Real-world asset (RWA) tokenization is gaining momentum as a promising innovation on Wall Street. The US GENIUS Act, which establishes a regulatory framework for the $260 billion stablecoin market, is expected to accelerate growth in the sector. The legislation, signed into law by US President Donald Trump, is a strong signal that Congress is ready to support responsible blockchain innovation. Stablecoins, often excluded from RWA industry metrics, are backed by government bonds and other tangible assets, making them a key on-ramp for tokenization’s future growth. A favorable regulatory environment in the US will be a major catalyst for the continued evolution and adoption of tokenized assets. To date, much of the growth in tokenized assets has been concentrated in private credit and US Treasury debt. The initial adoption of tokenization has been centered on bringing legacy financial assets onto modern digital rails, with treasuries and private credit being perfect starting points. As the financial infrastructure matures, it will focus on unlocking new financial products and global participation. Aptos Labs is emerging as a hub for RWA activity, with the value of tokenized RWAs on the Aptos blockchain exceeding $540 million in late June.
SonicWall launches Generation 8 firewalls with unified cloud management, embedded zero trust access, real-time co-managed security, and industry-first cyber warranty for MSP scalability
Cybersecurity firm SonicWall launched new firewalls as part of its Generation 8 portfolio, positioning the company as a go-to platform for managed service providers and managed security service providers. SonicWall’s platform is anchored by its Unified Management system, a single cloud console that streamlines the management of firewalls, network policies, access controls and accounts to reduce operational complexity. Every firewall in the portfolio includes built-in Zero Trust Network Access licenses, enabling secure remote access that is easy to deploy and well-suited for modern cloud environments. To further support partners, SonicWall offers SonicSentry Co-Managed Security, providing optional 24/7 monitoring, patching and monthly reporting from its team of experts. Each managed firewall also comes with an industry-first embedded cyber warranty, delivering $200,000 in coverage through the Managed Protection Security Suite for added peace of mind. SonicWall’s Generation 8 release features eight new firewall models, ranging from the ultra-compact TZ280 to the high-performance NSa 5800. Each is engineered, the company claims, to deliver best-in-class security, performance, and scalability for small offices, distributed environments and midsized enterprises. Each model includes cloud-native management that has been built for service providers through SonicWall Unified Management, built-in zero trust capabilities, the latest SonicOS enhancements and is protected by SonicWall’s embedded cyber warranty. The entire Generation 8 lineup can also be purchased with MPSS, enabling co-managed security services delivered by the SonicSentry team of security professionals. SonicWall’s platform is built to address real-world MSP challenges, supporting everything from cloud-first organizations and remote workforces to distributed enterprises. The platform delivers small to medium-sized businesses and midmarket security firms with embedded zero trust, allows for centralized oversight in multitenant environments, and offers compliance-friendly co-management with built-in monthly health reports.
Surge in coordinated scans targets Microsoft RDP auth servers suggesting setting up of future credential-based attacks, such as brute force or password-spray attacks
Internet intelligence firm GreyNoise reports that it has recorded a significant spike in scanning activity consisting of nearly 1,971 IP addresses probing Microsoft Remote Desktop Web Access and RDP Web Client authentication portals in unison, suggesting a coordinated reconnaissance campaign. The researchers say that this is a massive change in activity, with the company usually only seeing 3–5 IP addresses a day performing this type of scanning. GreyNoise says that the wave in scans is testing for timing flaws that could be used to verify usernames, setting up future credential-based attacks, such as brute force or password-spray attacks. GreyNoise also says that 1,851 shared the same client signature, and of those, approximately 92% were already flagged as malicious. The IP addresses predominantly originate from Brazil and targeted IP addresses in the United States, indicating it may be a single botnet or toolset conducting the scans. The researchers say that the timing of the attack coincides with the US back-to-school season, when schools and universities may be bringing their RDP systems back online. However, the surge in scans could also indicate that a new vulnerability may have been found, as GreyNoise has previously found that spikes in malicious traffic commonly precede the disclosure of new vulnerabilities. Windows admins managing RDP portals and exposed devices should make sure their accounts are properly secured with multi-factor authentication, and if possible, place them behind VPNs.
