Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

One Click to Zero Trust: How Cato's Agentless Microsegmentation Blocks Lateral Movement and Simplifies Network Security

One click on a malicious email. One compromised device. That’s often all it takes for malware or ransomware to spread across an entire network in minutes. In other cases, attackers move silently for months before striking. Cato’s agentless microsegmentation stops lateral movement at its source, isolating each device and preventing threats from spreading before they cause real damage.

Designing the Future of Agentic AI: Cato Engineering Details a New Practical, Secure, and Scalable MCP Server Framework

Some of you may remember the early days of security, when setting up a firewall or antivirus felt like enough. It was simple and gave us a sense of control. But over time, we learned that security is a moving target. What once felt sufficient quickly became just the starting point. In today’s agentic AI era, many treat their Model Context Protocol (MCP) setups the same way. If it’s running and returning results, it feels good enough. But the AI landscape is evolving rapidly.

Security and Performance Issues, Handled: The Efficiency Power of Cato XOps

You’re an IT professional whose teams manage network and security. They face millions of alerts each day, from threat detections to access anomalies and from connection failures to latency spikes. Your costs are high: it’s been hard to scale your team to cope with the growing volume of events. But the stakes are also high. Miss the wrong operational alert and your network team gets swamped with tickets. Miss the wrong security alert and your whole business is exposed.

Cato CTRL Threat Research: New Streamlit Vulnerability Enables Cloud Account Takeover Attack and Stock Market Dashboard Tampering

Imagine financial analysts watching stock prices suddenly drop. Dashboards show misaligned data, market confidence disappears, and trading screens across the NASDAQ turn red. But this time, the disruption isn’t caused by politics or economic shifts. It starts with a cyberattack. We reveal how a simple and overlooked flaw in Streamlit’s file upload feature, part of a widely used open-source framework for building stock market dashboards, could be used to cause this kind of financial chaos.

ZTNA Alone Won't Win the Zero Trust Race. Here's Why.

In the race to secure modern enterprises, Zero Trust Network Access (ZTNA) is gaining speed, and has become the default remote access solution for many enterprises. But while ZTNA is a fabulous on-ramp to Zero Trust and a broader security strategy, it’s not enough to secure the win on its own. Operationalizing Zero Trust requires takes than just access control. It requires a security platform play: convergence, continuous risk evaluation, and visibility across every edge.

Cato CTRL Threat Brief: "ToolShell" Exploit Targeting Microsoft SharePoint Vulnerabilities

On July 22, 2025, Microsoft published an overview of a series of critical vulnerabilities affecting Microsoft SharePoint Server (CVE-2025-49704, CVE-2025-49706, CVE-2025-53770, and CVE-2025-53771). These vulnerabilities opened a dangerous window for threat actors to gain access to internal resources, execute code remotely, and take over SharePoint deployments.

Cato CTRL Threat Research: Analyzing LAMEHUG - First Known LLM-Powered Malware with Links to APT28 (Fancy Bear)

On July 17, 2025, Ukraine’s Computer Emergency Response Team (CERT-UA) publicly reported LAMEHUG, which is being documented as the first known malware that integrates large language model (LLM) capabilities directly into its attack methodology.

Inside Qubit Conference Prague 2025: Hacking Social Platforms and Securing AI

Qubit Conference Prague 2025 brought together some of the sharpest minds in cybersecurity—and Cato CTRL made sure to leave a mark. Not only did we share insights on AI-powered security, but we also marked a major milestone: the opening of our new R&D office in Prague. This expansion strengthens our global footprint and taps the best in the local engineering and development talent to help with the kinds of projects we present at Qubit.

Cato CTRL Threat Research: Investigation of RMM Tools Leveraged by Ransomware Gangs in Real-World Incidents

Remote Monitoring and Management (RMM) tools are essential for IT operations, but their powerful capabilities and trusted status within enterprise networks have also made them valuable to threat actors. In the second half of 2024 and first quarter of 2025, we uncovered a recurring pattern during a series of cyber forensic investigations and threat detections impacting two US-based organizations and one UK-based organization.

Cato CTRL Threat Actor Profile: IntelBroker

In June 2025, FBI New York and the U.S. Attorney’s Office for the Southern District of New York announced charges against “IntelBroker,” the online persona of 25-year-old British national Kai Logan West. IntelBroker operated one of the most sophisticated data brokerage operations documented in the recent history of cybercrime.