Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Today, Cato Networks published the 2025 Cato CTRL Threat Report. It is the inaugural annual threat report from Cato CTRL, the Cato Networks threat intelligence team. The key theme for this year’s report is artificial intelligence (AI), which reflects the current cybersecurity landscape where AI usage is skyrocketing among vendors—and threat actors. Within the report, we examine the security risks associated with LLMs and the increased adoption of AI applications within organizations in 2024.

Github Copilot became the subject of critical security concerns, mainly because of jailbreak vulnerabilities that allow attackers to modify the tool’s behavior. Two attack vectors – Affirmation Jailbreak and Proxy Hijack – lead to malicious code generation and unauthorized access to premium AI models. But that’s not all. Contents hide 1 Jailbreaking GitHub Copilot 1.1 Affirmation jailbreak? “Sure,” let’s exploit the AI system(s) 2 Proxy Hijack.

My two previous recent postings on AI covered “Agentic AI” and how that impacts cybersecurity and the eventual emergence of malicious agentic AI malware. Both of those articles started to touch on the idea of automated agentic AI defenses. This posting goes into a little more detail on what agentic AI defenses might mean. It starts with agentic AI, which is a collection of automated programs (i.e., bots or agents) working toward a common goal.

The rise of connected devices has fundamentally reshaped industries, enabling unprecedented levels of automation, efficiency, and innovation. These devices fall under the Extended Internet of Things (XIoT), a broad category encompassing traditional Internet of Things (IoT) devices, operational technology (OT), industrial control systems (ICS), the Internet of Medical Things (IoMT), and other connected assets that span enterprise IT and operational environments.

Today, one of the greatest challenges that cyber defenders face is analyzing detection hits from indicator feeds, which provide metadata about specific indicators of compromise (IOCs), like IP addresses, ASNs, domains, URLs, and hashes. While indicator feeds have proliferated across the threat intelligence industry, most feeds contain no contextual information about why an indicator was placed on the feed.

Security and attacks continues to be a very active environment, and the visibility that Cloudflare Radar provides on this dynamic landscape has evolved and expanded over time. To that end, during 2023’s Security Week, we launched our URL Scanner, which enables users to safely scan any URL to determine if it is safe to view or interact with.

In 2024, we announced Log Explorer, giving customers the ability to store and query their HTTP and security event logs natively within the Cloudflare network. Today, we are excited to announce that Log Explorer now supports logs from our Zero Trust product suite. In addition, customers can create custom dashboards to monitor suspicious or unusual activity.

With the rapid and dynamic nature of the digital world of today, businesses are seeing a mounting high rate of cybersecurity attacks. Cyber attackers keep evolving and coming up with new methods of breaching their systems, which leaves security teams under immense pressure to identify, assess, and remediate vulnerabilities at scale. Traditional methods of vulnerability management are typically behind the curve because the sheer volume of threats is overwhelming.