Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Organizations must develop robust programs to manage supply chain risks, both known and unknown, while prioritizing their most critical assets. Often referred to as the "crown jewels", these assets are the most valuable and vital to business success. Supply chain attacks exploit vulnerabilities in the network of suppliers, distributors, and other third-party partners to gain unauthorized access to sensitive data and systems.

When you type a familiar website address in your web browser, you expect to land on a particular webpage, but what if you are redirected to a fake website designed to steal your sensitive data? Cyber attackers trick your internet settings into sending you to fake websites instead of the real ones. This is called a DNS spoofing or poisoning attack which exploits vulnerabilities in the Domain Name System (DNS) to compromise the entire network.

In cybersecurity, the adage “what’s old is new” continues to hold true as attackers resurface longstanding techniques or repurpose them with new twists and adaptations. The popularization of Living Off the Land Binaries (LOLBins) — legitimate, Windows-native tools commonly abused for malicious uses — is a great example of this.

The average amount of money requested in business email compromise (BEC) attacks spiked to $128,980 in the fourth quarter of 2024, according to the Anti-Phishing Working Group’s (APWG’s) latest report. This is nearly double the amount requested during Q3 2024. The researchers found that Gmail accounts were used to launch 81 percent of BEC scams last quarter. The report also warns of a surge in SMS phishing scams impersonating toll operators in the US, driven by a popular Chinese phishing kit.

Data poisoning is a sophisticated adversarial attack designed to manipulate the information used in training artificial intelligence (AI) models. By injecting deceptive or corrupt data, attackers can hurt model performance, introduce biases, or even create security vulnerabilities. As AI models increasingly power critical applications in cybersecurity, healthcare, finance, and many other industries, maintaining the integrity of their training data is absolutely critical.

On March 14, 2025, a critical supply chain attack targeted the widely used GitHub Action tj-actions/changed-files. This action, utilized in over 23,000 repositories, was compromised when attackers injected malicious code, causing CI/CD pipeline secrets to be exposed in GitHub Actions logs. This breach raised serious concerns regarding the security of GitHub Actions and the importance of implementing robust security measures in CI/CD workflows.

In March 2025, several US federal agencies issued a joint warning on the phishing-based, ransomware-as-a-service (RaaS) threat group Medusa and are encouraging organizations to implement mitigations to reduce the likelihood of being impacted by an attack.