Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Starting February 2025, Netskope Threat Labs has tracked and reported on multiple phishing and malware campaigns targeting victims searching for PDF documents on search engines. Once they open the PDFs, the attackers employ various techniques to direct these victims to malicious websites or trick them into downloading malware.

Discover how BSidesSD 2025 challenged traditional GRC, spotlighted data poisoning, and promoted human-driven security insights. Read our highlights from this community event.

Microsoft Power Platform, specifically Power Automate and Copilot Studio, makes it easy for organizations to quickly build automations and AI agents. To keep them secure and compliant, Tenant Isolation is a critical feature designed to prevent unauthorized cross-tenant communication. However, in our latest research, we discovered a high-severity vulnerability that bypasses Tenant Isolation policies using the HTTP Connector - potentially exposing sensitive data and enabling unauthorized actions.

Traditional email authentication mechanisms like SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) are great for getting started. They are like the first step to verifying email senders and combatting tampering. However, they don’t solve the entire problem. Attackers may still manipulate the “From” address, evade SPF checks using intermediary servers, or exploit misconfigured DNS (Domain Name System) records.

If you’ve started exploring how to secure AI agents in your environment (or even just reading about it), you likely already know that it’s not as straightforward as applying traditional AppSec practices. AI agents aren’t just another workload or API to monitor, they’re dynamic, semi-autonomous entities operating at the intersection of user intent, agent behavior, and enterprise systems. And not all AI agents are created equal or secure.

Think of your organization’s cybersecurity as a combination of a shield and a sword. The shield represents proactive incident response – your first line of defense that anticipates and prevents potential threats. This could include app security tips or best practices for business cybersecurity, which work to prevent incidents before they occur through continuous monitoring, threat hunting, and vulnerability assessments.

API keys and passwords are the keys to digital kingdoms, granting access to an organization’s most valuable systems and data. Traditional data loss prevention (DLP) systems often fall short in their attempts to protect sensitive data and secrets, leaving security teams overwhelmed with false positives and noise. At Nightfall, we understand these challenges and the evolving threat landscape across SaaS and endpoints.