Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Every cloud platform needs a secure way to store API tokens, keys, and credentials — welcome, Cloudflare Secrets Store! Today, we are very excited to announce and launch Secrets Store in beta. We built Cloudflare Secrets Store to help our customers centralize management, improve security, and restrict access to sensitive values on the Cloudflare platform.

In this episode of the Security Matters podcast, host David Puner sits down with Lior Yaari, CEO and co-founder of Grip Security, for a discussion that covers the concept of identity debt and its implications for modern cybersecurity. Lior shares insights from his experience in Israel’s elite Unit 8200 and explains why identity is now the new security perimeter.

Ransomware is no longer in its heyday. Evolving, AI-driven cybersecurity tools and global law enforcement efforts have seen to that. But that doesn’t mean ransomware is no longer a threat. In fact, in some ways, the danger is greater than ever. While ransomware attacks are less common than they used to be, the consequences of those that succeed are more severe. Earlier this year, the Ponemon Institute published a study revealing massive changes in the ransomware landscape.

Cyber fraud has skyrocketed from a growing concern to the leading driver of payment fraud in the UK, infiltrating most businesses in the country and exposing them to previously unimagined financial and operational risks.

At St. Louis TechWeek 2025, AI took center stage as industry thought leaders shared sessions warning about inputs, data health, and how agents are the new attack surface.

Developers worldwide continue to adopt AI to speed up software delivery. But this speed often impacts security, as developers assume AI-generated code is secure without thoroughly checking for errors or vulnerabilities.

In keeping with Bitsight's ongoing commitment to making its ratings more meaningful and more representative of an ever-changing Cybersecurity landscape, the Ratings Algorithm Update for 2025 is scheduled to go into preview on April 8, 2025. The highlight of RAU 2025 is the incorporation of the Web Application Security(WAS) risk vector into the Bitsight Security Ratings1, and the associated deprecation/removal of Web Application Headers(WAH) risk vector.

Hello from the Veracode Research blog! It’s been a minute since we’ve done a malware write-up, but we’re back and ready for action! And speaking of folks who are back and ready for action, the North Korean attackers behind the crypto wallet stealer campaign we wrote about in February of 2024 and again in May of 2024 are back at it with a new batch of malicious npm packages.

Jira sandboxes provide strategic leverage for the development lifecycle. Unfortunately for IT teams, migrating them to production environments is rarely straightforward. That means backups should be immediately pointed out as a vital part of the process. A smooth migration means tested changes in the sandbox are moved to the live system without errors. This makes the platform stable and minimizes potential problems.

As organizations increasingly depend on SaaS applications, IT teams struggle with visibility and governance. Shadow IT, unmanaged devices, and limited monitoring capabilities create blind spots, exposing enterprises to compliance violations, data exfiltration, and insider threats. Risks don’t come only from unsanctioned applications: even widely used SaaS platforms can become a security liability when not properly controlled.