The 2025 SecurityScorecard Global Third-Party Breach Report analyzes 1,000 breaches and finds that 35.5% of 2024 incidents originated via third parties, a 6.5% rise from 2023, underscoring growing supply‑chain exposure and attacker emphasis on vendor access. The report highlights file transfer software, cloud services, state‑sponsored supply‑chain campaigns (notably linked to Chinese groups), prolific ransomware actors such as C10p, and concrete TPRM actions organizations should adopt now. #C10p #Ivanti
Category: Security Report
The 2025 State of Human Risk report shows that human behavior—not technology gaps—is now the dominant driver of breaches, with attackers leveraging AI-powered phishing, collaboration tools, and credential misuse to bypass traditional defenses. High-impact incidents such as the Change Healthcare breach illustrate the massive financial and operational consequences and underscore the urgent need for Human Risk Management and stronger collaboration-tool protections. #ChangeHealthcare #MicrosoftTeams
K7Security’s Q2 2025-26 Cyber-Threat-Monitor highlights a 19% global Infection Rate driven by persistent exploitation of legacy flaws (notably MS17-010/EternalBlue), widespread adware and hack-tool prevalence on Windows, and dominant Trojan activity on Android (86%) and macOS (88%). Executive findings emphasize “vulnerability debt,” human-centric phishing, supply-chain and edge-device attacks, and recommendations to prioritize patching, MFA, behavioral detection, and third‑party risk assessments. #MS17-010 #EternalBlue
The Q3 2025 Rapid7 Threat Landscape Report documents accelerating zero-day and mass-exploitation activity, consolidation and innovation among ransomware groups (notably Qilin), increasing supply-chain and nation‑state espionage, and the operationalization of AI for social engineering and evasive malware. Major metrics include 53 newly observed exploited CVEs, 88 active ransomware leak-site groups, and U.S. victims accounting for 67% of ransom posts; high-impact incidents targeted Microsoft SharePoint, CrushFTP, GoAnywhere MFT, and multiple Cisco products. #Qilin #LAMEHUG #SharePoint #GoAnywhere #CrushFTP #PathWiper
The H1 2025 ESET Threat Report documents rapid shifts in the threat landscape—highlighting the explosive rise of ClickFix social engineering, SnakeStealer’s emergence as the top infostealer, Android adware surges driven by Kaleidoscope, and a dramatic increase in NFC fraud. It also covers coordinated disruptions of Lumma Stealer and Danabot, growing ransomware infighting (including RansomHub and DragonForce), and key telemetry changes such as a 517% rise in ClickFix detections and a 160% jump in Android adware. #ClickFix #SnakeStealer
The report highlights a clear industry shift toward phishing-resistant, passwordless authentication and shows how identity strategy is increasingly tied to user experience and regulatory requirements. Key stats and trends call out broad passwordless adoption and rising threats like AI-driven social engineering that require adaptive, behavior-based defenses. #Descope #Passkeys
BioCatch’s Global Scams Report 2025 documents a rapid, global escalation in authorized push payment (APP) scams driven by real-time payments, social engineering, and GenAI-enabled scaling, and highlights the industrialization of fraud including trafficked scam compounds. The report pairs regional breakdowns, hard statistics, and a case study to show steep rises in vishing, smishing, romance, and investment scams and calls for behavioral-intelligence defenses and cross-industry collaboration. #BioCatch #FasterPayments
The State of SaaS Security 2025 Report documents a sharp rise in SaaS-related incidents despite widespread confidence in protections, highlighting misconfigurations, permission issues, and weak continuous oversight as primary drivers. The report urges a shift to continuous monitoring, clear ownership, and governance for AI-enabled integrations to close the gap between perceived visibility and actual security. #AppOmni #Microsoft365
This Ponemon Institute report, sponsored by OPSWAT, summarizes survey responses from 612 U.S. IT and security practitioners about file security risks, controls, technologies, and AI adoption. Key takeaways include high incident frequency and cost (average $2.7M), dominant insider and file-visibility risks, concern over macro-based and zero-day malware, and increasing use of CDR, DLP, multiscanning, SBOMs, and AI in defenses. #OPSWAT #PonemonInstitute #MacroBasedMalware #ZeroDay
Latio’s 2025 AI Security Market Report cuts through marketing-driven confusion to map a fragmented AI security landscape, define four primary use-case categories, and explain the specific risks each category addresses. It highlights how VC-fueled hype has blurred vendor distinctions, stresses that tool choice should be guided by an organization’s risk profile, technology stack, and priorities, and includes a practical decision flowchart and vendor market breakdown. #Latio #AI-TRiSM
The GuidePoint / Ponemon 2025 Identity and Access Management (IAM) Maturity Report finds most organizations remain in early-to-mid IAM maturity, with pervasive manual processes, underinvestment in IAM, and 50% of organizations experiencing an identity-based security incident in the prior 12 months. High performers (23% of respondents) show measurable benefits from automation and advanced identity technologies, while adoption growth is strongest for AI, ITDR, ISPM, IGA, and biometric/passwordless approaches. #GuidePoint #PonemonInstitute
Hiya’s State of the Call 2025 analyzes 262.8 billion calls and surveys of 12,003 consumers, 1,802 workers, and 600 IT/security leaders to highlight five major voice-call trends: ongoing reliance on voice, pervasive trust and security issues, a sharp rise in AI-generated deepfakes, measurable financial losses, and gaps in protective investments. The report finds 25% of spam calls in a Q1 honeypot used AI-generated audio, 39% of consumers encountered a deepfake in a recent three-month period, and recommends layered defenses such as branded calling, anti‑spoofing, and AI detection. #Deepfake #Hiya
The 2025 State of Detection Engineering at Elastic summarizes detection engineering work from October 2023 to October 2024, covering real-world incident responses, rule development lifecycles, CI/Detections-as-Code practices, and extensive telemetry and integration enhancements across endpoint, cloud, and SaaS platforms. Key highlights include rapid coverage for the CUPS RCE disclosures, detection and analysis of activity group REF6138 and a DPRK malicious NPM campaign, expansion of kernel and macOS telemetry, an AWS CloudTrail/Okta rule audit (50+ tunings, 40+ new rules, 17 hunting queries), and operational metrics such as processing 500+ malware samples/day with a 99% detection goal. #CUPS #CVE-2024-47076 #REF6138 #ElasticDefend #AWSCloudTrail #Okta #ScatteredSpider #Panix #SWAT #DEBMM #ElasticSecurityLabs #NPM #DPRK
TRM Labs’ Global Crypto Policy Review & Outlook 2025/26 surveys policy developments across 30 jurisdictions, showing stablecoins at the center of regulatory efforts, rising institutional adoption, and clearer rules reducing illicit activity among regulated VASPs. The report highlights critical incidents and coordination gaps—most notably North Korea’s $1.5 billion hack of Bybit—and calls for consistent cross-jurisdictional standards and real-time information sharing to limit exploitation of unregulated infrastructure. #Bybit #NorthKorea
Yubico’s 2025 Global State of Authentication report exposes a large gap between perceived and actual authentication security: employees and organizations rely heavily on passwords and SMS while many lack up-to-date training, and AI-driven attacks are increasing both threat sophistication and user concern. The report urges widespread MFA adoption—especially device-bound passkeys and hardware security keys—supported by education and consistent policies to close vulnerabilities. #Yubico #YubiKey