RedShield’s solution secures against DDoS and automated bot attacks by deploying an identity and intent challenge that requires a valid email address and a code sent to that email
RedShield has introduced a new cybersecurity feature called ‘Third Horizon’ to provide additional protection against Distributed Denial-of-Service (DDoS) and automated bot attacks. The technology disrupts attack methods and forces attackers to adapt in ways that traditional automated or artificial intelligence-driven tools cannot manage effectively. The Third Horizon feature challenges suspicious users seeking access to an application by requiring them to supply a valid email address and verify their identity using a code sent to that email. This adds complexity for attackers using automated systems, as they typically struggle to answer such requests at scale. RedShield’s service operates using a three-tiered architecture for threat defence. The first layer, the First Horizon, uses traffic profiling to block high-volume attacks and malicious traffic. The second layer focuses on sophisticated bot detection, targeting malicious bots attempting to appear as legitimate users. The Third Horizon provides an identity and intent challenge, requiring suspicious users to confirm an email address before accessing a site or application. Recent findings highlight the scale of the challenge facing organizations, with automated bots accounting for nearly half of all internet traffic in 2024 and DDoS attacks increasing 1800% globally from the third to the fourth quarter of last year. RedShield is extending its layered approach by offering the Third Horizon as an optional add-on service for customers requiring heightened protection.
Proton’s AI assistant uses zero-access encryption and keeps no logs of conversations, has end-to-end encryption for storing chats, offers a ghost mode for conversations and doesn’t require the user to have an account to use the chatbot
Privacy-focused productivity tools maker Proton released its AI assistant, called Lumo, which keeps no logs of conversations, has end-to-end encryption for storing chats, and offers a ghost mode for conversations that disappear as soon as you close the window. Lumo doesn’t require you to have an account to use the chatbot and ask questions. You can upload files to have the chatbot answer questions about them, and if you have a Proton Drive account, you can connect it with Lumo to access files stored in the cloud. While the chatbot has access to the web, it might not find you the latest results if you use it to search. Lumo is based on open source models, and will only depend on them for research and development going forward without utilizing user data to train its models. Lumo relies on zero-access encryption, an encryption method that other Proton products also use, to let users store their conversation history, which can be decrypted on the device. “Lumo is based upon open-source language models and operates from Proton’s European datacenters. This gives you much greater transparency into the way Lumo works than any other major AI assistant. Unlike Apple Intelligence and others, Lumo is not a partnership with OpenAI or other American or Chinese AI companies, and your queries are never sent to any third parties,” Proton said.
New wave of injection attacks exploits input manipulation, bypassing traditional checks; as a result liveness detection is no longer a value-added feature — it is now an essential component of security
Jumio warns about the rise of injection attacks as one of the most sophisticated and difficult-to-detect threats in identity verification processes. Unlike conventional identity spoofing methods —injection attacks bypass traditional fraud detection methods by manipulating the input channel itself. Instead of presenting an image or video in front of the camera, attackers alter the system at its source, compromising the integrity of the digital process. Their effectiveness can result in financial fraud, creation of fake identities, evasion of regulatory controls, and loss of user trust and strategic partner confidence. Given this scenario, liveness detection is no longer a value-added feature — it is now an essential component of security. To combat injection attacks, systems must be able to distinguish between a real person in front of a camera and a manipulated video source. Effective identity verification technologies against injection attacks should: Differentiate between a legitimate source and an emulated one, identifying whether the video comes from a real camera or software emulator. Accurately match the presented face with the ID document, ensuring biometric consistency. Detect invisible clues such as synthetic artifacts, repetitions, or inconsistencies in lighting, textures, and depth. Recognize suspicious patterns, like reused backgrounds in multiple attempts or pre-recorded videos presented as live input.
Cloudflare launches AI‑SPM to centrally visualize Shadow AI alongside new posture management, prompt‑level guardrails, and gateway policies to help teams block risky apps, limit uploads, and monitor usage
Cloudflare is introducing AI Security Posture Management (AI-SPM) into Cloudflare One, its Zero Trust platform to allow organizations to safeguard against a range of potential threats posed by the wide adoption of AI tools, enabling businesses to move faster with the confidence that AI is being used safely by all teams. Now, with the availability of all features, security teams will be able to: Discover how employees are using AI: With Cloudflare’s new Shadow AI Report, security teams can get instant insights from their traffic to gain a clear, data-driven picture of their organization’s AI usage. This granular view allows them to see not just that an employee is using an AI app, but which AI app, and what users are accessing it. Protect against Shadow AI: Cloudflare Gateway makes it easy to automatically enforce AI policies at the edge of Cloudflare’s network, ensuring consistent security for every employee, no matter where they work. Security teams can choose to fully block unapproved AI applications, limit the types of data uploaded into AI applications, and complete reviews of AI tools, to ensure they continue to meet security and privacy standards. Safeguard sensitive data without fully restricting AI usage: AI Prompt Protection allows security teams to identify potentially dangerous or risky employee interactions with AI models, and flag those prompts and responses. Policies can now be enforced inline at the prompt level to mitigate risk early on, and warn the employee about, or block them from, submitting sensitive data—like source code—being entered into an untrusted AI provider. This will give security teams the control they need to monitor company data that may be sent outside the organization, without fully restricting employees’ usage of AI tools. Gain visibility of AI model interactions with tools outside the business: Zero Trust MCP Server Control consolidates all MCP tool calls—a request from an AI model or application to a server to execute a specific task—into a single dashboard. This visibility ultimately allows all MCP traffic, regardless of origin, to be routed through Cloudflare for increased control and access management. Now, with centralized insights, security teams can set user-level policies at both the gateway and individual MCP server levels.
