Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

cyberark

EP 21 - When attackers log in: Pausing for perspective in the age of instant answers

Dec 16, 2025 By CyberArk In CyberArk
In this episode of Security Matters, host David Puner welcomes back David Higgins, senior director in CyberArk’s Field Technology Office, for a timely conversation about the evolving cyber threat landscape. Higgins explains why today’s attackers aren’t breaking in—they’re logging in—using stolen credentials, AI-powered social engineering, and deepfakes to bypass traditional defenses and exploit trust.
Read Post
Arctic Wolf

New Attack Technique "ConsentFix" Hijacks OAuth Consent Grants

Dec 16, 2025 By Andres Ramos In Arctic Wolf
On December 11, 2025, Push Security published research detailing a newly observed browser-based phishing technique called ConsentFix. The name ConsentFix is derived from its similarity to the previously documented ClickFix technique using fake CAPTCHA pages. ConsentFix, enables threat actors to gain cloud account access without capturing passwords, multifactor authentication (MFA) codes, or other credentials by abusing legitimate OAuth authentication and consent flows.
Read Post

Are LLMs becoming messengers for attackers? #ai #cybersecurity

Dec 16, 2025 By LimaCharlie In LimaCharlie
AI assistants with broad enterprise access are creating a new attack vector. Chris Luft and Matt Bromiley discuss the Gemini Jack vulnerability, where attackers used prompt injection to turn Google's AI assistant into an unwitting accomplice in data exfiltration. The attack embedded hidden instructions in documents or emails. When employees asked Gemini normal questions like "show me our budgets," the AI retrieved the poisoned document and executed the attacker's commands without anyone clicking anything.
View Video

EP 21 - When attackers log in: Pausing for perspective in the age of instant answers

Dec 16, 2025 By CyberArk In CyberArk
In this episode of Security Matters, host David Puner welcomes back David Higgins, senior director in CyberArk’s Field Technology Office, for a timely conversation about the evolving cyber threat landscape. Higgins explains why today’s attackers aren’t breaking in—they’re logging in—using stolen credentials, AI-powered social engineering, and deepfakes to bypass traditional defenses and exploit trust.
View Video
cato networks

Cyberattack on the Sun: Threat Actors Manipulate Solar Panel Systems; Agentic AI Increases the Risk

Dec 15, 2025 By Dr. Guy Waizel In Cato Networks
Millions of homes, businesses, and hospitals depend on solar power, a clean and cost-effective source of renewable energy. Adoption has accelerated worldwide thanks to major government initiatives such as the Inflation Reduction Act (IRA) in the U.S., the Renewable Energy Directive (RED II) in the EU, the Smart Export Guarantee in the UK, and Australia’s Small-scale Renewable Energy Scheme (SRES). As clean energy infrastructure expands, a new vulnerability is emerging.
Read Post
levelblue

Predictions 2026: Surge in Agentic AI for Attacks and Defenses

Dec 15, 2025 By LevelBlue In LevelBlue
Over the years, cybersecurity predictions tend to all sound the same. Ransomware attacks will continue, supply-chain incidents will increase, and phishing will remain a problem. However, the tail end of 2025 and 2026 presented the cybersecurity industry with a new concern, Agentic AI. Agentic AI capabilities far exceed the basic AI concerns that were reported in the past. Its ability to make decisions and take actions on its own, without needing a human to approve every step, is a game-changer.
Read Post
cloudflare

The 2025 Cloudflare Radar Year in Review: The rise of AI, post-quantum, and record-breaking DDoS attacks

Dec 15, 2025 By David Belson In Cloudflare
The 2025 Cloudflare Radar Year in Review is here: our sixth annual review of the Internet trends and patterns we observed throughout the year, based on Cloudflare’s expansive network view.
Read Post

How to Prevent Fileless and In-Memory Attacks with Aurora Endpoint Defense

Dec 12, 2025 By Arctic Wolf Networks In Arctic Wolf
See how Aurora Endpoint Defense prevents advanced memory and script-based attacks before they disrupt your business. Using Alpha AI, Aurora Endpoint optimizes threat detection and response while reducing analyst workload resulting in stronger protection and less operational strain.
View Video
safeaeon

How to Avoid Phishing Attacks: A Complete Guide for Users and IT Teams

Dec 11, 2025 By SafeAeon Inc. In SafeAeon
Phishing remains one of the most common cyber threats, affecting users across industries and regions. It targets human behavior rather than technology, which makes it more effective than many other attack methods. Now, attackers are using advanced tools, like AI, to make phishing more effective. To know how to avoid phishing attacks, you must understand how they work and the different forms they take.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.