Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

I have been writing about the need to better train our programmers in secure coding practices for decades, most recently here and here. At least a third of data compromises involved exploited software and firmware vulnerabilities and we are on our way to having over 47,000 separate, publicly known vulnerabilities this year. There are at least 130 new vulnerabilities learned and publicly reported every day, day after day. That is a lot of exploitation. That is a lot of patching.

Google’s Mandiant has published guidance on defending against an ongoing wave of social engineering attacks targeting organizations’ Salesforce instances. The organized criminal gang tracked by Google as “UNC6040” has been using voice phishing attacks to trick employees into granting access.

The financial services industry operates in one of the most heavily regulated environments in the business world. With sensitive client data flowing through every transaction and communication, financial institutions face an increasingly complex web of compliance requirements that can make or break their operations. Traditional approaches to data governance simply aren't cutting it anymore. The Perfect Storm of Regulatory Challenges.

Containers have transformed how modern applications are built and deployed. They’re lightweight, portable, and allow teams to move software from development to production faster than ever before. But as adoption has accelerated, so have security concerns. From vulnerable base images to exposed Kubernetes clusters, container security has become a top priority for AppSec and DevSecOps professionals.

As education platforms embrace DevOps, missing backups in the overall data protection strategy will expose systems to outages, data corruption, ransomware attacks, and prolonged recovery times. Let’s break down how backing up data securely can shield education technology, with immutable storage, unbreakable encryption keys, and flexible recovery. and what problems organizations may face when backup and disaster recovery of such critical systems is overlooked.

Attackers exploit fragmented access controls and security blind spots to silently escalate their presence and prepare for data theft. The initial breach is usually only the start – what comes next will have a greater impact. Once an attacker compromises a single endpoint, the focus quickly shifts to expanding reach, moving laterally, elevating privileges, and staging data theft. If access controls are inconsistent or overly permissive, this becomes easy.

Your CI/CD pipeline may also be the rocket that propels your business, but it can also be the silent killer that will blow up all that you have created. Think about it. You have automated code builds, testing, and deployments. Your people are driving features at light speed. Customers are happy. Revenue is growing. But beneath the surface? A single crack will cause the entire system.

CornCon 11 emphasized security basics, real-world risk alignment, and sustainable practices to help teams build resilient programs in today’s complex threat landscape.

From human hands to autonomous agents: tracing the evolution of how work gets done Workflows are the hidden engine behind every organization. Whether it’s resolving a security incident, provisioning a new hire, or onboarding a new client, these sequences of tasks are what turn intent into action. But workflows didn’t always look the way they do today. Today, we’re exploring how workflows evolved from manual, human-led steps to powerful AI-driven systems.

This blog is the latest in a series that delves into the deep research conducted daily by the Trustwave SpiderLabs Threat Operations team on major threat actor groups and malware currently operating globally.