The rise of the machine identity and what it means for cybersecurity [Q&A]


A report earlier this year highlighted the fact that machine identities now vastly outnumber humans.
This leads to a wider attack surface leaving many organizations vulnerable to cyberattack and loss of data. We spoke to Refael Angel, the co-founder and CTO of unified secrets and machine identity platform Akeyless Security, to find out more about the problem and how enterprises can protect themselves.
Millions of unsecured Wi-Fi networks are putting data at risk


New threat intelligence from Zimperium reveals over five million unsecured public Wi-Fi networks have been detected globally since the beginning of 2025, with a staggering 33 percent of users still connecting to these open networks, putting enterprise data at risk in the process.
“Mobile devices are now a primary gateway to corporate data, but during travel, they’re also the most vulnerable,” says Kern Smith, VP of global solutions at Zimperium. “Unsecured Wi-Fi, phishing disguised as travel alerts, and risky sideloaded apps are creating an ideal attack surface for cybercriminals -- especially in peak travel months.”
Cloaking-as-a-service set to reshape the phishing landscape


Imagine if hackers could give their scam websites a cloak of invisibility, showing one web page to regular people and a harmless page to security scans. Sneaky, huh?
According to new research from SlashNext that’s essentially what’s happening as cybercriminals start to leverage AI-powered cloaking services to shield phishing pages, fake stores, and malware sites from prying eyes.
The future of encryption in a post-quantum world


As quantum computing speeds edge closer to practical use, the ‘harvest now, decrypt later’ approach is already in motion with adversaries collecting encrypted data today, anticipating they'll be able to crack it tomorrow. But is enough being done to prevent it?
New research from Forescout highlights the urgent need for organizations to prepare for a future where quantum-capable adversaries can break widely used cryptographic protocols.
Application layer comes under threat


A new report from Contrast Security exposes a growing crisis at the application layer as adversaries use AI to easily launch previously sophisticated attacks at scale.
Recent reports from Verizon (DBIR 2025) and Google Mandiant (M-Trends 2025) confirm what many security leaders already suspect: components of the application layer are among the most targeted and least protected part of the modern enterprise.
Outdated printer firmware can leave organizations open to attack


In the past the printer has tended to be a pretty dumb device, but as they’ve gained more features and extra connectivity printers have become a target for attacks and potentially a way of gaining access to networks.
A new report from HP Wolf Security, based on global study of 800+ IT and security decision-makers (ITSDMs), highlighs the challenges of securing printer hardware and firmware.
Ransomware surges 63 percent in Q2


The second quarter of this year has seen a 63 percent increase in publicly disclosed ransomware attack volumes, with a total of 276 incidents compared to Q2 2024, according to the latest report from BlackFog.
This represents the highest number of attacks for this timeframe since the company began tracking ransomware volumes in 2020. All three months in the quarter set a new high compared with the same time period in previous years. June saw 113 percent increase with a total of 96 attacks. There was a 51 percent increase in April with a total of 89 attacks, and a 40 percent increase in May with 91 attacks.
What has AI done for us? Celebrating AI Appreciation Day


In the last few years artificial intelligence has found its way into more and more areas of our world and its progress shows no signs of slowing down.
Of course most things these days need a day to mark their achievements and today is AI Appreciation Day. So, what has AI done for us and what can we expect from it in future? Some industry experts gave us their views.
Is business logic abuse a growing problem for APIs? [Q&A]


Tricking applications into altering their processes or surrendering information is a highly efficient way for attackers to carry out theft or fraud while minimizing the risk of detection.
We asked Mohammad Ismail, VP of EMEA at Cequence Security, to explain how this business logic abuse is carried out and why it’s becoming a growing problem.
Internet-exposed assets reveal industry vulnerability profiles


New analysis from CyCognito of over two million internet-exposed assets, across on-prem, cloud, APIs, and web apps, identifies exploitable assets across several key industries, using techniques that simulate real-world attacker behavior.
Techniques used include black-box pentesting using 90,000+ exploit modules, credential stuffing simulations, data exposure detection, etc. The study also used Dynamic Application Security Testing (DAST) to identify runtime web application vulnerabilities, as well as active vulnerability scanning of internet-facing services to detect CVEs, misconfigurations, and exposed assets.
Analysis of breached passwords shows almost all are weak


New research from Specops has analyzed 10 million random passwords from the billion+ breached password list used by Specops Password Auditor and finds that a startling 98.5 percent are weak.
The research defines a ‘strong’ password as having at least 15 characters in length and at least two different character classes. A long password of 15 identical-class characters (for example all lowercase) is easier to crack than one that mixes in digits or symbols.
Google launches new AI security initiatives


Ahead of the summer’s round of cybersecurity conferences Google is announcing a range of new initiatives aimed at bolstering cyber defenses with the use of AI.
Last year the company launched Big Sleep, an AI agent developed by Google DeepMind and Google Project Zero, that actively searches and finds unknown security vulnerabilities in software.
Encryption adoption up but sensitive data is still at risk


Encryption adoption has soared to 94 percent, but inconsistent application continues to put sensitive data at risk, finds a new survey.
The study from secure storage maker Apricorn shows that 59 percent of IT security decision makers say encryption has increased, allowing them to better protect their data, including on lost/stolen devices.
Security teams struggle to prioritize and patch vulnerabilities


According to a new report 39 percent of security professionals say they struggle to prioritize risk remediation and patch deployment, with 35 percent saying they struggle to maintain compliance when it comes to patching vulnerabilities.
The study from Ivanti also finds 87 percent of security pros feel they do do not have access to the critical data needed to make informed security decisions. In addition 46 percent believe IT teams lack urgency when addressing cybersecurity problems.
Supply chain issues pose major risks to financial organizations


While banks and financial institutions generally have strong defenses, third-party vendors often lack the same levels of security, something that can offer providing attackers indirect access to the institutions they serve.
A new report from Black Kite examines the shifting landscape of cyber threats in the financial sector, highlighting the critical importance of understanding and mitigating the hidden dangers within the vendor ecosystem.
Recent Headlines
Most Commented Stories
BetaNews, your source for breaking tech news, reviews, and in-depth reporting since 1998.
© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.