Orem, United States, November 18th, 2025, CyberNewsWire SecurityMetrics, a leading innovator in compliance and cybersecurity, today announced that…

Orem, United States, November 18th, 2025, CyberNewsWire

SecurityMetrics, a leading innovator in compliance and cybersecurity, today announced that its Shopping Cart Inspect (SCI) solutions has been selected as winner of the **“Data Leak Detection Solution of the Year”** award in the 9th annual CyberSecurity Breakthrough Awards program. Conducted by CyberSecurity Breakthrough, an independent market intelligence organization, the annual program recognizes the most innovative companies, products, and technologies driving progress in the global information security industry.

SCI reduces the chances of an e-commerce skimming attack through the inspection of a website’s shopping cart by a SecurityMetrics Forensic Investigator. The process involves the use of **patented WIM Technology** to determine if a website has fallen victim to JavaScript payment skimming. WIM technology can detect web skimming at the moment it is triggered and will alert a merchant if a webpage has been compromised, through tools like Shopping Cart Inspect and Shopping Cart Monitor.

Using Inspect, SecurityMetrics Forensic Analysts review the rendered webpage code in a shopping cart URL to collect evidence of a skimming attack. Inspect is non-intrusive and website reviews are conducted without business interruption or merchant installation/intervention.

Following the inspection, SecurityMetrics Forensic Analysts create a **risk report** illustrating a risk rating and include a list of vulnerabilities, ranking them from medium to high-risk based on the CVSS scale. The reports include a description of malicious JavaScript, identification of suspicious URLs on the website, a list of third-party domains participating in the e-commerce experience, and remediation recommendations. 24/7 technical support is also available to help with remediation.

> “We understand how important it is to keep a business running as usual, so we designed SCI to discover website skimming attacks while still allowing business to continue uninterrupted. Our solution has been purpose-built to strengthen merchants, and our Forensic Analysts are at the forefront of emerging cyber threats,” said Brad Caldwell, CEO of SecurityMetrics. “Our e-commerce investigations conducted by our expert Forensics Investigators will continue to identify trends that we will meet head-on with solutions that prioritize security technology for our valued global customer base.”

The 2025 awards program received thousands of nominations from more than 20 countries around the world, representing everything from disruptive startups to established global enterprises. This year’s winners embody the cutting edge of cybersecurity technology, delivering next-generation protection and resilience in today’s increasingly complex threat landscape.

> “SecurityMetrics knows that keeping your website up and running is vital to your business,” said Steve Johansson, managing director, CyberSecurity Breakthrough. “SCI from SecurityMetrics helps businesses tackle vulnerabilities confidently and gives them the tools and support they need to identify malicious scripts, protect their business, and ensure customer trust. That makes SCI our choice for 2025’s ‘Data Leak Detection Solution of the Year!’”

**About SecurityMetrics**

SecurityMetrics secures peace of mind for organizations that handle sensitive data. They have tested over 100 million systems for data security and compliance. Industry standards don’t keep up with the threat landscape, which is why SecurityMetrics hold their tools, training, and support to a higher, more thorough standard of performance and service. Never have a false sense of security.

**About CyberSecurity Breakthrough**

Part of Tech Breakthrough, a leading market intelligence and recognition platform for global technology innovation and leadership, the CyberSecurity Breakthrough Awards program is devoted to honoring excellence in information security and cybersecurity technology companies, products and people. The CyberSecurity Breakthrough Awards provide a platform for public recognition around the achievements of breakthrough information security companies and products in categories including Cloud Security, Threat Detection, Risk Management, Fraud Prevention, Mobile Security, Web and Email Security, UTM, Firewall and more. For more information, users can visit CyberSecurityBreakthrough.com.

Tech Breakthrough LLC does not endorse any vendor, product or service depicted in our recognition programs, and does not advise technology users to select only those vendors with award designations. Tech Breakthrough LLC recognition consists of the opinions of the Tech Breakthrough LLC organization and should not be construed as statements of fact. Tech Breakthrough LLC disclaims all warranties, expressed or implied, with respect to this recognition program, including any warranties of merchantability or fitness for a particular purpose.

**Contact**

Corporate Communications Manager

Landry French

SecurityMetrics

landry.french@securitymetrics.com

+1 801-995-6431

SecurityMetrics Wins “Data Leak Detection Solution of the Year” in 2025 CyberSecurity Breakthrough Awards Program

Mindgard reveals 4 critical security flaws in the popular Cline Bot AI coding agent. Learn how prompt injection can hijack the tool for API key theft and remote code execution.

AI coding assistants are fast becoming standard options in software development. However, a recent security audit of Cline Bot, one of the most popular assistants, revealed four serious security issues, including three critical flaws, that could allow a clever attacker to steal private information or run malicious software on a developer’s computer.

This ground-breaking research was conducted by AI security specialist Mindgard and shared with Hackread.com. The audit began on August 22, 2025, and Mindgard found these problems within just two days (by August 24), highlighting major security gaps in tools that are common nowadays.

