Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Prompt guardrails are a common first line of defense against client-level LLM application attacks, such as prompt injection and context poisoning. They’re also a critical component of a full defense-in-depth strategy for LLM security at the infrastructure, supply chain, and application level. The specific guardrails that teams implement depend highly on use case, but they are typically designed to.

In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting Domain Controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from a standard domain user to SYSTEM level access, potentially compromising entire Active Directory environments.

The recently published 2025 Latio Cloud Security Market Report, authored by industry analyst James Berthoty, captures a major transformation: cloud security is leaving behind static visibility tools and moving toward runtime-driven risk reduction. The report traces five years of evolution – from dashboards full of misconfigurations to platforms that can detect, prioritize, and mitigate threats in real time. Six key insights define this new era.

Learn how to make your website HIPAA compliant in 2025 with 30+ checklist items, from BAAs and access controls to client-side monitoring and audit-ready evidence.

Every time someone clicks “accept cookies,” a new layer of risk begins. What appears to be a simple consent interaction can activate dozens of unseen third-party scripts that collect, share, or store user data beyond your control. For marketers, cookies power analytics and personalization. For privacy and security professionals, they often create compliance gaps and data-security blind spots.

Netwrix’s culture of innovation thrives on curiosity, collaboration, and accountability. From integrating AI across development and customer experience to fostering cross-team creativity, innovation here moves sideways as much as it does down. During Innovation Week, leaders explore how AI and the 1Secure Platform are redefining data and identity security for the future.

In 2025, 36 years after the first ransomware attack was recorded, actors continue to zero in on the public sector, and there is no evidence they will slow down any time soon. In fact, our numbers suggest that ransomware attacks against government organizations are ramping up, causing crippling service outages, massive data loss, reputational damage, public distrust, and financial harm.

We found a path traversal vulnerability in Smithery.ai that compromised over 3,000 MCP servers and exposed thousands of API keys. Here's how a single Docker build bug nearly triggered one of the largest AI supply chain attacks to date.

Social media is so deeply intertwined into our lives that as our online presence grows, so does the opportunity for cybercriminals to exploit it. Our data shows just how widespread social media hacking is and who hackers typically target.

I’ve spent my career building and defending. I’ve seen the beauty of innovation and the brutality of cyber warfare. I’ve sat shoulder-to-shoulder with security engineers and platform teams in the trenches at 3AM responding to state-backed attacks where context and speed meant survival. In those moments, one truth becomes painfully clear: With AI, that gap just became a chasm. Agentic AI didn’t bend the rules of software — it rewrote them. Code now evolves in real time.