cloud has transformed collaboration. Teams now share documents, slides, spreadsheets, and more in real time, without worrying about content silos or email chains (a hotspot for inefficient sharing). For most files, it’s seamless. But here’s the reality: Not all work lives comfortably in the cloud. Designers, video editors, engineers, and data scientists are just a few of the professionals who depend on desktop native apps to do their best work.

For many companies, the choice comes down to resources. Running your own SOC requires significant investment in staff, training, and technology.

CrowdStrike has been named the Overall Leader in the 2025 KuppingerCole Leadership Compass for Identity Threat Detection and Response (ITDR), positioned furthest to the right. This validates our ongoing mission to secure every identity — human, non-human, and AI agent. We are recognized as a Leader across all key categories: Product, Innovation, Market, and Overall Ranking.

Does the world really need another study of shadow AI? That was my first thought going into this project. Reading dozens of previous reports did not change that impression: there's a lot of shadow AI out there, and a lot of reports saying so. But the more I read, the more apparent it became that something important was missing. This endless supply was not meeting what was actually in demand.

Six months after launch, Alfred, the AI Agent that autonomously builds security tests, has revolutionized our workflow. Alfred has delivered over 450 validated tests against high-priority threats (average CVSS 8.5) with 70% requiring zero manual adjustment, allowing our human security researchers to concentrate on more complex, high-impact issues. Now, we’re elevating Alfred’s capabilities by integrating real-world threat actor intelligence directly into its core system.