Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Kubernetes has become the foundation for modern applications—but with great flexibility comes greater complexity and risk. Whether it’s an accidental misconfiguration, a failed update, or a cluster-wide outage, disruptions happen fast—and when they do, they impact both your containers and the virtual machines (VMs) running alongside them. In these high-stakes moments, your recovery plan is what makes the difference between a brief hiccup and a full-blown disaster.

Arctic Wolf has observed an uptick in activity from the Silent Ransom Group, a cybercriminal group first identified in 2020 and notorious for its targeted cyber extortion campaigns driven by financial gain. This week, the group has been targeting the legal industry using “call-back” phishing tactics. The group sends emails impersonating services such as Duolingo or Masterclass, claiming a pending charge and urging recipients to call a phone number to resolve the issue.

What a week it was in London! KubeCon + CloudNativeCon Europe 2025 had all the energy of a music festival for cloud-native tech — and it didn’t disappoint. I had the pleasure of hitting the ground with Kevin Jackson and Rodolfo Casas, and right from the start, it felt like we were back with our extended family.

The threat facing healthcare organizations worldwide is being recognized at the highest level, with the United Nations calling for international cooperation to combat the issue. The international organization has asked its members to support fellow member nations by providing technical assistance and guidelines to bolster the resilience of health infrastructure against attack.

As software development accelerates, cyberattacks are also growing more sophisticated. The result? Traditional security methods are often rendered ineffective. With reactive strategies and stretched resources, application security (AppSec) teams are under increasing pressure to secure apps without sacrificing speed and innovation. Artificial intelligence (AI) has quickly become the frontrunner solution, automating labor-intensive tasks, improving accuracy, and enabling proactive security measures.

Ever thought an image file could be part of a cyber threat? The Trustwave SpiderLabs Email Security team has identified a major spike in SVG image-based attacks, where harmless-looking graphics are being used to hide dangerous links. This blog post analyzes the various techniques cybercriminals are using to cleverly weaponize these image files in phishing attacks and what your organization can do to prevent these pixel-perfect tricks.

Active Directory (AD) officially reaches its quarter-century this year, after its late-1990s preview and full release with Windows Server 2000. That’s over 25 years of providing administrators with tools to manage permissions, endpoints and access for network-based resources and objects. In that time, it’s grown to become the choice of around 90% of the Global Fortune 1000s.

In a recent social-engineering attack targeting the hospitality sector observed by the ThreatSpike team, there appears to be a change in the tactics employed by the threat actor. The hospitality sector, where top-notch customer-service is expected, customer-facing employees are often lucrative targets for phishing, as detailed in our previous blog post.

Securing PCI and PII data is at the core of what we do at Protegrity. You can try out Protegrity’s capabilities today, through our API Playground. This section walks you through some sample scenarios of de-identifying PCI data, so that it is removed from your environment and only reversed once it leaves it. To run this example, you have to be signed up to the Protegrity API Playground.