Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Let’s stop pretending AI is going to save security. Sure, it’s going to help — it already is. But the idea that defenders will somehow “keep up” with attackers just because they both have access to generative AI is a fantasy. I come at this from a red-team mindset. I’ve spent years thinking like an attacker. Now I work at a blue-team company trying to defend real systems. And here’s what’s obvious to me: AI is going to let attackers move faster.

As part of the 2025 Trustwave Risk Radar Report: Hospitality Sector, Trustwave SpiderLabs' Digital Forensics and Incident Response (DFIR) team provided an in-depth analysis of how phishing-based cybersecurity threat actors prey on organizations in the hospitality sector. Drawing on real-world incidents derived from Trustwave SpiderLabs everyday work, the report consolidates data from multiple investigations into a single case study under the pseudonym "Five Star Hotels".

Debt, with very few exceptions, is a liability. It causes stress, amplifies risks, and can spiral into perilous predicaments. Companies employ accountants to mitigate financial debt risks, but they often overlook a similar and equally dangerous risk: accumulating “Cyber-Debt.”

Cyber threats (also known as cybersecurity threats) are events, actions, or circumstances that have the potential to negatively impact an individual or an organization by taking advantage of security vulnerabilities. Cyber threats can affect the confidentiality, integrity, or availability of data, systems, operations, or people’s digital presence.

It’s no secret that the healthcare industry has a fraught relationship with cybersecurity. Despite being highly regulated, healthcare companies are hot targets for hackers. The wealth of patient data healthcare companies often possess sells for a premium on the dark web, and hackers have an opportunity to yield high ransom payouts due to the criticality of healthcare systems and services. After all, lives may truly be at stake amid a healthcare breach.

A Self-Assessment Questionnaire (SAQ) is a validation tool used by merchants and service providers to prove their compliance with the Payment Card Industry Data Security Standard (PCI DSS). Instead of undergoing a full audit, eligible businesses complete an SAQ based on how they handle payment card data. There are multiple SAQ types, each tailored to specific merchant environments. Choosing the wrong one can lead to compliance gaps and potential penalties.

On May 21, 2025, ProjectDiscovery published technical details for multiple vulnerabilities they discovered in Versa Concerto, including authentication bypasses, remote code execution (RCE), and container escapes. Versa Concerto is a centralized management platform used to manage Versa’s SD-WAN and SASE services. It is a Spring Boot-based application deployed via Docker containers and routed through Traefik.

The FBI has issued an alert on a wave of phishing attacks targeting Middle Eastern students who are studying in the US. The campaign has targeted students from the United Arab Emirates (UAE), Saudi Arabia, Qatar, and Jordan. The scammers impersonate government officials and claim there is an issue with the student’s visa.

Many organizations, after a period of relative quiet, might believe the ransomware bubble has burst. The headlines may have shifted, and other emerging cyber threats might seem to dominate the news cycle, but recent data from Marsh's 2024 UK cyber insurance claims report suggests otherwise. It paints a stark picture of an ongoing and evolving threat landscape. While claims decreased by 20% compared to 2023, they remained significantly higher than in previous years.

Many of today’s most damaging scams are built on repeatable, well-understood patterns. The legal world defines four core elements of fraud with direct applicability to today’s phishing, impersonation, and account takeover (ATO) threats: By understanding this structure, security leaders and fraud teams can spot threats earlier and counter them more effectively.