Security Bulletin

The company, one of four finalists in this year's Black Hat USA Startup Spotlight competition, uses multi-agent system to build AI Digital Employees.

In 2025, employees are still using weak passwords. Instead of forcing an impossible change, security leaders are working around the problem.

Our bulletin covering coordinated influence operation campaigns terminated on our platforms in Q3 2025.

South America's largest country is notorious for banking malware attacks; Maverick self-terminates if its targeted user is based outside Brazil.

The African country aims to train 1 million workers in tech skills in the short term, with a focus on software engineering, cybersecurity, and data science.

The same APT hammered critical bugs in Citrix NetScaler (CVE-2025-5777) and the Cisco Identity Service Engine (CVE-2025-20337) in a sign of growing adversary interest in identity and access management systems.

The phishing kit, run by a group known as the "Smishing Triad," has powered massive amounts of unpaid tolls and package tracking texts.

Threats against Microsoft Exchange continue to mount, but there are steps both organizations and Microsoft can take.

A campaign against Microsoft 365 users leverages Quantum Route Redirection, which simplifies previously technical attack steps and has affected victims across 90 countries.

Security teams may have a less burdensome rollout in November after October's Goliath Patch Tuesday, but shouldn't wait on a few top-priority fixes.