Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

An employee receives what looks like a routine email. Maybe it’s a shared document link, a shipment update, or a tool they already use. Nothing feels off. They click. Within seconds, a malicious script runs in the background. No warning. No alert. And the firewall? It didn’t block it. This isn’t an edge case. It’s how many modern attacks actually begin. Not by breaking in, but by being let in. Traditional network defenses were built to block external threats at the perimeter.

Mobile Device Management, commonly known as MDM, is how organizations manage, secure, and monitor mobile devices that access corporate data and applications. It helps IT teams keep smartphones, tablets, and laptops safe while allowing employees to work productively.

The world of cybersecurity is experiencing a shift as adversaries continue to refine their techniques. In 2025, cybersecurity teams will confront a host of new challenges that demand proactive and adaptive responses. Tabletop exercises offer an excellent opportunity to simulate incidents in a controlled environment, allowing teams to evaluate and improve their incident response plans.

On March 31, 2026, two malicious versions of axios, the enormously popular JavaScript HTTP client with over 100 million weekly downloads, were briefly published to npm via a compromised maintainer account. The packages contained a hidden dependency that deployed a cross-platform remote access trojan (RAT) to any machine that ran npm install (or equivalent in other package managers like Bun) during a two-hour window. The malicious versions (1.14.1 and 0.30.4) were removed from npm by 03:29 UTC.

A phishing campaign targeting multiple organizations led to RMM installations – but not much else (yet). A threat actor experimenting, or an access-as-a-service attack underway? Sophos’ Managed Detection and Response (MDR) teams reported on a phishing campaign late last year that attempted to trick users into installing LogMeIn Resolve (formerly GoToResolve), a remote monitoring and management (RMM) tool, to acquire remote unattended access.

Where AI in the SOC is actually delivering — and where it isn’t“We’ll have a generation of security professionals who can supervise AI but can’t function without it." For all the noise surrounding “agentic AI” in cybersecurity, security operations centers are still wrestling with the same fundamental questions: What does AI genuinely improve today? Where does it fall short? How can organizations tell the difference?

Navigating the labyrinth of the U.S. federal procurement system, especially for Defense Industrial Base (DIB) companies, can be challenging, particularly when trying to meet stringent cybersecurity compliance standards like the Cybersecurity Maturity Model Certification (CMMC).

Client-side skimming attacks have a boring superpower: they can steal data without breaking anything. The page still loads. Checkout still completes. All it needs is just one malicious script tag. If that sounds abstract, here are two recent examples of such skimming attacks: To further our goal of building a better Internet, Cloudflare established a core tenet during our Birthday Week 2025: powerful security features should be accessible without requiring a sales engagement.

Artificial intelligence is moving rapidly from experimentation into everyday use across financial services. From client servicing and research to operations and risk analysis, AI is increasingly embedded in core workflows. This shift is widely recognised within the industry. Recent research indicates that 67% of financial services organisations report rapid AI adoption, with 93% ranking AI as a top security priority heading into 2026. At the same time, governance structures are being established.

You’ve enabled GuardDuty EKS Runtime Monitoring across your clusters. You’ve configured IRSA for your Bedrock-calling agents. CloudTrail is logging every bedrock:InvokeModel event. And last Tuesday, one of your AI agents exfiltrated 12,000 customer records through a sequence of API calls that every one of those tools recorded as completely normal—because at the control plane level, they were.