Leveraging Knowledge to Manage Your Data Risks
As we have warned before, threat actors using QR codes in attacks against victims continue to rise. To illustrate the risk, on January 8, 2026, the FBI issued a FLASH alert, entitled “North Korean Kimsuky Actors Leverage Malicious QR Codes in Spearphishing Campaigns Targeting U.S. Entities.”
The alert warns that North Korean state-sponsored actors (Kimsuky)…
Happy New Year! 2025 was a busy year for the Insider authors—we published 271 posts throughout 2025. To kick-off 2026, in case you missed them last year, we are providing the articles from 2025 that were the most interesting to our readers across various categories.
We hope you enjoy them and look forward to another…
Threat actors had another banner year in 2025. As we head into 2026, looking back on the five top security threats of 2025 may inform our strategy and budgeting for 2026 to prepare for the continued onslaught of attacks.
According to Dark Reading, the top five security threats from 2025 include:
Salt…
On December 19, 2025, the Federal Bureau of Investigation (FBI) published an Alert warning the public that it has data from as far back as 2023 that “malicious actors have impersonated senior U.S. state government, White House, and Cabinet level officials, as well as members of Congress to target individuals, including officials’ family members and…
700Credit, a Michigan-based company that runs credit checks and identification verification services for automobile dealerships nationwide, has announced that an “integrated partner” was compromised, allowing a bad actor to obtain unauthorized access to its network of information about individuals whose credit the company checked. The incident was discovered on October 25, 2025.
Michigan officials confirmed…
On November 25, 2025, the Federal Bureau of Investigation (FBI) published a Public Service Announcement warning that cyber criminals are “impersonating financial institutions to steal money or information in Account Takeover (ATO) fraud schemes.” These schemes target individuals and businesses of all sizes across all sectors. According to the announcement, “Since January 2025, the FBI…
Deepfakes continue to be problematic for organizations and individuals. They are hard to detect and hard to respond to when used in an attack against a company.
To respond to this ongoing, and increasingly prevalent, problem, cyber insurer Coalition announced this week that it will expand coverage for “certain incidents where AI and deepfakes lead…
On November 24, 2025, the Cybersecurity & Infrastructure Security Agency (CISA) issued an alert titled “Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications,” which outlines how “multiple cyber threat actors” are “leveraging commercial spyware to target users of mobile messaging applications.”
The threat actors “use sophisticated targeting and social engineering techniques to…
A November 13, 2025, a Cybersecurity Advisory warned that new activity by the Akira ransomware variant “presents an imminent threat to critical infrastructure.” The Advisory was jointly issued by four U.S. agencies, the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency, the Department of Defense Cyber Crime Center, and the Department of…
