Archive for January 8, 2026

The Vibe Coding Security Gap & The New SHIELD Framework From Unit 42

Posted in Commentary with tags on January 8, 2026 by itnerd

Today, Unit 42 released new analysis on vibe coding’s hidden security risks and threats. AI-assisted “vibe coding” has officially gone mainstream with 99% of organizations now using AI agents in software development (State of Cloud Security Report 2025). But while AI-assisted coding dramatically boosts speed and productivity, it is also generating insecure code faster than security teams can review or remediate it – introducing vulnerabilities, technical debt, and real-world breach risks at an unprecedented scale.

This is a serious problem and too many organizations are ignoring long-standing industry principles such as “least privilege,” sacrificing secure development standards for speed and functionality. To compound this, the rise of Citizen Developers who lack code review literacy is accelerating the deployment of insecure code and supply chain weaknesses are being introduced at worrying rates. 

To address this, Unit 42 is introducing the SHIELD framework to reintroduce secure design into AI-assisted coding.

Read the full analysis for more details.

Leave a comment »

2025 Saw New Highs for Credential Theft, Dark Web Centered on Commercial Exchange, Ransomware and Akira and More

Posted in Commentary with tags on January 8, 2026 by itnerd

According to a just-released report by threat intelligence company SOCRadar, 2025 saw:

  • New highs for credential theft with a total of 388 million credentials were stolen from the ten most affected platforms. Facebook accounted for 93 million records, followed by Google with 67 million and Roblox with 66 million.
    • Gaming platforms were hit especially hard. Roblox, Twitch, and Epic Games together accounted for around 100 million accounts.
  • Dark Web activity centered on commercial exchange with sales accounting for 59% of observed activity, while 33% involved sharing stolen data and Hack announcements are around 5%.
    • The US appeared in nearly 20% of all forum discussions, making it the most referenced country. Public Administration led sector discussions at 13%, followed by Information and Finance at around 10% each.
  • Ransomware Activity Spread Across Groups – Akira led with 8.4% of incidents, followed by Qilin at 7.3% and Cl0p at 5.8%. No group controlled a large share of the landscape.
    • The US saw 41% of all ransomware attacks, while the United Kingdom followed with 18%. Australia, Japan, and Canada completed the top five. English-speaking countries together accounted for more than 60% of reported cases.

What Do These Numbers Mean?

These developments form a connected chain. Credentials are stolen through malware. That access is sold on Dark Web forums. Ransomware groups purchase it and use it to launch attacks. This process creates various risks for organizations on multiple fronts. Employees are targeted first through personal or work accounts. Compromised credentials then become gateways to larger incidents.

The 388 million stolen credentials represent more than isolated breaches. They serve as entry points that enable broader and more damaging attacks.

The full report covers:

The 2025 End of Year Report expands on these findings, including:

  • Stealer log distribution
  • Dark Web activity
  • Ransomware threats
  • Global phishing activity
  • And a summary of the threat landscape in 2025

To view the full report, see this link End of The Year 2025 Cyber Analysis

Leave a comment »

NordPass launches Authenticator for personal accounts

Posted in Commentary with tags on January 8, 2026 by itnerd

NordPass simplifies secure logins by including Authenticator on multiple devices in the application for personal use. The time-based one-time password (TOTP) support enables users to add an extra layer of security to their accounts with two-factor authentication, without the need to download or install additional applications. Authentication codes are synchronized within the account, letting users access them on both the mobile app or browser extension.

NordPass Authenticator stands out in the market with an added biometric layer that protects verification codes. Unlike most authentication apps, which display codes as soon as a user logs in, NordPass Authenticator requires biometric verification before revealing the security code. This true second-factor approach enhances security without compromising the user experience. Business users have already been able to access NordPass Authenticator to secure their corporate accounts. Now NordPass Authenticator is available for Premium and Family plan users.

Moreover, users will benefit from autofilling TOTP codes on any devices. This solution will bring more convenience while logging in to banking, social media, and other high-security services, browsing in incognito mode or switching between devices. 

Additionally, sharing access to accounts protected by two-factor authentication is inconvenient and often insecure – people tend to send codes through chats or SMS, which puts their accounts at risk. Moreover, relying on SMS prompts increases vulnerability to manipulation by smishing. This lack of a simple, secure way to manage and share logins protected by second factor authentication makes everyday digital tasks complicated.

With the TOTP support, NordPass functions as an authentication tool, generating two-factor codes for any credential the user has configured. For each account with two-factor authentication enabled, the user must first add its TOTP setup key to the corresponding item in the vault. Once the secret key is added, NordPass will generate the time-based codes that could be used when the service prompts for them during login.

Leave a comment »