Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Multi-agent systems (MAS) are reshaping industries from IT services to innovative city governance by enabling autonomous AI agents to collaborate, compete, and solve complex problems. This powerful transformation comes with a cost. As multi-agent systems grow, their risks also increase, opening the door to adversarial manipulation, emergent vulnerabilities, and distributed attack surfaces.

As part of the 2025 Trustwave Risk Radar Report: Hospitality Sector, Trustwave SpiderLabs' Digital Forensics and Incident Response (DFIR) team provided an in-depth analysis of how phishing-based cybersecurity threat actors prey on organizations in the hospitality sector. Drawing on real-world incidents derived from Trustwave SpiderLabs everyday work, the report consolidates data from multiple investigations into a single case study under the pseudonym "Five Star Hotels".

As the summer travel season approaches, travelers worldwide are busy booking their holidays, entrusting the hospitality industry with some of their most sensitive personal and financial information. Unfortunately, this makes the sector a prime target for threat actors looking to exploit and steal this data. To help organizations in the hospitality sector address these risks, Trustwave SpiderLabs has released the 2025 Trustwave Risk Radar Report: Hospitality Sector.

The summer travel season is almost here, and travelers worldwide are in the process of booking their holidays, thus placing some of their most vital personal and financial information into the hands of the hospitality industry. A fact not lost to threat actors who thrive on gaining access and stealing this data.

Modern cloud ecosystems often place a single identity provider in charge of handling logins and tokens for a wide range of customers. This approach certainly streamlines single sign-on (SSO) for end users, but it also places enormous trust in a single set of signing keys. If those private keys are compromised, attackers can create tokens that appear valid to any service that relies on them.

Trustwave has introduced MailMarshal Integrated Cloud. A new email security offering which is designed to deliver advanced, layered protection for organizations using Microsoft 365. MailMarshal Integrated Cloud is a cloud-native solution that provides a seamless, API-led security layer that enhances resilience against sophisticated email threats, making it even easier for organizations operating in a Microsoft 365 environment to create a layered defense.

Scattered Spider, aka UNC3944, is switching the focus of its retail-oriented attacks from the UK market to the US, according to published reports. At this time, no US retailers have been named as targets, but the alleged Scattered Spider activity is a clear sign retailers in the US and worldwide need to prepare.

Dependency management is one of the biggest challenges in modern software development. Large projects often rely on dozens or even hundreds of libraries. Each one can introduce new vulnerabilities or even malicious code. Attackers sometimes upload fake packages to popular open-source repositories, hoping that build systems will download these packages automatically. This problem is made worse by transitive dependencies, where a single library might include several other libraries under the hood.

Trustwave SpiderLabs’ upcoming report, the 2025 Trustwave Risk Radar Report: Hospitality Sector, will be released on May 21 and will delve into the latest threat landscape, highlighting critical vulnerabilities and offering actionable insights to help hospitality businesses stay secure. The report notes that the hospitality industry has become a prime target for cybercriminals, with threats growing in volume and sophistication.

At a recent Sydney luncheon, Trustwave sat down with a room of senior security leaders to dig into the evolving role of red and purple team testing in a modern technical security assurance program. The discussion was led by Trustwave's Craig Searle, Director of Consulting & Professional Services in Pacific at Trustwave and TJ Acton, Director of SpiderLabs Testing, Pacific. More than 20 Sydney-area security professionals attended the event at Restaurant Huberts.