Monday 11/10
The Bad Guys’ New Weapon: Ransomware 3.0 (Pure Storage)
Ransomware 3.0 is a new type of cyberattack where cybercriminals use AI to plan and stage ransom actions. In this next stage of ransomware, bad actors also leverage multiple forms of extortion, called triple extortion, to up the ante against victims.
https://blog.purestorage.com/perspectives/cyber-resilience-bad-guys-new-weapon-ransomware-3-0/
Automating compliance: Why identity security needs a data-driven tune-up (CyberArk)
By integrating business context into identity workflows, organizations can transform compliance from a periodic scramble into an ongoing, seamless process.
https://www.cyberark.com/resources/blog/automating-compliance-why-identity-security-needs-a-data-driven-tune-up
Tuesday 11/11
Global Cyber Attacks Surge in October 2025 Amid Explosive Ransomware Growth and Rising GenAI Threats (Check Point)
In October 2025, the global volume of cyber attacks continued its upward trajectory. Organizations worldwide experienced an average of 1,938 cyber attacks per week, marking a 2% increase from September and a 5% rise compared to October 2024.
https://blog.checkpoint.com/research/global-cyber-attacks-surge-in-october-2025-amid-explosive-ransomware-growth-and-rising-genai-threats/
Prisma SASE as Your New Blueprint for Modern Branch Security (Palo Alto Networks)
True enterprise security requires context, seeing how the branch, remote users and your cloud environments all interact. This is where the power of a unified platform becomes transformative.
https://www.paloaltonetworks.com/blog/2025/11/prisma-sase-blueprint-modern-branch-security/
Wednesday 11/12
What’s Behind The Rise of Spear Phishing Attacks on IT Leaders? (Arctic Wolf)
IT leaders have become especially attractive targets: their privileged access amplifies the impact of a successful compromise. Today, IT leaders are in the crosshairs of sophisticated, AI-assisted spear phishing campaigns that exploit both human trust and digital access, making them some of the most lucrative attacks in the cyber landscape.
https://arcticwolf.com/resources/blog/whats-behind-the-rise-of-spear-phishing-attacks-on-it-leaders/
Securing AI agents in business applications (Delinea)
We are experiencing an explosion of AI agents: from software manufacturers embedding AI agents, to third parties selling their own agents to add to business applications, to the ability to design your own agents using tools like Microsoft Copilot Studio. Trusted vendors take security seriously, but when those agents talk to others that are less scrutinized, it breaks down the agentic AI security supply chain.
https://delinea.com/blog/how-to-secure-ai-agents-in-business-applications
Thursday 11/13
Security brief: VenomRAT is defanged (Proofpoint)
The disruption to VenomRAT will cause threat actors using the malware to pivot to new payloads. Proofpoint has not observed VenomRAT in campaign data since September 2025, and TA558 has already begun favoring other malware including Remcos RAT and XWorm, with lower volumes of activity since October.
https://www.proofpoint.com/us/blog/threat-insight/security-brief-venomrat-defanged
Secure by Design: The Future of Threat Modeling for AI-Native Applications (Snyk)
Traditional approaches to security, such as scanning code, running pen tests, or manually reviewing architectures, can’t keep pace. The rise of AI-native applications has created a new class of threats that evolve faster than the manual processes designed to prevent them.
https://snyk.io/blog/future-threat-modeling-ai-native-apps/
Friday 11/14
Detecting Stealthy Account Takeover Campaigns with Federated Intelligence (Abnormal AI)
Credential abuse remains central to stealthy account takeover campaigns, appearing in nearly half of breaches in 2024. What’s changed is not the tactic but how quietly it’s being executed.
https://abnormal.ai/blog/detecting-stealth-account-takeovers
Certificate lifetimes are shrinking—your business continuity doesn’t have to: Automating SSL/TLS at scale with NetScaler (Citrix)
As certificate lifetimes shrink, those manual workflows won’t scale in the world of microservices, APIs, and hybrid deployments. It only takes one missed renewal to cause a public outage, fail an audit, or damage customer trust.
https://www.citrix.com/blogs/2025/11/12/automating-ssl-tls-at-scale-with-netscaler/
Monday 11/17
From Vulnerability Management to Exposure Management: The Platform Era Has Arrived (CrowdStrike)
As adversaries evolve, exposure management must prioritize complete visibility, adversary-aware risk prioritization, and agentic triage and remediation.
https://www.crowdstrike.com/en-us/blog/from-vulnerability-management-to-exposure-management-platform-era-has-arrived/
Recover, rebuild then harden: An identity security playbook for ransomware (Delinea)
Identity controls determine whether recovery from a ransomware attack is clean or compromised. You recover without reopening attack routes by rotating high-risk secrets, enforcing least-privilege rebuilds, validating privileged paths, and monitoring for drift.
