Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The AI Agent Security Summit 2025 brought together a vibrant community of security leaders, consultants, professionals, thought leaders, and vendors to discuss the unique security risks, obstacles, and solutions facing today's enterprises. The Summit was marked by an amazing turnout and engagement from the audience, presentations that centered around attack pathways, practitioner insights, and actionable solutions, and enlightening conversations that left attendees inspired and informed.

JUMPSEC have detected and tracked a new phishing attack campaign targeting numerous industrial sector organisations, predominately in engineering, construction, and energy sectors in the UK and US, where threat actors have consistently used a common and identifiable AITM (Adversary in the Middle) phishing kit throughout March 2025. At-risk organisations should take steps to reduce the risk of compromise as the infrastructure detailed below continues to be leveraged by threat actors.

In today’s rapidly evolving digital ecosystem, organizations are entrusted with an unprecedented volume of data. As cyber threats become more sophisticated and compliance demands grow increasingly stringent, establishing a strong information security posture has never been more critical. ISO/IEC 27001, an internationally recognized standard, serves as the foundation for building a comprehensive Information Security Management System (ISMS).

When was the last time your business or enterprise tested its defenses with a real-world attack simulation? If the answer is never—or more than a year ago—your company may be more vulnerable than you think. Regular penetration testing by an expert team like Cybriant is one of the most effective ways to uncover and fix security weaknesses before attackers exploit them. Interested in learning more? Read on.

We are excited to announce the launch of Veracode Threat Research, a new initiative to counter software supply chain threats. Thanks to the acquisition of Phylum, Inc., we are now equipped with cutting-edge technology and a wealth of expertise to revolutionize how we secure the open-source ecosystem and protect your developers from novel attacks.

Trustwave MailMarshal fortified its position as a leading secure email gateway by being named a Top Player in Radicati’s Secure Email Market Quadrant 2025 report. This is the second consecutive year that Radicati has recognized Trustwave MailMarshal for its ability to protect organizations from email-based attacks.

The history of penetration testing begins with military strategies used to test enemy defenses. Over time, this evolved into a formal practice for identifying vulnerabilities in computer systems. This article traces the brief history of of penetration testing, from its early conceptual roots in military exercises, through the rise of ‘Tiger Teams’ in the 1970s, to the sophisticated tools and methodologies in use today.

On March 21, 2025, CrushFTP privately alerted customers to a critical authentication bypass vulnerability, now tracked as CVE-2025-31161. Since the initial disclosure, a proof-of-concept (PoC) exploit has been made publicly available, and the CrushFTP CEO has confirmed observing customer compromises via CVE-2025-31161.