Abnormal AI is introducing autonomous AI agents that revolutionize how organizations train employees and report on risk, while also evolving its email security capabilities to continue to stop the world’s most advanced email attacks. The launch of AI Phishing Coach allows organizations to replace ineffective, generic training with a personalized, autonomous AI platform. By converting real attacks blocked by Abnormal into tailored simulations for each user, it delivers instant coaching modules when users click—no more canned videos or impersonalized courses. For company-wide training, AI-generated videos are created on-demand, branded, and customized to each organization’s threat landscape. AI Phishing Coach uses real-time behavioral threat data to deliver hyper-relevant training experiences. Because it’s powered by Abnormal’s behavioral AI engine, it learns from each organization’s threat environment and adapts training dynamically—providing proactive education before attacks succeed. Abnormal is also launching AI Data Analyst to turn complex security data into instantly usable intelligence—providing admins with better reporting tools and saving teams dozens of hours in manual data aggregation. AI Data Analyst acts as an intelligent agent that proactively delivers reports directly to customers, highlighting the value Abnormal is bringing to their organization. Customers can then interact with the agent to ask follow-up questions, explore specific data points, or request customized board decks—complete with interactive slides and plain-language insights—tailored to showcase the impact of Abnormal AI on their security posture. Abnormal is rolling out three no-cost upgrades to Inbound Email Security, now available to all customers: 1) Quarantine Release: Consolidates Microsoft-quarantined emails into the Abnormal platform for streamlined triage and faster response; 2) URL Rewriting: Adds user-facing warnings and click tracking for suspicious links, improving protection without disrupting the email experience. 3) Enterprise Remediation Settings: Allows administrators to tailor remediation actions based on threat type and business context.
Bugcrowd’s crowdsourced red teaming as a service RTaaS connects customers with a global network of vetted, trusted ethical hackers tailored to needs, budgets and organizational maturity
Bugcrowd the first-ever offering to apply the scale, agility, and incentive-driven power of crowdsourcing to red teaming. This new service connects customers with a global network of vetted ethical hackers for a variety of red team engagements—fully managed through the Bugcrowd Platform. This release sets a new benchmark in the red team services market, enabling organizations to test their security environments with the highest level of confidence. By tapping into a global pool of experts using the latest adversarial tactics, techniques, and procedures (TTPs), customers gain unparalleled insight into how real-world attackers would attempt to breach their defenses. Available on the Bugcrowd Platform, RTaaS works seamlessly alongside offerings such as Penetration Testing as a Service, Managed Bug Bounty, and Vulnerability Disclosure Programs. Bugcrowd customers can tailor their RTaaS engagements to meet specific needs, budget constraints, and organizational maturity. Through Bugcrowd’s global talent pool of vetted, trusted ethical hackers, customers can secure the exact expertise they need and scale their RTaaS program over time, surpassing competing services on the market. Bugcrowd’s industry-first offensive crowdsourced RTaaS bridges this critical security gap, opening the door for our customers to access high-end capabilities that deliver crucial insights into their defensive posture—continuously,” says Dave Gerry, CEO of Bugcrowd. Key features of RTaaS on the Bugcrowd Platform: Threat intelligence aligned with realistic scenarios; Real-world adversarial tactics; Global pool of specialized operators; Integrated platform and workflows; Scalable and flexible; High return on investment
Minimus platform reduces cloud software vulnerabilities by building container images directly from upstream project sources and including only the essential components needed to run applications
Application security startup Minimus has raised $51 million in an exceptionally large seed round to support the rollout of its platform, which claims to eliminate 95% of software supply chain vulnerabilities. Minimus offers a solution that is said to radically reduce cloud software vulnerabilities. The company’s platform transforms application security by breaking free from the cycle of detection, triage and remediation, allowing chief information security officers and developers to entirely avoid nearly all vulnerabilities. Minimus offers secure, minimal container images and virtual machines that seamlessly replace existing artifacts anywhere in the development workflow. Requiring only a single change to deployment configurations, the Minimus platform can help organizations realize an immediate decrease in vulnerability exposure, vastly accelerating remaining remediation efforts. Under the hood, Minimus builds images directly from upstream project sources, including only the essential components needed to run applications. The methodology reduces the attack surface, providing a lightweight, secure alternative to traditional development artifacts that doesn’t disrupt existing workflows or tools. The platform also integrates real-time threat intelligence to give developers and security teams insights into active exploits and vulnerability metrics, including Exploit Prediction Scoring System metrics and Cybersecurity and Infrastructure Security Agency Known Exploited Vulnerabilities. Doing so allows teams to focus their efforts on the small fraction of remaining risks, streamlining prioritization and significantly improving operational efficiency.
Pillar Security’s tech auto-maps all AI-related assets across the organization and uses real-world threat intelligence to address AI-specific risks such as evasion attacks, data privacy and intellectual property leakage
AI security startup Pillar Security has raised $9 million in seed funding to expand its research and development (R&D) and go-to-market efforts. Pillar Security’s solution is designed to meet the needs of a new age in which “software has gained agency and data itself has become executable,” Pillar Security CEO and Co-founder Dor Sarig said. “Pillar’s technology, backed by real-world AI threat intelligence, is built with this understanding, delivering a new class of protection designed explicitly for AI-related security risks,” Sarig said. “We are redefining application security to match the agentic and autonomous software of the Intelligence Age.” The company’s security platform is specifically designed for AI-integrated software systems and addresses AI-specific risk areas like evasion attacks, data poisoning, data privacy and intellectual property leakage. The platform integrates with an organization’s existing code repositories, data infrastructures and AI/ML platforms, automatically maps all AI-related assets across the organization, tests AI models and deploys guardrails that proactively prevent failures.
