Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

IT and security leadership faces daily pressures to respond swiftly to emerging challenges. This often leads to tactical, short-term decisions aimed at extinguishing immediate fires. Although these responses may address urgent concerns temporarily, they rarely provide lasting value or strategic clarity.

PayPal was established in 1998 by Peter Thiel, Luke Nosek, and Max Levchin. The application's goal was cybersecurity for handheld devices before pivoting to a digital wallet. It merged with X.com in 2000 and was later rebranded for online payment systems. After spinning off from eBay in 2015, the platform expanded globally to democratize financial services to ensure everyone can access convenient products.

In our previous post, we highlighted a key insight from the 2025 KuppingerCole Leadership Compass: securing AI depends on securing APIs first. The report emphasizes that as AI use grows, the attack surface for APIs becomes more complex and risky. With many solutions available, navigating vendor claims can be challenging, making independent expert analysis extremely valuable.

In our 2025 State of the Underground report, we found that 384 unique varieties of malware were sold across the top three criminal forums in 2024, a 10% increase from 349 in 2023, signifying an expansion in the underground malware marketplace. These figures reflect malware explicitly offered for sale (not shared freely), and each distinct version or naming variation is counted independently.

More than 16 billion passwords, cookies and tokens were recently exposed in one of the largest data breaches in history. The scale of the theft, with data from services including Google, Apple, Facebook, Amazon and Microsoft, makes one conclusion clear: credentials are the first step in compromising critical data.

During a recent Advanced Continual Threat Hunt (ACTH) investigation, the Trustwave SpiderLabs Threat Hunt team identified a deceptive campaign that abused fake AI-themed content to lure users into executing a malicious, pre-configured ScreenConnect installer.

Open-source software repositories have become one of the main entry points for attackers as part of supply chain attacks, with growing waves using typosquatting and masquerading, pretending to be legitimate. The JFrog Security Research team regularly monitors open-source software repositories using advanced automated tools, in order to detect malicious packages.

Shared workstations are essential to productivity in manufacturing, but they can also create blind spots in your organization’s security. Inadequate identity verification, poor security practices, and a lack of accountability make them a prime target for ransomware, phishing, and insider attacks. Security leaders often aren’t sure about where to begin when securing shared workstations.

I still remember the soft whir of the server room fans and that faint smell of ozone when we, a team of cybersecurity analysts, traced a spike in traffic to a “harmless” low-code workflow. A store manager had built a nifty dashboard to pull sales numbers. It looked tidy, almost playful – boxes, arrows, green check marks. Under the hood, it was hitting an internal API without proper authentication.

CrowdStrike has been named a Leader in the IDC MarketScape: Worldwide Incident Response Services 2025 Vendor Assessment. We believe this validation reflects CrowdStrike’s strength in delivering rapid, effective response, powered by the AI-native CrowdStrike Falcon platform, frontline breach expertise, and a global 24/7 incident response model designed for today’s most advanced threats.