report

M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds

M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds 2026-03-23 at 17:17 By Eduard Kovacs The latest M-Trends report is based on insights from over 500,000 hours of Mandiant incident response investigations in 2025. The post M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds appeared first on SecurityWeek. This article […]

M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds Read More »

Your APIs are under siege, and attackers are just getting warmed up

Your APIs are under siege, and attackers are just getting warmed up 2026-03-19 at 07:21 By Anamarija Pogorelec Internet-facing systems are handling sustained levels of malicious traffic across APIs, web applications, and DDoS channels. Akamai’s State of the Internet security report places these patterns within the same operating environment, with activity increasing across each area

Your APIs are under siege, and attackers are just getting warmed up Read More »

The Collapse of Predictive Security in the Age of Machine-Speed Attacks

The Collapse of Predictive Security in the Age of Machine-Speed Attacks 2026-03-18 at 21:42 By Kevin Townsend With exploitation of vulnerabilities taking just days, preemptive security must be the new model for defenders. The post The Collapse of Predictive Security in the Age of Machine-Speed Attacks appeared first on SecurityWeek. This article is an excerpt

The Collapse of Predictive Security in the Age of Machine-Speed Attacks Read More »

Cybercriminals scale up, government sector hit hardest

Cybercriminals scale up, government sector hit hardest 2026-03-18 at 09:27 By Sinisa Markovic Government agencies faced the highest volume of cyberattack campaigns in 2025, according to new findings from HPE Threat Labs, which tracked 1,186 active campaigns over the course of the year. The data covers activity observed between January 1 and December 31, 2025,

Cybercriminals scale up, government sector hit hardest Read More »

AI, APIs and DDoS Collide in New Era of Coordinated Cyberattacks

AI, APIs and DDoS Collide in New Era of Coordinated Cyberattacks 2026-03-17 at 12:32 By Kevin Townsend Akamai warns that Layer 7 DDoS, API abuse and AI-powered attacks are merging into coordinated, multi-vector campaigns that are harder to detect and defend against. The post AI, APIs and DDoS Collide in New Era of Coordinated Cyberattacks

AI, APIs and DDoS Collide in New Era of Coordinated Cyberattacks Read More »

AI coding agents keep repeating decade-old security mistakes

AI coding agents keep repeating decade-old security mistakes 2026-03-13 at 08:01 By Anamarija Pogorelec Coding agents are now writing production features on real development teams, and a new report from DryRun Security shows that those agents introduce security vulnerabilities at a high rate across nearly every type of application they build. “AI coding agents can

AI coding agents keep repeating decade-old security mistakes Read More »

Agentic attack chains advance as infostealers flood criminal markets

Agentic attack chains advance as infostealers flood criminal markets 2026-03-12 at 08:35 By Mirko Zorz Cybercriminals spent much of 2025 automating their operations, shifting from one-off attacks to systems that can run entire intrusion cycles with minimal human input. Data collected from criminal forums, illicit marketplaces, and underground chat services shows a threat environment where

Agentic attack chains advance as infostealers flood criminal markets Read More »

Wireless vulnerabilities are doubling every few years

Wireless vulnerabilities are doubling every few years 2026-03-12 at 07:00 By Anamarija Pogorelec Wireless vulnerabilities are being disclosed at a rate that has no precedent in the fifteen-year history of systematic tracking. In 2025, researchers published 937 new wireless-related CVEs, an average of 2.5 per day, according to a threat report from Bastille Networks based

Wireless vulnerabilities are doubling every few years Read More »

Software vulnerabilities push credential abuse aside in cloud intrusions

Software vulnerabilities push credential abuse aside in cloud intrusions 2026-03-11 at 07:17 By Sinisa Markovic Cloud intrusions are unfolding on shorter timelines, with attackers leaning more on unpatched software and compromised identities. H2 2025 distribution of initial access vectors exploited in Google Cloud (Source: Google) Google Cloud’s Cloud Threat Horizons Report H1 2026 reflects incident

Software vulnerabilities push credential abuse aside in cloud intrusions Read More »

The people behind cyber extortion are often in their forties

The people behind cyber extortion are often in their forties 2026-03-10 at 08:00 By Anamarija Pogorelec Many cybercrime investigations end with arrests or indictments that reveal little about the people behind the operations. When authorities do disclose demographic details, the pattern that emerges does not match the common assumption that cyber offenders are mostly very

The people behind cyber extortion are often in their forties Read More »

