Besides ransomware and phishing, application supplier risk is a growing concern, as attacks against code repos are getting more frequent.

Universities are valuable "brands" for attackers to use in email impersonation attacks. Too few use DMARC to counter the attacks.

Kubernetes adoption is growing fast, creating a gap in skills and management tools.

A survey of more than 500 IT security decision makers in US and UK organizations details the impact of ransomware.

VMware is urging administrators to patch several critical vulnerabilities. Fortunately, not so critical as last year's Vsphere bugs.

Test environments and datasets containing real customer data are a source of data leak risk.

An unexpected slowdown in ransomware attacks due to volatility in cryptocurrency markets and law-enforcement focus.

Threat actors are increasingly using container files such as ISO, RAR and LNK shortcuts to distribute Office macro malware.

Mobile apps in production are vulnerable to threats, but the risks receive lower priority and funding.