****Turning a Helper into a Hazard****

The Cline Bot assistant is very popular, with over 3.8 million installs and more than 1.1 million daily active users. AI coding assistants, as we know it, are meant to be helpful, like a “golden retriever,” as the researchers put it, “endlessly eager, wildly helpful, and perhaps a little too trusting.”

But that’s not entirely the case here, as Mindgard demonstrated how a tricky attacker could hide a prompt injection inside source code files. When a developer simply opens a malicious project and asks Cline Bot to analyse it, the AI can be tricked into carrying out dangerous actions. These four issues include:

1.  Theft of Secret Keys: The AI could be tricked into sending sensitive API keys and other private data to an attacker’s location.
2.  Unauthorised Code Execution: An attacker could force the AI to download and run malicious software on the developer’s computer without needing approval.
3.  Bypassing Safety Checks: Attackers could override the AI’s internal safety rules, making it execute commands it should have flagged as dangerous.
4.  Leakage of Model Information: An error message could reveal secret details about the underlying AI model being used.

****The Secret Instructions Leak****

A key part of Mindgard’s success was getting hold of the Cline Bot’s system prompt– a set of secret instructions that tells the AI how to behave and what rules to follow. While some security experts believe this information isn’t a major risk, Mindgard strongly disagrees.

“Disclosure of the system prompt itself does not present the real risk; the security risk lies with the underlying elements,” researchers stated in their technical blog post, as Mindgard’s experiment showed that knowing the exact wording of the prompt helps attackers find loopholes much more precisely.

Further probing revealed that by manipulating how the AI processes project files, attackers could force the tool to ignore its own safety checks. For instance, in one test against Cline’s newer Sonic model (released on August 20, 2025), the researchers showed they could get the AI to execute an unsafe command (like downloading and running malicious code) without ever asking the user for approval.

It is worth noting that all four vulnerabilities were promptly shared with the vendor, who has since worked to fix the issues, but did not respond to the researchers accordingly.

Cline Bot AI Agent Vulnerable to Data Theft and Code Execution

ANY.RUN shows how early clarity, automation and shared data help SOC teams cut delays and speed up response during heavy alert loads.

_Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings._

What slows your Security Operations Center (SOC) down when a critical alert hits? For many teams, it’s not the alert itself but the time lost searching for clarity, switching between tools, and trying to confirm what’s real and what’s noise.

Leading SOCs have already started adopting specific strategies that help them cut this delay, shorten response time, and keep control even during heavy alert loads. Let’s discover what these strategies are and how you can bring them into your workflow.

****Why Response Time Slows Down****

Most delays inside a SOC come from one simple problem: analysts don’t get the right information fast enough. When an alert arrives without context, the team has to dig for answers; check logs, compare sources, wait for results from separate tools. Minutes disappear before anyone can say whether the threat is serious or not.

This gap creates three predictable issues:

*   **Uncertain prioritisation:** Teams waste time on alerts that don’t matter.

*   **Slow confirmation:** Analysts spend too long verifying what the threat is actually doing.

*   **Longer MTTR:** The whole response chain stretches because early steps take too much time.

This is exactly where high-performing SOCs have changed their approach: they focus on cutting the “uncertainty window” at the very beginning of the process.

****Strategy 1: Get Clarity Early to Avoid Wasting Time****

One pattern stands out across fast, well-organised SOCs: they reduce uncertainty at the very beginning of an alert. Instead of waiting for scattered tools to catch up, many teams now rely on interactive sandboxes like ANY.RUN to see what the threat is actually doing within moments.

For most samples, analysts receive a clear verdict in about 60 seconds, and in many cases, the full attack chain becomes visible almost instantly. This cuts down the usual back-and-forth, removes guesswork, and lets the team decide on the next steps without delay.

Fake Google Careers page exposed inside ANY.RUN sandbox in 60 seconds

When clarity arrives this quickly, response time drops sharply, and the entire workflow moves with far more confidence and control.

****Strategy 2: Automate Early Steps to Speed Up Your Response Cycle****

A surprising amount of lost time inside a SOC comes from actions that don’t require analyst expertise at all; opening lures, clicking through fake pages, solving CAPTCHAs, following redirects, or coaxing a threat to finally reveal itself. These tiny steps slow down the very beginning of the response cycle, making it harder for teams to react quickly when it matters most.

Leading SOCs avoid this slowdown by automating the early phase of alert validation. ANY.RUN’s automated interactivity blends automation with human-like actions: it can follow QR-code chains, interact with fake login pages, trigger multi-stage loaders, and bypass common barriers that usually require manual effort. All of this happens automatically, within seconds.

CAPTCHA challenge automatically solved inside ANY.RUN sandbox

As a result, teams report up to a 20% decrease in Tier 1 workload and fewer unnecessary Tier 1-to-Tier 2 escalations, because routine checks no longer require human time. Analysts get to the important part of the investigation faster, and the whole response cycle moves noticeably quicker.

****Strategy 3: Strengthen Collaboration So Your Response Doesn’t Stall****

A SOC can move quickly only if everyone involved sees the same picture and works from the same information. When data is scattered, screenshots in chats, logs in tickets, partial notes in emails, the response slows down simply because teams spend too much time syncing.

