Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Developers now chart courses through environments as dynamic and unpredictable as open skies, plotting efficient courses through shifting clouds of technology to reach ambitious goals. Increasingly, AI assistants are copilots on these journeys—streamlining workflows, reducing repetitive tasks, and enabling teams to navigate more complex terrain with speed.

The June 2025 disclosure that over 16 billion passwords were leaked has raised significant concerns in the digital community. Reports suggest that many of these credentials are recycled from previous breaches, with a significant number used for business access. This massive data breach highlights the urgent need to strengthen password security. Don’t wait for the next breach to act. Follow these steps to safeguard your data today.

At CyberArk, the trust and security of our customers are at the heart of everything we do. Today, July 15th, we are addressing the publication of several Common Vulnerabilities and Exposures (CVEs) related to CyberArk Secrets Manager, Self-Hosted (formerly Conjur Enterprise) and Conjur Open Source (OSS). We regret the challenges this situation may pose to our customers and reaffirm our commitment to supporting them through the resolution process.

What does it take to stay calm in the face of constant cyber pressure—and why does that mindset matter more than ever? In this episode of Security Matters, host David Puner speaks with Den Jones, founder and CEO of 909Cyber, about his transition from enterprise chief security officer (CSO) to cybersecurity consultant.

Modern enterprises are facing an identity explosion. Fueled by cloud adoption, DevOps acceleration, and now agentic AI, the number of human and machine identities is growing faster than most organizations can manage. According to the CyberArk 2025 Identity Security Landscape, 9 out of 10 organizations report a successful identity-centric breach, with relentless and sophisticated bad actors continuing to target identities. Machine identities now outnumber human identities by an astonishing 82:1.

Scattered Spider has emerged as one of the most disruptive advanced persistent threats in recent years, breaching major organizations across telecom, gaming, transportation, and retail. In the last few months, the group has escalated its activity—targeting financial services and launching coordinated ransomware campaigns that have crippled operations and exposed sensitive data.

Alex was the kind of IT administrator who kept everything humming smoothly behind the scenes at QuantumAxis Corp. Servers, user accounts, random requests at 4:55 PM on Fridays—he put out the fires and stayed out of the drama. So, when the CISO asked for a “quick chat,” he braced himself. “Alex,” she said, with zero preamble, “we’ve had too many close calls lately.

Technology is moving at the speed of light, and two forces—quantum computing and AI agents—are poised to shake up cybersecurity. We’re not talking about some far-off future; this is happening now. The message for CISOs and security leaders is simple: If you’re not preparing now, you’re already behind. As we say in Brazil, “Melhor prevenir do que remediar” or “better to prevent than remediate.”

In July 2024, Google introduced a new feature to better protect cookies in Chrome: AppBound Cookie Encryption. This new feature was able to disrupt the world of infostealers, forcing the malware developers to quickly modify their malware to adapt to the latest protections. In the new era of cookie protection, infostealer malware either need direct access to the Chrome process or to run with elevated privileges.