Is your business still relying on traditional backups to safeguard against ransomware? Our latest blog, “Beyond Backup: Why Cyber Resilience Demands a Rethink in the Age of Ransomware,” highlights why backups alone aren’t enough in today’s threat landscape. Modern ransomware doesn’t just target your data—it targets your ability to recover. From immutable backups and automated recovery testing to orchestrated recovery playbooks, building true cyber resilience requires a shift in strategy.

XORIndex Malware: North Korean Hackers Target npm Registry in Ongoing Supply Chain Attack The open-source community faces a growing challenge: supply chain attacks are no longer rare events but persistent threats. Our latest blog unpacks how North Korean threat actors are exploiting the npm registry with a new malware loader, XORIndex, as part of their broader Contagious Interview campaign. This attack highlights how software dependencies—trusted by developers worldwide—can become backdoors for sophisticated adversaries. The evolving tactics underscore why securing the supply chain is no longer optional.

600+ Laravel Applications Vulnerable to Remote Code Execution Due to Leaked APP_KEYs on GitHub In today’s fast-moving development pipelines, even one leaked secret can turn a secure application into a breach waiting to happen. Security researchers recently uncovered a critical threat: over 600 Laravel applications are exposed to Remote Code Execution (RCE) attacks after sensitive APP_KEYs were found publicly leaked on GitHub. This key isn’t just a string—it’s a gateway into encrypted sessions, authentication flows, and sensitive application data. The incident serves as a stark reminder of the importance of robust secrets management and secure development practices.

Taiwan Flags TikTok, Weibo, RedNote as Data Security Threats Due to China Links Taiwan’s National Security Bureau has raised serious concerns over China-developed apps like TikTok, Weibo, and RedNote—citing invasive data collection and transmission practices. RedNote failed all 15 security indicators in their assessment, with TikTok and Weibo close behind. These aren’t isolated concerns. Governments across the globe—from India to Canada—are now responding to the broader risks of geopolitical influence through digital platforms.

A recent advisory from U.S. cybersecurity and intelligence agencies warns of a growing wave of cyber activity linked to Iranian state-sponsored groups—targeting defense contractors, OT systems, and critical infrastructure.The methods may seem familiar, but their impact is increasingly sophisticated—leveraging reconnaissance tools, remote access trojans, and legitimate admin utilities like PsExec and Mimikatz to quietly move through environments undetected.

A critical flaw in the Open VSX Registry—used by tools like Gitpod, Google Cloud Shell Editor, and Cursor—has revealed just how vulnerable trusted software ecosystems can be. This vulnerability allowed attackers to exploit the extension publishing workflow, potentially injecting malicious code with broad reach into millions of developer environments.

The recent DHS advisory highlights a growing digital fallout from physical conflicts. As cyberattacks by pro-Iranian groups intensify, organizations are once again reminded of the vulnerabilities that exist across networks, endpoints, and users.

The grocery industry is undergoing a digital transformation—but with it comes a surge in cyber threats. Imagine walking into your local supermarket only to find empty shelves and frozen checkouts. In 2025, that became a reality for major UK retailers like Tesco, Marks & Spencer, and Harrods—crippled not by supply issues, but by targeted cyberattacks. From ransomware and phishing to legacy IT systems and supply chain vulnerabilities, grocery retailers are facing a perfect storm of cybersecurity challenges. With over 40% of grocery chains reporting major cyber incidents and average recovery costs topping USD 2.13 million, the stakes have never been higher.

The recent seizure of $7.74 million in cryptocurrency by the U.S. Department of Justice (DoJ) exposes a sophisticated and evolving cybercrime operation connected to North Korea. This network has been exploiting the global remote work and cryptocurrency ecosystem to circumvent international sanctions, fund illicit activities, and sustain the regime’s cyber ambitions. What can cybersecurity professionals learn from this case, and how should organizations adjust their defenses accordingly?