https://delinea.com/blog/identity-security-playbook-for-ransomware
Tuesday 11/18
The Unmeasurable is Unmanageable: Why Cyber Resilience Takes Center Stage for Businesses (Arctic Wolf)
For years, the cybersecurity industry was built on the promise of prevention. The idea was to build a fortress so strong that no attacker could ever get in. But as the WEF rightly points out, that’s no longer a realistic goal. The modern threat landscape is too vast, the attack vectors too numerous, and the adversaries too sophisticated.
https://arcticwolf.com/resources/blog/why-cyber-resilience-takes-center-stage-for-businesses/
Wednesday 11/19
The Enterprise Browser's Approach to Multi-Tenancy Architecture (Island)
In B2B SaaS applications, it is crucial to keep data not only secure, but also well separated between organizations (referred to as “tenants” in this context). A breach in tenant isolation could expose proprietary data, financial records, or customer information to competitors or unrelated organizations.
https://www.island.io/blog/the-enterprise-browsers-approach-to-multi-tenancy-architecture
The State of Ransomware in Q3 2025 (Check Point)
The ransomware landscape in Q3 2025 has reached a critical inflection point. Despite multiple law enforcement takedowns earlier in the year, ransomware attacks remain at historically high levels. Check Point Research tracked 1,592 new victims across 85 active extortion groups, marking a 25% increase year-over-year.
https://blog.checkpoint.com/research/the-state-of-ransomware-in-q3-2025/
One identity. Every app. Now inside Citrix sessions. (Citrix)
All your Microsoft Entra ID policies follow the user into the Citrix environment. Conditional Access, MFA, compliance and governance remain intact. IT maintains control while users move freely, securely, and efficiently. IT doesn’t need to replicate policies or manage additional identity layers. Users authenticate once, and the security posture stays with them.
https://www.citrix.com/blogs/2025/11/18/one-identity-every-app-now-inside-citrix-sessions/
Thursday 11/20
A Policy Roadmap for Secure AI by Design (Palo Alto Networks)
The rapid deployment of AI, however, has largely outpaced the adoption of security measures designed to protect it. According to an October 2025 survey from the Conference Board, nearly three-quarters of S&P 500 companies now flag AI as a material risk in their public disclosures, which is a jump from just 12% in 2023.
https://www.paloaltonetworks.com/blog/2025/11/policy-roadmap-secure-ai-by-design/
Friday 11/21
Fake Microsoft Teams Meeting Invite Used to Deploy Malicious OAuth App (Abnormal AI)
Meeting invites are among the most trusted messages in a corporate inbox. They’re part of the background noise of modern work—routine, ordinary, and rarely questioned. But that familiarity has turned them into an ideal delivery vehicle for a new class of phishing attacks.
https://abnormal.ai/blog/fake-microsoft-teams-invite-oauth-app-phishing
The next chapter of identity security begins with privilege (CyberArk)
Yesterday’s tools can no longer protect today’s environments. The new frontier requires a shift, not only in technology, but in thinking about the problem and rebuilding our approach to identity security.
https://www.cyberark.com/resources/blog/the-next-chapter-of-identity-security-begins-with-privilege
Monday 11/24
Why Threat Modeling Is Now Even More Critical for AI-Native Applications (Snyk)
AI-native applications demand security that is as dynamic as the systems they protect, automated, continuous, and actionable. AI-native threat modeling is a foundational requirement for maintaining integrity, achieving compliance, and ensuring the responsible and scalable deployment of AI systems.
https://snyk.io/blog/threat-modeling-critical-ai-native-applications/
To Stop AI-Powered Adversaries, Defenders Must Fight Fire with Fire (CrowdStrike)
Enterprises building and deploying their own AI systems must also recognize that these systems can be manipulated and weaponized through prompt injection. Traditional security controls like firewalls, antivirus, and access controls don't protect against an adversary who can successfully persuade an AI system to return information or perform an action against its intended design and constraints.
https://www.crowdstrike.com/en-us/blog/stop-ai-powered-adversaries-fight-fire-with-fire/
Tuesday 11/25
Stop of the month: how threat actors weaponize AI assistants with indirect prompt injection (Proofpoint)
A new and dangerous attack vector has emerged that targets the AI models themselves: prompt injection. It’s already ranked as the No. 1 vulnerability on the OWASP Top 10 for Large Language Model (LLM) Applications, and for good reason.
https://www.proofpoint.com/us/blog/email-and-cloud-threats/stop-month-how-threat-actors-weaponize-ai-assistants-indirect-prompt
Nerdio Manager for Enterprise v7.5: leveling up from legacy IT (Nerdio)
For years, enterprises have relied on outdated virtual desktop infrastructure that simply can’t keep pace with the speed, scale, and complexity of today’s hybrid work. Managing those environments often meant juggling disconnected tools, manually troubleshooting issues, and struggling to quantify IT’s true impact.
