Why Security Nudges Took Off

Blog

Byadmblake July 25, 2025

Nudges can be powerful — but they are not immune to overuse or misapplication.

Blog

Browser Exploits Wane as Users Become the Attack Surface

For browsers, exploitation is out — getting users to compromise their own systems is in. Improved browser security has forced attackers to adapt their tactics, and they’ve accepted the challenge.

Read More Browser Exploits Wane as Users Become the Attack Surface
Blog

Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials

Cybersecurity researchers have demonstrated a novel technique that allows a malicious web browser extension to impersonate any installed add-on. “The polymorphic extensions create a pixel perfect replica of the target’s icon, HTML popup, workflows and even temporarily disables the legitimate extension, making it extremely convincing for victims to believe that they are providing credentials to

Read More Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials
Blog

Ivanti Connect Secure Zero-Day Vulnerability

What are the Vulnerabilities?Ivanti disclosed two vulnerabilities, CVE-2025-0282 and CVE-2025-0283, impacting Ivanti Connect Secure (“ICS”) VPN appliances. CVE-2025-0282 is an unauthenticated stack-based buffer overflow affecting Ivanti Connect Secure, Policy Secure, and ZTA Gateways. Successful exploitation could result in unauthenticated remote code execution and CVE-2025-0283 is a stack-based buffer overflow in Ivanti Connect Secure before version…

Read More Ivanti Connect Secure Zero-Day Vulnerability
Blog

ZAST.AI Raises $6M Pre-A to Scale “Zero False Positive” AI-Powered Code Security

January 5, 2026, Seattle, USA — ZAST.AI announced the completion of a $6 million Pre-A funding round. This investment came from the well-known investment firm Hillhouse Capital, bringing ZAST.AI’s total funding close to $10 million. This marks a recognition from leading capital markets of a new solution: ending the era of high false positive rates…

Read More ZAST.AI Raises $6M Pre-A to Scale “Zero False Positive” AI-Powered Code Security
Blog

300 Servers and €3.5M Seized as Europol Strikes Ransomware Networks Worldwide

As part of the latest “season” of Operation Endgame, a coalition of law enforcement agencies have taken down about 300 servers worldwide, neutralized 650 domains, and issued arrest warrants against 20 targets. Operation Endgame, first launched in May 2024, is an ongoing law enforcement operation targeting services and infrastructures assisting in or directly providing initial…

Read More 300 Servers and €3.5M Seized as Europol Strikes Ransomware Networks Worldwide
Blog

As War Continues, Pro-Iranian Actors Launch Barrage of Cyberattacks

Iran and its supporters have taken to cyberspace to retaliate for US-Israeli military action, with an aim to cause economic and physical disruption.

Read More As War Continues, Pro-Iranian Actors Launch Barrage of Cyberattacks

Related