Interlock ransomware group’s attack tactics evolve from initial social engineering involving browser update lures to software updates, masquerading as security products
Interlock, a sophisticated ransomware threat, has been expanding since its first appearance in September 2024. The malware uses a multi-stage attack chain, compromising legitimate websites to deliver fake browser updates to unsuspecting users. The group operates across various sectors in North America and Europe, using an opportunistic target selection approach. Interlock cannot be classified as a Ransomware-as-a-Service (RaaS) operation, as no advertisements for recruiting affiliates have been discovered. The group maintains a data leak site called “Worldwide Secrets Blog” where they expose victim data and provide negotiation channels. Despite continuing operations, Interlock has claimed fewer victims than more prolific ransomware groups that claimed over one hundred victims in Q1 2025 alone. Sekoia Threat Detection & Research (TDR) team analysts have identified significant evolution in Interlock’s tactics since its emergence. The initial infection vector relies on social engineering, tricking users into downloading and executing fake browser updates. The attackers have evolved their tactics, switching from browser update lures to security software updaters, masquerading as security products.
Blackhawk Network launches sustainable, fiber-based gift card substrate offering a new level of card resilience and manufacturing compatibility through its unique 30-point thickness and proprietary treatments
Global branded payments provider Blackhawk Network (BHN) has partnered with Monadnock Paper Mills to introduce Renovo, a new sustainable, fiber-based gift card substrate that brings differentiated features to the global gift card market. A more eco-friendly alternative to PVC, Renovo also introduces a new level of card resilience and manufacturing compatibility through its unique 30-point thickness and proprietary treatments. Just over two years after formally revealing its public-facing initiatives to create a more sustainable future for the gift card industry, BHN has exceeded its goal to convert at least 75% of its globally distributed physical gift cards to fiber-based substrates by the end of 2024, with a current conversion rate of 85%. Renovo benefits include: 100% Post-Consumer Recycled Fiber, Manufactured Carbon Neutral, Recyclable, Multi-Platform Coating for Printing Versatility, Seamless Transition from Plastic
Pillar Security’s tech auto-maps all AI-related assets across the organization and uses real-world threat intelligence to address AI-specific risks such as evasion attacks, data privacy and intellectual property leakage
AI security startup Pillar Security has raised $9 million in seed funding to expand its research and development (R&D) and go-to-market efforts. Pillar Security’s solution is designed to meet the needs of a new age in which “software has gained agency and data itself has become executable,” Pillar Security CEO and Co-founder Dor Sarig said. “Pillar’s technology, backed by real-world AI threat intelligence, is built with this understanding, delivering a new class of protection designed explicitly for AI-related security risks,” Sarig said. “We are redefining application security to match the agentic and autonomous software of the Intelligence Age.” The company’s security platform is specifically designed for AI-integrated software systems and addresses AI-specific risk areas like evasion attacks, data poisoning, data privacy and intellectual property leakage. The platform integrates with an organization’s existing code repositories, data infrastructures and AI/ML platforms, automatically maps all AI-related assets across the organization, tests AI models and deploys guardrails that proactively prevent failures.
Interlock ransomware group’s attack tactics evolve from ini tial social engineering involving browser update lures to software updates, masquerading as security products
Interlock, a sophisticated ransomware threat, has been expanding since its first appearance in September 2024. The malware uses a multi-stage attack chain, compromising legitimate websites to deliver fake browser updates to unsuspecting users. The group operates across various sectors in North America and Europe, using an opportunistic target selection approach. Interlock cannot be classified as a Ransomware-as-a-Service (RaaS) operation, as no advertisements for recruiting affiliates have been discovered. The group maintains a data leak site called “Worldwide Secrets Blog” where they expose victim data and provide negotiation channels. Despite continuing operations, Interlock has claimed fewer victims than more prolific ransomware groups that claimed over one hundred victims in Q1 2025 alone. Sekoia Threat Detection & Research (TDR) team analysts have identified significant evolution in Interlock’s tactics since its emergence. The initial infection vector relies on social engineering, tricking users into downloading and executing fake browser updates. The attackers have evolved their tactics, switching from browser update lures to security software updaters, masquerading as security products.
New Gmail hack attack employs an OAuth application and “creative DomainKeys Identified Mail workaround” to fool victims into thinking a security alert email originated from Google itself
The latest Gmail hack attack involves a sophisticated phishing campaign that employs the use of an OAuth application and what has been described as a “creative DomainKeys Identified Mail workaround” to fool victims into thinking a security alert email originated from Google itself. In other words, it has managed to bypass the exact protections that Google has put in place to help prevent such attacks in the first place. Google says you have 7 days in which they can undo the damage and regain access to that hacked account. The good news is that Google has confirmed it is putting out updated protections that counter the threat methodology used in this attack. “These protections will soon be fully deployed, which will shut down this avenue for abuse.” Anyone who finds themselves locked out of their Gmail account following a successful attack, where the hacker has changed their account password and recovery methods, still has seven days in which they can undo the damage and regain access to that hacked account.