Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

1Password surveyed 2,000 American adults to learn how people are protecting themselves from phishing scams this holiday season (“phishing” refers to all those scammy emails, shady texts, and fake ads, where hackers try to trick people into clicking a link that lets them steal money or information). What we learned is that holiday scams are getting bolder and harder to spot, thanks to the help of AI. Here are some of the other most eye-opening findings.

DragonForce expands its reach, Qilin rises as a global ransomware threat, and Water Saci spreads through WhatsApp.

By the time of Sibos 2025, banks and policymakers seemed to agree: digital money will be part of the operating models of traditional finance. The question now is how to make it happen. The urgency comes from a structural shift already under way. For the first time in regulated finance, value can meaningfully cross borders without banks. Virtual asset service providers are already moving stablecoins from Singapore to São Paulo without correspondent banks.

The digital assets are among the most valuable resources for businesses, governments, and private individuals alike. Cyber threats are evolving constantly, and securing data, networks, and digital operations requires not only advanced technology but also a deep understanding of cybersecurity controls.

Snyk is thrilled to announce our partnership with Factory, which brings Snyk Studio directly into Droid workflows. AI agents, such as Factory’s Droids, can generate thousands of lines of code at incredible speed and are transforming modern software development. Yet every time a Factory Droid quickly ships a feature in minutes vs. days, refactors an entire module, and updates dependencies across a repo, it’s potentially introducing vulnerabilities at the same pace.

New details are emerging about a wave of intrusions into Amazon Web Services environments. Attackers are reportedly weaponizing AWS IAM, using it to validate stolen credentials and turn identity controls into a springboard for in-cloud abuse. According to new research from Fortinent, attackers are leveraging the open source TruffleHog tool to automate testing of stolen AWS credentials in what they are calling the TruffleNet infrastructure.

The platforms your customers trust to connect with your brand are now being weaponized to destroy its reputation. AI is equipping cybercriminals with industrial-scale operations that can replicate your brand presence across all major social platforms in just minutes. This guide provides a CISO's framework for moving from reactive brand monitoring to proactive threat disruption, detailing a four-pillar plan to neutralize these threats before they impact your business.

In the original Star Trek television show, Captain Kirk would slightly recline in a command chair with various buttons that allowed him to deploy different technologies. Regardless of the alien threat, he had the necessary tools at his disposal to protect the Enterprise and his staff. An organization’s security operations center (SOC) acts as the Captain Kirk “command chair” for all security activities.

Local founders say the country’s payments reboot and AI breakthroughs could put B.C. at the centre of financial innovation. One day before the Bank of Canada announced it had approved the country’s first payment service providers under the new Retail Payment Activities Act, leaders from Vancouver’s growing sector gathered for a conversation that felt prescient. At.

In today’s fast-moving digital world, the adversary has evolved — threats aren’t just more frequent, they’re smarter. Artificial Intelligence (AI) is no longer only a force for good. Threat actors now leverage AI-driven methods to automate attacks, craft human-like deception, and exploit blind spots in organizations relying on outdated defenses.