Is the Stack the Real Problem?
What if the solution stack itself is broken? Complexity isn’t inevitable — it’s the enemy. Stop polishing the broken model.#CyberSecurity.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Faster, Smarter, Autonomous: Cloud Security with Wiz + Torq
Torq AMP spotlights the partners redefining what’s possible in security operations. Each partner brings a unique strength that seamlessly extends Torq’s autonomous SOC platform. Together, these partnerships help SOC teams achieve speed, accuracy, and scale that were once out of reach. Explore the future of SOC in the AMP’d Sessions video series. Cloud has changed everything: how we build, how we deploy, and how attackers strike.
Advanced Banking Trojan Maverick Uses WhatsApp to Prey on Brazilian Users
The BlueVoyant Security Operations Center (SOC) and Threat Fusion Cell (TFC) researchers recently analyzed attacks of an adversary targeting users based in Brazil via WhatsApp. The attack lures users into downloading a zip archive. The zip archive contains a shortcut file (.lnk) which ultimately downloads and executes a banking trojan which BlueVoyant researchers have dubbed Maverick internally based off the naming convention used by the attackers.
What is MCP. Demo with Dina Kozlov (Paypal, Stripe, and more)
Clip from a episode from late May 2025 about MCP (Model Context Protocol) servers. Cloudflare Product Manager Dina Kozlov goes into live MCP demos, practical use cases, and a look at how companies like Stripe, PayPal, and Anthropic are getting involved.
Splunk Attack Analyzer Feature Video: Following Complex Attack Chains
Learn how Splunk Attack Analyzer saves analysts time and enhances SOC efficiency by automatically analyzing complex attack chains.
Using Sigma rules in EventSentry
Shows how to create EventSentry event log filters based on Sigma rules, along with a short overview of Sigma rules in general.
Red Hat Targeted in Massive Data Leak After Scattered LAPSUS$ Hunters Joins Forces with Crimson Collective
Researchers at Foresiet are actively investigating a major data leak targeting Red Hat, following claims made by Scattered LAPSUS$ Hunters, who have reportedly joined forces with the Crimson Collective, following claims made by the Scattered LAPSUS$ Hunters, who have reportedly teamed up with the Crimson Collective.
Iframe Payment Security Risks and PCI DSS 6.4.3 Best Practices
Many teams assume that embedding payment forms in an iframe keeps them compliant with PCI DSS 4.0.1, Requirement 6.4.3. The reasoning sounds logical – compliance seems guaranteed if card data never reaches your infrastructure. However, iframe payment security PCI DSS 6.4.3 doesn’t work on assumptions; it works on control. The responsibility shifts to new layers of your website’s supply chain.
4 Common Myths About DevSecOps Debunked
DevSecOps is often discussed as the solution for integrating security into rapid development cycles. Yet, misconceptions about what it is and how it works can prevent teams from adopting it. As an engineering manager, you need to balance speed with quality, and introducing a new methodology can seem disruptive. The truth is, a well-implemented DevSecOps framework doesn’t create bottlenecks; it removes them. It empowers your team to build secure, high-quality software faster.
Avoiding Cyber Scams
In honor of Cybersecurity Awareness Month, we’re focusing on ways to avoid cyber scams. It may sound simple, but it isn’t, especially since cybercriminals are getting more and more clever in their methods. Scams can come in many forms, from fake emails to fraudulent websites, and they can be hard to spot if you’re not careful.