Google’s AI agent discovers a critical SQLite vulnerability using threat intelligence and was able to actually predict that it was imminently going to be exploited for carrying out a cyberattack
Google is introducing a new approach to cybersecurity, focusing on artificial intelligence as the first line of digital defence. The company has introduced Big Sleep, an AI agent developed by Google DeepMind in collaboration with Project Zero, which has successfully stopped a security threat before it was launched. The tool is also being used to strengthen the security of open-source software, increasing defensive coverage. Google’s secure-by-design approach emphasizes human oversight, transparency, and privacy. In addition to Big Sleep, Google is infusing AI into its security infrastructure: Timesketch, the company’s open-source forensics platform, now integrates Sec-Gemini-powered agents to automate incident response. FACADE, an insider threat detection tool, processes billions of security events each day using contrastive learning, without relying on historical attack data. A new AI-assisted Capture the Flag challenge at DEF CON 33 will give participants hands-on experience working alongside AI agents in real-time cyber defence scenarios.
Blink Operations no-code platform lets users create unlimited, tailored micro‑agents focused on specific security tasks by leveraging visual editors or natural‑language prompts to orchestrate actions from a library of 30,000+ integrations and pre-built workflows
Enterprise cybersecurity automation platform Blink Operations has raised $50 million in new funding to accelerate its go-to-market efforts and scale updeployment of its no-code cybersecurity micro-agents platform. BlinkOps offers cybersecurity automation that gives organizations the ability to build, collaborate on and scale up security workflows via artificial intelligence-driven, no-code and low-code interfaces. The company’s platform serves as an automation hub where security teams leverage visual editors or natural‑language prompts to orchestrate actions from a library of more than 30,000 integrations and pre-built workflows. BlinkOps’ Security Micro‑Agent Builder, which launched in April, provides a drag‑and‑drop, no-code interface that allows users to create unlimited, tailored micro‑agents focused on specific security tasks, such as identity and access management, patching, alert triage, device control or vulnerability response. Agents can be assigned defined roles, domain‑specific knowledge and secure operational abilities, offering deterministic and auditable automation. The company’s micro-agents can work collaboratively as agent “teams,” communicating with each other to manage complex multistep workflows. The idea is that by distributing work across role‑specialized agents, the platform avoids reliance on a single overload‑prone agent, enabling scalable, reliable automation while keeping human-in-the-loop flexibility where needed.
New Federal Reserve toolkits provide foundational knowledge and practical resources on scam and check fraud tactics, empowering payments professionals to recognize, prevent, and collaborate on defense
Federal Reserve has released two new toolkits: the Scams Mitigation Toolkit (Off-site) and Check Fraud Mitigation Toolkit (Off-site). The toolkits are intended to support education and increase awareness about scams and check fraud, enable the payments industry to better identify and fight them, and foster industry collaboration on fraud and scams mitigation. The initial releases of the Scams Mitigation Toolkit and Check Fraud Mitigation Toolkit focus on building foundational knowledge about different types of scams and check fraud; the tactics and human vulnerabilities that often enable these to succeed; and common scenarios that financial institutions, service providers, other businesses and individuals may encounter. In the fourth quarter of 2025, second releases of these two toolkits will offer additional insights and resources. These toolkits were developed by the Federal Reserve to help educate the industry about scams and check fraud. Insights for these toolkits were provided through interviews with industry experts, publicly available research and tea m member expertise. The toolkits are not intended to result in any regulatory or reporting requirements, imply any liabilities for fraud loss, or confer any legal status, legal definitions, or legal rights or responsibilities. While use of these toolkits throughout the industry is encouraged, their utilization is voluntary at the discretion of each individual entity. Absent written consent, the toolkits may not be used in a manner that suggests the Federal Reserve endorses a third-party product or service.