Articles about cybersecurity

As we approach Black Friday and the annual frenzy of online shopping a new report uncovers widespread vulnerabilities in major retail platforms as agentic commerce takes hold.

The research from fraud prevention specialist Data Dome shows that threat actors are exploiting the same automation paths used by consumers to automate browsing, comparison and checkout in order to scale account fraud with an army of fake shoppers.

Continue reading →

New research from Immersive Labs reveals a widening gap between confidence and capability in cybersecurity.

While nearly every organization (94 percent) believes it can handle a major incident, the data tells a different story. According to Immersive’s analysis, average decision accuracy is just 22 percent, and the average containment time is 29 hours.

Continue reading →

New research from the Zimperium zLabs team reveals a sharp rise in mobile threats tied to the holiday shopping season.

The report shows that mishing (mobile phishing) remains the most widespread and effective mobile attack vector. Smishing messages and fake delivery alerts impersonating trusted retail and logistics brands surged up to fourfold during the 2024 holiday shopping period, with attackers using urgency-driven messages like ‘Your package is delayed, click here’ to trick users into revealing credentials or downloading malicious apps.

Continue reading →

The AI wave is translating into an increased number of AI agents in the workplace, which equates to a surge of both non-human identities (NHIs) and agentic identities. This is resulting in an urgent focus for CIOs and CISOs on identity threats and recovery.

New research from Rubrik Zero Labs, based on a survey by Wakefield Research of over 1,600 IT security decision makers, finds 89 percent of respondents have fully or partially incorporated AI agents into their identity infrastructure, and an additional 10 percent have plans to.

Continue reading →

A new report reveals that 92 percent of organizations that experienced a security incident in the past year believe stronger cyber hygiene could have prevented it, underscoring how persistent execution gaps continue to leave organizations exposed to preventable risk.

The study by Sapio Research for Swimlane shows that despite unprecedented spending on cybersecurity tools and services, foundational security practices remain inconsistent and often overlooked.

Continue reading →

A new survey from Bitdefender, of more than 7,000 consumers worldwide, finds that 14 percent of respondents (one in seven) report falling victim to scams in the past year, with an additional four percent unsure.

Based on an average scam loss of $545, that equates to over $534,000 lost among survey participants alone. The US led in scam victims at 17 percent, followed by the UK (16 percent) and Australia (16 percent), while France had the lowest at 11 percent.

Continue reading →

In October, one in every 44 GenAI prompts submitted from enterprise networks posed a high risk of data leakage, impacting 87 percent of organizations that use GenAI regularly.

A study from Check Point Research finds an additional 19 percent of prompts contained potentially sensitive information such as internal communications, customer data, or proprietary code. These risks coincide with an eight percent increase in average daily GenAI usage among corporate users.

Continue reading →

Banks, fintechs, and crypto platforms are ramping up investment in fraud prevention and identity verification (IDV), positioning it as the next layer of cyber defense, according to a new survey.

The study from Regula shows banks are leading this trend: the share of institutions intending to increase IDV budgets by more than 50 percent is nearly tripling -- from 4.4 percent to 15 percent in just two years.

Continue reading →

A typical container image carries over 600 known vulnerabilities, nearly half of them years old and for Java workloads, the risk is particularly acute.

To address this BellSoft is announcing Hardened Images, a tool for enhancing the security and compliance of containerized applications in Kubernetes.

Continue reading →

A new study from Cohesity finds 70 percent of publicly traded companies have reported adjusting earnings or financial guidance after a cyberattack.

Among the impacts 68 percent say they observed an impact on their stock price, while 73 percent of privately held firms redirected budgets from innovation and growth initiatives.

Continue reading →

Ahead of Black Friday a new study shows that, while 95 percent of Americans are concerned their data could end up in a breach, 78 percent are still willing to share personal information for discounts, perks, or free shipping.

The report from Incogni, based on a study of over 1,000 US adults, finds that volunteering personal information for discounts or access to content and rewards has become so routine that few likely consider the implications before doing so.

Continue reading →

As much of the workforce takes time out from the office for the holidays, employees, contractors and third-party vendors continue to log in remotely from holiday homes, airports or hotels, far from the traditional corporate environment.

This surge in remote work access inevitably heightens security risks. For IT and security teams already managing a sprawling attack surface, reduced visibility and control create a challenge that legacy tools like Virtual Private Networks (VPNs) were never designed to address.

Continue reading →

A new study from RSAC finds most CISOs’ budgets increased between 2024 and 2025 and their top areas of investment for 2025-2026 are identity and data protection.

While 76 percent of CISOs report that their budgets for 2024-25 had increased, just 12 percent saw their budgets decrease.

Continue reading →

As we approach the busiest time of the year for online shopping, scammers and phisherfolk are also preparing for a seasonal bonanza. 1Password has surveyed 2,000 American adults to learn how people are protecting themselves -- or not -- from phishing scams.

It finds that 66 percent of respondents say they’ve noticed more 'scammy' messages, phone calls, and ads since AI became more prevalent. In addition 82 percent of respondents have been phished, or have come dangerously close to it.

Continue reading →

While AI adoption is now nearly universal, governance and visibility have failed to keep pace, according to a new report from Cycode.

The study shows that 97 percent of organizations are already using or piloting AI coding assistants, and all confirm having AI-generated code in their codebases. Yet, despite this near-total adoption, 81 percent lack visibility into AI usage and 65 percent report increased security risks associated with AI.

Continue reading →