Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Malvertising campaign threatens global devices, a new XCSSET variant adds obfuscation and enhanced persistence, and an ongoing campaign uses fake GitHub repositories to spread malware.

Business email compromise (BEC) attacks rose 13% last month, with the average requested wire transfer increasing to $39,315, according to a new report from Fortra. “The average amount requested from BEC wire transfer attackers was $39,315 in February compared to $24,586 in January 2025, an increase of 60%,” the report says.

Though 2024 may be behind us, many of the security threats and vulnerabilities that organizations faced last year remain. The CrowdStrike Professional Services Red Team tracks them all in its efforts to defend organizations against adversaries. The three most common exploitation paths we encountered were: In this blog, we break down these three critical exploitation paths, detailing how they occur and what steps organizations can take to mitigate them.

The evolving landscape of state-sponsored threats demands the highest levels of security for federal systems and critical infrastructure. As part of our longstanding commitment to protecting federal agencies and critical infrastructure, the AI-native CrowdStrike Falcon platform has achieved Federal Risk and Authorization Management Program (FedRAMP) High Authorization — the U.S. government’s most stringent cloud security standard.

Today, we’re excited to share that Tines Workflow Automation is now available directly through Elastic. Countless mutual customers already benefit from combining Tines' orchestration and automation capabilities with Elastic Security and Observability, allowing them to strengthen defenses, ensure operational resilience, and maximize the return on their existing investments.

What is an ”AI agent”? Confusion abounds. There is also some consensus: agents must of course be AI-driven systems. They should have some degree of autonomy, and they should be able to use tools in addition to understanding and reasoning. But why isn't, say, ChatGPT an agent? According to most definitions out there, it actually is. Yet most (including OpenAI themselves) don’t describe it that way.

Most organizations are using AI in some way today, whether they know it or not. Some are merely beginning to experiment with it, using tools like chatbots. Others, however, have integrated agentic AI directly into their business procedures and APIs. While both types of organizations are undoubtedly realizing remarkable productivity and efficiency benefits, they may not know they are putting themselves at a significant security risk.

Using unapproved tools, software, and devices poses a significant risk to your organization. You never know what vulnerabilities so-called “shadow IT” may introduce, leaving your sensitive data and systems exposed to potential threats. In this article, we define the term shadow IT and explore several reasons why employees use unapproved software.

Legacy DLP solutions, as well as CASB and app-native DLP solutions, face significant challenges in providing comprehensive coverage across modern SaaS, AI apps, and endpoints. Lack of visibility, clumsy deployments, and expensive implementations are common drawbacks of using these tools — and they leave big gaps in data loss prevention. Even today, we’re still seeing the same problems that have persisted for decades in today’s DLP solutions.

Cybersecurity investment is a critical balancing act between cost and protection. Threat intelligence is often seen as a crucial part of this equation, providing insights that help businesses anticipate and prevent cyber attacks. Yet when it comes to evaluating the return on investment (ROI) of threat intelligence, the focus often remains narrowly on its role in threat detection. This limited perspective misses the broader strategic value that high-quality intelligence brings.