Submarine cables move to the center of critical infrastructure security debate

Submarine cables move to the center of critical infrastructure security debate 2026-03-09 at 07:48 By Anamarija Pogorelec The cables running along the ocean floor carry the overwhelming majority of the world’s cross-border data traffic, and for most of their operational history they have attracted little strategic attention. That is changing. A new sector report from

Submarine cables move to the center of critical infrastructure security debate Read More »

Backup strategies are working, and ransomware gangs are responding with data theft

Backup strategies are working, and ransomware gangs are responding with data theft 2026-03-06 at 09:18 By Sinisa Markovic Business email compromise (BEC) and funds transfer fraud combined for 58% of all cyber insurance claims filed in 2025, according to data from Coalition covering more than 100,000 policyholders across the United States, Canada, the United Kingdom,

Backup strategies are working, and ransomware gangs are responding with data theft Read More »

What happens when AI teams compete against human hackers

What happens when AI teams compete against human hackers 2026-03-06 at 07:58 By Anamarija Pogorelec A cybersecurity competition produced what may be the largest controlled dataset comparing AI-augmented teams to human-only teams on professional-grade offensive security tasks. The event, called NeuroGrid, ran for 72 hours on the Hack The Box platform and drew 1,337 registered

What happens when AI teams compete against human hackers Read More »

That attractive online ad might be a malware trap

That attractive online ad might be a malware trap 2026-03-05 at 14:46 By Anamarija Pogorelec Malware increasingly travels through the infrastructure that delivers online advertising. The Media Trust’s Global Report on Digital Trust, Ad Integrity, and the Protection of People describes a digital ad ecosystem where scam campaigns, malicious redirects, and malware delivery appear alongside

That attractive online ad might be a malware trap Read More »

Cybersecurity is now the price of admission for industrial AI

Cybersecurity is now the price of admission for industrial AI 2026-03-04 at 07:17 By Mirko Zorz Industrial organizations are accelerating AI deployment across manufacturing, utilities, and transportation and running straight into a security problem. Cisco’s 2026 State of Industrial AI Report, based on responses from more than 1,000 decision-makers across 19 countries, finds that cybersecurity

Cybersecurity is now the price of admission for industrial AI Read More »

Cloudflare tracked 230 billion daily threats and here is what it found

Cloudflare tracked 230 billion daily threats and here is what it found 2026-03-03 at 19:46 By Anamarija Pogorelec Cloudflare’s network blocks over 230 billion threats per day. The volume indicates how routine and automated the attack cycle has become, and the patterns behind that volume point to a shift in how breaches begin and progress.

Cloudflare tracked 230 billion daily threats and here is what it found Read More »

5 years of shifting cybersecurity behavior

5 years of shifting cybersecurity behavior 2026-03-03 at 08:20 By Anamarija Pogorelec Online security is built through routine decisions made across devices and accounts. People choose how to create passwords, how often to reuse them, and how much effort to invest in protecting personal data. The National Cybersecurity Alliance and CybSafe’s Oh, Behave! The Cybersecurity

5 years of shifting cybersecurity behavior Read More »

Healthcare organizations are accepting cyber risk to cut costs

Healthcare organizations are accepting cyber risk to cut costs 2026-03-03 at 08:00 By Anamarija Pogorelec Healthcare organizations are cutting cybersecurity budgets under financial pressure even as the threats targeting their systems intensify. A PwC survey of 381 global healthcare executives, conducted between May and July 2025, puts numbers to the gap between the risks the

Healthcare organizations are accepting cyber risk to cut costs Read More »

AI risk moves into the security budget spotlight

AI risk moves into the security budget spotlight 2026-03-02 at 09:08 By Anamarija Pogorelec Enterprises are pushing AI deeper into workflows that touch sensitive data across cloud platforms and SaaS apps. The 2026 Thales Data Threat Report, based on a survey of 3,120 respondents in 20 countries, places that shift alongside growing pressure on data

AI risk moves into the security budget spotlight Read More »

Your dependencies are 278 days out of date and your pipelines aren’t protected

Your dependencies are 278 days out of date and your pipelines aren’t protected 2026-03-02 at 09:00 By Mirko Zorz Applications continue to ship with known weaknesses even as development workflows speed up. A new Datadog State of DevSecOps 2026 report examines how dependency management and pipeline practices are influencing exposure across cloud native environments. Across

Your dependencies are 278 days out of date and your pipelines aren’t protected Read More »

Scroll to Top