2026 Cybersecurity Forecast: Six Expert Predictions Worth Paying Attention To As we roll toward 2026, we asked a few of Radware’s sharpest minds to weigh in on what’s on the horizon for cybersecurity next year. Radware |December 15, 2025
Was it Aisuru? The reality of DDoS Attack Attribution Right now, Aisuru dominates the headlines due to several record-breaking attacks being attributed to it. As a result, any DDoS incident above 1 Tbps inevitably prompts the same question: “Was it Aisuru?” Pascal Geenens |December 10, 2025
Synthetic Vulnerabilities: Why AI-Generated Code is a Potential Structural Security Crisis Recent studies show a rapid rise in AI-assisted development: in 2024-2025, between 25% and 35% of newly written code in large organizations is already influenced or partially generated by LLMs. Ori Meidan |December 09, 2025
Deconstructing the Cashout Attack Kill Chain: Five Overlooked Indicators Statistically speaking, the vast majority of malicious bot attacks across the web are driven by credential stuffing attacks, as threat actors use breached credentials to take over accounts of credential-recycling users. Arik Atar |November 24, 2025
Belgium in the Crosshairs: Russia’s Hybrid Pressure Campaign Over NATO’s Capital Belgium – host to NATO HQ, SHAPE, the EU Commission, and one of Europe’s densest intelligence ecosystems – sits at the geopolitical center of Western defense and policymaking. Pascal Geenens |November 06, 2025
MCP and the Supply-Chain Problem As LLMs become the glue between humans and external systems, the way we integrate third-party services matters more than ever. Model Context Protocol (MCP) and ChatGPT connectors expose new kinds of vulnerability, where tools and manifests can carry the attack. Ori Meidan |October 23, 2025
Weaponizing Images: Prompt Injection Meets Dark AI Imagine this – you use your favorite AI assistant, and you send it a seemingly innocent image, when, all of a sudden, emails with sensitive information scraped from your computer are sent to an unknown email address. Ori Meidan |October 14, 2025
ShadowLeak: A Zero-Click, Service-Side Attack Exfiltrating Sensitive Data Using ChatGPT’s Deep Research Agent We found a zero-click flaw in ChatGPT’s Deep Research agent when connected to Gmail and browsing: A single crafted email quietly makes the agent leak sensitive inbox data to an attacker with no user action or visible UI. Co-Lead Researchers: Zvika Babo, Gabi Nakibly; Contributor: Maor Uziel |September 18, 2025
CVE is the new PoC In a previous blog, I wrote about proof of concept (PoC) exploits and the risks involved in publishing them before a patch is available. Ori Meidan |September 10, 2025
Mr Hamza’s Abyssal DDoS Mr Hamza is a prominent hacktivist group that has claimed over 250 DDoS attacks within the past three months alone. Ori Meidan |September 03, 2025
The Price of Transparency: PoCs, Disclosure and Unsecured Hardware A proof of concept (PoC) is a piece of code or a process designed to demonstrate that a vulnerability is real and exploitable. Ori Meidan |August 19, 2025
Radware’s H1 Global Threat Analysis: The Rising Tide of Cyberthreats in 2025 The first half of 2025 marked a decisive escalation in the sophistication, scale, and persistence of digital threats. Across nearly every attack vector monitored by Radware, cyberthreat activity intensified, led by surges in Web DDoS attacks, application-layer exploitation, hacktivist campaigns, and the aggressive proliferation of bad bots. Pascal Geenens |August 11, 2025