Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

For years, cybersecurity strategy has been built around a simple idea: keep attackers out. Stronger perimeters. Better firewalls. More advanced endpoint protection. Smarter email filtering. But the latest insights from the Microsoft Digital Defense Report tell a very different story. Attackers aren’t breaking in. They’re logging in.

AI-powered attackers are faster and more systematic than ever. But they still trust what they see. Deception technology controls what they see. 87% of security leaders say AI-related vulnerabilities grew faster than any other risk in 2025 44% year-over-year rise in exploitation of public-facing applications in 2025 300K+ AI platform credentials exposed via infostealer malware on dark web in 2025.

On May 11, 2026, between 19:20 and 19:26 UTC, 84 malicious npm package artifacts were published across 42 packages in the @tanstack namespace. The packages were not published by an attacker who stole credentials; they were published by TanStack's legitimate release pipeline, using its trusted OIDC identity, after attacker-controlled code hijacked the runner mid-workflow. The malicious versions spread to Mistral AI, UiPath, and dozens of other maintainers within hours.

According to the State of Application Security 2026, insurance platforms saw a 115% increase in attacks per website. DDoS attacks per site rose by 143%, targeting critical periods like claim processing and policy renewals. In an industry built on trust, availability is a business promise. Even brief downtime disrupts revenue and compliance, making always-on DDoS protection a core requirement for insurance resilience.

Top tips is a weekly column where we highlight what’s trending in the tech world and share ways to stay ahead. This week, we’re looking at how the gap between a vulnerability and an attack is shrinking rapidly. A vulnerability is discovered. It could be a small bug, a missed update, or a gap in how a system is configured. It gets reported, documented, and sometimes even publicly disclosed. For a long time, there used to be an extended window between discovery and attack.

Zero-day attacks are one of the most serious threats in cybersecurity. They target unknown software weaknesses and can cause damage before anyone is aware of the issue. It is important to understand how these attacks work to better protect systems and data. A Zero-day attack exploits a software vulnerability that is unknown to the developer but already known to attackers. The attacker tries to exploit the vulnerability before the concerned team can identify and apply a patch to fix it.

In 2026, the public sector continues to face numerous cyber attacks, with data breaches often exposing sensitive information, disrupting essential services and undermining public trust. From municipal governments to federal agencies, public sector organizations of all sizes face challenges from threat actors exploiting outdated systems, human error and expanding digital footprints. These incidents are more than isolated security failures.

Almost every system today, including cloud platforms, SaaS tools, and enterprise apps, relies on identity to control who gets in. That shift has made login credentials one of the most valuable things an attacker can get their hands on. A single compromised account can be enough to move through an entire network, access sensitive data, and stay hidden for weeks without triggering an alarm.