Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cato CTRL Threat Research: Uncovering Nytheon AI - A New Platform of Uncensored LLMs

With the introduction of WormGPT in 2023, threat actors have been using uncensored large language models (LLMs) for malicious activities. Following the shutdown of WormGPT in the same year, numerous alternatives have emerged—including BlackHatGPT, FraudGPT, and GhostGPT, among others—primarily accessible through Telegram channels.

Meet Cato's MCP Server: A Smarter Way to Integrate AI Into Your IT & Security Processes

Sometimes preparing dinner can be a complicated task. You’re juggling a stir-fry, boiling pasta, prepping a salad, and all you want is to say “Chop the onions” and have it done. No switching between tasks, no looking up steps. Just state the intent, and it’s executed. We wanted that same level of simplicity when interacting with our environment, including sites, users, topology, and real-time data. That led us to build Cato’s Model Context Protocol (MCP) Server.

The Journey to SASE: a CxO Perspective | SASEfy 2025

True transformation happens when networking and security move at the speed of business. That’s what SASE makes possible. In his session at, Cato’s Chief Strategy Officer Yishay Yovel, shares how SASE aligns infrastructure and business transformation — creating a platform that’s simple, agile, and future-ready.

Connecting China Without the Complexity - The Cato Approach

What if connecting China didn’t mean rebuilding your architecture, navigating telco red tape, or managing endless compliance workarounds? For global enterprises, China isn’t optional—it’s essential. From sourcing and manufacturing to logistics and go-to-market, your business depends on fast, secure, and compliant access through and across China. But most legacy architectures treat China like an exception—introducing latency, risk, and inconsistency right where you can least afford it.

One Platform, Total OT Protection: Cato's Response to CISA's Mitigation Guidelines

It started with a sudden alteration in chemical levels in the water treatment system. When a threat actor adjusted the level of sodium hydroxide to more than 100 times its normal amount, millions were at risk of being poisoned. Luckily, it was stopped in time. This is not fiction. It is one of several real incidents already published in 2021. Since then, more incidents have been identified, targeting critical water facilities and other OT infrastructure.

Achieving PCI DSS v4.0.1 Certification: A Comprehensive Overview of Cato Networks' PCI Journey

As previously noted, we achieved PCI DSS v4.0.1 compliance certification, becoming the first SASE platform provider to do so. This milestone reflects our commitment to the highest security standards, ensuring enhanced protection for sensitive data. Throughout the assessment, we collaborated with an external Qualified Security Assessor (QSA) from USD AG to ensure all requirements were thoroughly evaluated.

Cato Networks Demonstrates AI-Based Policy Analysis and Enforcement at AWS Summit Tel Aviv 2025

Policy misconfigurations remain one of the most common and costly risks in network security. Studies in recent years have shown that the vast majority of firewall breaches stem from policy configuration errors, and human mistakes or skill gaps continue to be a leading cause of major security incidents. Traditionally, organizations either wait for a breach or an audit to detect issues, both of which are reactive approaches.

Cato CTRL Threat Research: Suspected Russian Threat Actors Leverage Tigris, Oracle Cloud Infrastructure, and Scaleway to Target Privileged Users with Lumma Stealer

Imagine walking into a trusted bank, only to be handed counterfeit money by employees who don’t realize it’s fake. This is similar to a growing trend that’s emerging in the threat landscape. Threat actors are leveraging trusted cloud infrastructure platforms to host fake reCAPTCHA pages designed to deceive unsuspecting victims into executing malicious commands through the Windows Run dialog—specifically targeting high-access users within organizations to escalate privileges.

Fireside Chat with Cato's CEO: State of the SASE Market | SASEfy 2025

When a ransomware attack wiped out Häfele’s entire global network overnight, the stakes couldn’t have been higher. In just 4 weeks, Cato Networks rebuilt 180+ locations delivering resilience when it mattered most. As our CEO Shlomo Kramer shared at, “No other technology can deliver that.” Let’s connect.