Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

I first met Tines co-founders Eoin Hinchy and Thomas Kinsella more than a decade ago at eBay. Even then, we shared the same frustration: too much important work was slowed down by brittle processes, manual handoffs, and disconnected tools. We all believed technology should help people focus on meaningful work, not slow them down in muckwork. That idea has shaped my career ever since. I started out in security operations, using automation to make my own job easier.

Let’s be honest: if your SOC is drowning in noise, you’re not “doing security.” You’re babysitting tools that cry wolf. And the wolves? They’re doing just fine. Every vendor claims their AI magically cuts false positives. Most don’t. Why?

In November of last year, Aaron Bray made some supply chain security predictions for 2025. Now, as we approach the close of the year, we are going to look at how those predictions turned out. But first let’s start with the high-level statistics and review some of the campaigns we have been tracking and reporting on this year. As this year is not yet over, we have excluded data from December for both 2024 and 2025.

Why outsourcing auth doesn't mean outsourcing risk.

Privilege is no longer a static control. It shifts dynamically with every action taken by an increasingly dynamic set of users, workloads, and AI agents, making traditional reliance on static credentials outdated and unfit for modern, fast-paced hybrid environments. As a result, organizations now need to evolve to a more agile and adaptive approach to securing privilege, one that can effectively handle the sheer volume and complexity of identities operating across cloud, on-prem, and hybrid ecosystems.

Why we’re bringing Zero Standing Privileges to M365, and why it matters. In the past decade, we collectively agreed that standing access to infrastructure is a security failure. No credible security team allows permanent root access on production servers or standing SSH keys for cloud instances. We built vaults, we implemented session recording, and we moved to Just-in-Time (JIT) access for infrastructure.

JSCEAL is an information stealer that’s been targeting users of cryptocurrency applications. As reported by Check Point Research (CPR) in July 2025, JSCEAL has developed into a more advanced form. In a new campaign observed by Cato CTRL in August 2025, JSCEAL has adopted a revamped command-and-control (C2) infrastructure, enhanced anti-analysis safeguards, and an updated script engine designed for increased stealth. The campaign remains active.

This is a predictions blog. We know, we know; everyone does them, and they can get a bit same-y. Chances are, you’re already bored with reading them. So, we’ve decided to do things a little bit differently this year. Instead of bombarding you with just our own predictions, we’ve decided to cast the net far and wide. We’ve spoken to cybersecurity experts from around the world to answer what’s, for us, the most pressing question of all.

In 2025, we engineered a truly new era of modern DAST. We unlocked next-gen assessments with “infinite” payloads, eliminated the trade-off between broad attack surface visibility and deep application testing, and found the ultimate balance between human ingenuity and machine intelligence with our AI Researcher, Alfred. The result? A modern DAST product that delivers unmatched innovation and accuracy in the AppSec space.

An API token is like a small digital key that tells a system that a user or an app is allowed to act in the system. When this key gets stolen, attackers act as real users and misuse the account. It’s called API token hijacking, and this issue has grown in the last few years. Most companies are not able to detect this problem in time. It’s important for IT/security teams to understand token theft to respond quickly and build stronger protection for future attacks.