https://getnerdio.com/blog/nerdio-manager-for-enterprise-v7-5-leveling-up-from-legacy-it/
Wednesday 11/26
Business-Aware Recovery for M365: From Blind Restoration to Minimum Viable Business in Minutes (Rubrik)
Current recovery solutions, although technically sound, have one significant flaw: they lack operational insight. All data is equal, so no priority is given to the information that matters most to the business at the time of the crisis. So you may spend valuable resources recovering mailboxes, files, and sites based solely on time (either point-in-time or the latest snapshot) or infrastructure, rather than on the critical importance of the data for the business.
https://www.rubrik.com/blog/technology/25/11/business-aware-recovery-for-m365-from-blind-restoration-to-minimum-viable-business-in-minutes
Are identity management solutions ready for a digital AI-based workforce? (Delinea)
Identity Management solutions have traditionally focused on humans as the primary subject needing an identity and authorization to access a resource. Several solutions have been updated to manage machine identities used to access resources and data. However, organizations adopting Agentic AI will need to address the unique challenges posed by these new agents.
https://delinea.com/blog/identity-security-solutions-and-ai-agents
Friday 11/28
How To Combat AI-Enhanced Social Engineering Attacks (Arctic Wolf)
Threat actors are leveraging the power of artificial intelligence to enhance everything from business email compromise (BEC) to ransomware attacks. And organizations are taking note. For the first time, Arctic Wolf’s 2025 The State of Cybersecurity Trends Report found that ransomware had finally been dethroned as the principal concern of security leaders. The new champion? Artificial intelligence.
https://arcticwolf.com/resources/blog/how-to-combat-ai-enhanced-social-engineering-attacks/
Rethinking Zero Trust in the Age of AI: Why Following the Data Is the New Trust Boundary (Cyera)
Zero Trust was built on least privilege access, identity verification, and network segmentation. These models worked when employees were predictable and systems were static. AI changes the equation.
https://www.cyera.com/blog/rethinking-zero-trust-in-the-age-of-ai-why-following-the-data-is-the-new-trust-boundary
Tuesday 12/2
CrowdStrike Unveils Real-Time Cloud Detection and Response Innovations (CrowdStrike)
CrowdStrike is introducing new CDR capabilities to help SOC teams respond to these challenges and outpace modern adversaries. The result is a battle-tested, real-time approach to cloud defense centered around three key innovations.
https://www.crowdstrike.com/en-us/blog/crowdstrike-unveils-real-time-cloud-detection-and-response/
Cyber resilience: The name of the game for 2026 (Delinea)
With AI now making cybercrime easier by helping even inexperienced attackers launch convincing phishing campaigns, deepfakes, and ransomware at scale, every organization is feeling the pressure. High availability and redundancy are foundational and expected.
https://delinea.com/blog/cyber-resilience-in-2026
Wednesday 12/3
TLS certificate management in 2026: The endless game of Whack-A-Cert (CyberArk)
TLS certificates—the machine identities used to prove machines are who they say they are—will begin expiring twice as fast in March 2026. Lifespans will drop from 398 days to 200 days. It sounds like a minor technical adjustment, but it will impact every business, government, and institution that conducts business online.
https://www.cyberark.com/resources/blog/tls-certificate-management-in-2026-the-endless-game-of-whack-a-cert
Beyond the gateway: how threat actors intentionally engineer attacks to evade email security (Proofpoint)
Threat actors aren’t stopping at manipulating URLs. They're also finding ways to bypass email security infrastructure entirely by exploiting trusted relationships in collaboration platforms.
https://www.proofpoint.com/us/blog/email-and-cloud-threats/threat-actors-engineer-attacks-to-evade-email-security
Thursday 12/4
Protecting Your Data With Backups: The Complete Guide (Arctic Wolf)
In the modern threat landscape, properly stored and protected backups have become more essential than ever. However, threat actors know this as well, which explains why, as backup and restoration capabilities continue to improve, double and triple extortion has become the new normal.
https://arcticwolf.com/resources/blog/how-to-protect-your-data-with-backups/
Friday 12/5
The Shadow AI reality: Inside Cato’s survey results (Cato Networks)
Many IT teams have low or no visibility into AI usage. They can’t see which tools employees are using, how often, what they’re sharing, or what those tools are doing with their data. 69% percent of organizations still don’t have formal monitoring in place.
https://www.catonetworks.com/blog/shadow-ai-reality-inside-catos-survey-results/
The Illusion of Truth: Why Modern Cyber Resilience Starts With Knowing What You Actually Have (Axonius)
In 2025, the biggest risk most organizations face isn’t a zero-day, or ransomware group, or state-sponsored attacker. It’s the illusion that they understand their own environment.
https://www.axonius.com/blog/the-illusion-of-truth-why-modern-cyber-resilience-starts-with-knowing-what-you-actually-have