Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

If you were online yesterday, you probably noticed that a surprising amount of the internet simply wasn’t there. Uber, X, Canva, ChatGPT, and dozens of others all began returning internal server errors. For a few hours, it looked like the web had taken the afternoon off. As usual, the immediate assumption was that someone must be attacking the internet. Even Cloudflare initially suspected a large-scale DDoS event. When many unrelated services break at once, it often signals malicious activity.

We’re excited to announce the launch of our MCP server for Apono administrators — giving security and DevOps teams the ability to surface complex access data instantly, without the endless API queries, spreadsheets, or manual digging that slows everyone down. Admins are the guardians of access. But when they need answers like “Which users are included in this access flow?” or “Who has access to production?”, getting that data today can take hours.

NEW YORK – November 18, 2025 – Apono, the cloud identity-security company pioneering Zero Standing Privilege (ZSP) access management, today announced a $34 million Series B led by U.S. Venture Partners (USVP), with participation from Swisscom Ventures, Vertex Ventures, 33N Ventures, and existing investors. The round brings Apono’s total funding to more than $54 million. Over the past year, Apono established product-market fit with a fourfold increase in client count.

New research out of AhnLab documents the Cephalus ransomware group has been aggressively exploiting stolen Remote Desktop Protocol (RDP) credentials to break into networks and execute rapid, destructive encryption campaigns. The pattern is straightforward and brutal: credentials get you in, and once inside the attackers move fast to blind and break recovery.

Privileged accounts are often treated as background plumbing until something goes wrong. They sit across cloud consoles, databases, and pipelines and have the power to alter configurations or bring production to a halt, making them a favorite target of bad actors. Credential theft surged 160% in 2025, making stolen identities one of the fastest-growing attack vectors.

Breaking down the trade-offs between API integration and proxy gateways for modern access management The way organizations manage access has fundamentally shifted. In the past, infrastructure was mostly static—centralized data centers, long-lived servers, and predictable traffic patterns. You could rely on VPNs, firewalls, and a fixed set of roles in your identity provider. Access paths were clear, and change was infrequent. But that’s no longer the case.

How context‑aware, short‑lived roles eliminate privilege sprawl and accelerate secure engineering without overburdening admins Access management for remote resources has come a long way from VPNs and bastion hosts. The rise of cloud platforms, microservices and remote workforces has driven a shift toward Cloud-native security controls that integrate directly with AWS, Azure, GCP and Kubernetes.

New details are emerging about a wave of intrusions into Amazon Web Services environments. Attackers are reportedly weaponizing AWS IAM, using it to validate stolen credentials and turn identity controls into a springboard for in-cloud abuse. According to new research from Fortinent, attackers are leveraging the open source TruffleHog tool to automate testing of stolen AWS credentials in what they are calling the TruffleNet infrastructure.

AI is rewriting the rules of privileged access, but the rise of AI agents is creating a governance crisis. Threats like credential stuffing and privilege escalation are now accelerated by autonomous systems moving faster than humans can react. 82% of companies deploy autonomous AI agents, but 23% of IT teams admit those bots have already been tricked into revealing credentials—and fewer than half have guardrails in place. In modern infrastructure, machine identities now outnumber humans 80:1.

Identity is now the most common entry point for attackers. In cloud-native environments, thousands of microservices, containers, and agents request credentials every day, and each one represents a potential weakness. The imbalance between human and non-human identities (NHIs) is growing, but many organizations still devote the bulk of their identity and access governance (IGA) efforts to the former.