Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Stopping a cyber incident and restoring operations requires more than technology — it depends on having the right plans, people, and processes working together under pressure. Effective incident response (IR) readiness helps position your organization to act with precision to contain threats, prevent escalation, and return to normal operations quickly. A cornerstone of a mature IR strategy is the tabletop exercise.

Arctic Wolf Labs has identified and analyzed a new malware loader we’re calling Caminho, a Brazilian-origin Loader-as-a-Service (LaaS) operation employing Least Significant Bit (LSB) steganography to conceal.NET payloads within image files hosted on legitimate platforms.

Organizations continue their digital transformation, with APIs now serving as the main communication links between applications, platforms, services, and partners. The widespread use of APIs introduces new security risks despite their common presence. The growing number of APIs significantly increases the cyber risks that security teams must address as they keep up with technological advances.

The latest CloudCasa Feature Update introduces a range of powerful new features and improvements that every user should know about. This release delivers major advancements in Kubernetes disaster recovery and backup flexibility, helping organizations recover faster, simplify management, and protect workloads across diverse environments.

Every organization faces ransomware, but not every organization is prepared to handle it. The CrowdStrike State of Ransomware Survey explores the substantial gap between confidence in global businesses’ ransomware readiness and their actual preparedness — a gap poised to grow as adversaries use AI to launch faster, stealthier attacks.

Security teams face overwhelming complexity. Enterprises employ a multitude of security tools, each with its own console, siloed data, and disconnected workflows that slow investigations and increase risk. This fragmentation is especially dangerous as adversaries grow faster and smarter and pursue cross-domain attacks.

JFrog Security Research recently discovered and disclosed multiple CVEs in oatpp-mcp – the Oat++ framework’s implementation of Anthropic’s Model Context Protocol (MCP) standard. Among these, CVE-2025-6515 stood out due to its potential threat of hijacking MCP session IDs. Within the context of MCP we’ve dubbed this new attack technique “Prompt Hijacking“. Your browser does not support the video tag.

AI isn’t the future, it’s here. Your CEO’s talking about it in board meetings. Your manager wants to know if it'll save time or just add more work. And you? You're wondering if it's going to make your job easier or just add noise. The excitement is justified. McKinsey says nearly 80% of companies are using AI somewhere in their business. But here's what most people miss: very few have gotten it to work across their entire organization. Why?

CISA has just added a new CVE regarding SMB, with a very high CVSS rating. CVE-2025-33073 is a high-severity (CVSS 8.8) vulnerability in the Windows SMB client caused by improper access control (CWE-284). An authenticated attacker can exploit it over the network to gain elevated privileges. Microsoft has issued guidance on how it should be patched and CalCom recommend this be done immediately.

Trust is the foundation of the digital world. Every time a customer visits a website, processes a financial transaction, or connects to a business application, that trust is validated by TLS certificates. For years, TLS certificate lifespans stretched comfortably to 13 months or longer, giving teams ample time to track and renew them before they expired and caused an application outage. In some situations, even manual renewals were viable for longer lifespan certificates. That era is ending.