Leading SOCs avoid this by giving analysts, engineers, and incident responders a shared workspace with consistent, ready-to-use data. ANY.RUN makes this simple: every analysis generates a structured report with timelines, IOCs, network details, and behavioural highlights, all in a format that can be shared instantly across teams and tools.

Well-structured report with relevant IOCs, TTPs and other important information

This removes the usual communication lag, cuts back on repeated checks, and ensures that everyone involved can act immediately without waiting for clarification. The result is faster coordination, cleaner handoffs, and a response process that keeps moving instead of stopping to gather missing details.

****Achieve the Response Speed Your SOC Needs****

As you can see, reaching ultra-fast response time is absolutely possible when teams combine the right strategies with solutions designed to remove delays from the very start of an alert. SOCs using ANY.RUN’s sandbox has already proven this through measurable, real-world results from our latest survey:

*   **Up to 21 minutes reduced MTTR** per incident
*   **95% of SOC teams speed up threat investigations**
*   **94% of users report faster triage**
*   **3× SOC efficiency boost**
*   **24× more unique IOCs** to power downstream detection
*   **Fewer false positives** and more accurate prioritisation

If you want to see how much faster your team can operate with the same advantages, there’s only one way to know: Try ANY.RUN and measure the difference yourself.

****Free Webinar: SOC Leader’s Playbook – 3 Steps to Faster MTTR****

For readers who want a deeper look at practical ways to speed up incident response, ANY.RUN is hosting a one-hour session titled “SOC Leader’s Playbook: 3 Steps to Faster MTTR.” It will take place on 25 November 2025 at 16:00 CET.

During the webinar, experts will cover how leading SOCs:

*   Cut MTTR by 21 minutes per incident
*   Detect new attacks earlier with intelligence from 15,000 organisations
*   Achieve a 3× performance boost by reducing false positives

Save your seat now to get a clear, structured playbook for speeding up detection and response.

How to Achieve Ultra-Fast Response Time in Your SOC

Singapore, Singapore, 19th November 2025, CyberNewsWire

**Singapore, Singapore, November 19th, 2025, CyberNewsWire**

The collaboration advances enterprise grade application security into decentralized ecosystems, uniting Checkmarx’s AppSec expertise with Web3 specialization by CredShields.

CredShields, a leading Web3 security firm, has partnered with Checkmarx, the global leader in agentic AI-powered application security testing, to work with AI-driven smart contract audits, vulnerability research, and blockchain security tooling from CredShields to work alongside the Checkmarx application security platform.

As the application security market accelerates toward an expected US $55 billion by 2029, decentralized architectures introduce new attack surfaces that traditional AppSec programs are not designed to address. Nearly half of the largest DeFi breaches trace back to smart contract flaws, and in 2025 to date, losses from cryptocurrency service hacks already surpass US $2.1 billion and are projected to climb further. Research further indicates that up to 89% of smart contracts contain vulnerabilities, highlighting the need for Web3-native security standards alongside legacy security frameworks.

Through this agreement, Checkmarx is adding CredShields as a Web3 security partner to provide customers with dedicated support for decentralized environments. The collaboration combines Checkmarx’s enterprise AppSec leadership with deep expertise in smart contract auditing, vulnerability assessment, and blockchain security research from CredShields, enabling organizations to extend their existing DevSecOps programs into Web3 with minimal friction.

> “This partnership represents a natural evolution in the AppSec landscape,” said **Shashank**, Co-founder of CredShields. “Together with Checkmarx, we’re delivering a seamless layer of security that protects enterprise systems, decentralized applications, and smart contracts with the same rigor and intelligence.”

**The partnership will focus on:**

*   Comprehensive security coverage for decentralized applications, smart contracts, and wallets
*   AI-assisted vulnerability detection and manual audits powered by CredShields’ proprietary systems
*   Joint contributions to global security frameworks, including OWASP Smart Contract Security Standards and Smart Contract Top 10
*   Enterprise enablement to integrate Web3 security into existing DevSecOps pipelines

> “As enterprises extend their digital footprint into Web3, new attack surfaces emerge,” said **Scott Sieper**, Director of Product Management at Checkmarx. “Partnering with CredShields enables us to bring our deep AppSec expertise to blockchain environments and help organizations innovate with confidence while maintaining the same rigorous security standards they expect from Checkmarx.”

Checkmarx and CredShields aim to redefine enterprise application security for the decentralized era, ensuring that innovation and security evolve in parallel as organizations adopt blockchain at scale.

For more information about securing code at the speed of AI and the Checkmarx One platform, users can visit the website.

**About CredShields**

CredShields is a Web3 security firm specializing in manual smart contract audits, AI-powered vulnerability detection, and security automation across blockchain ecosystems. A contributor to the OWASP Smart Contract Top 10, CredShields protects leading protocols and enterprises through full-spectrum decentralized security solutions.

Users can watch the demo: https://lnk.credshields.com/checkmarx-demo

**Contact**

**CredShields**  
**marketing@credshields.com**

CredShields Joins Forces with Checkmarx to Bring Smart Contract Security to Enterprise AppSec Programs

Cloudflare outage causes slow sites, login trouble and dashboard errors as users report problems even after the company says service is restored.

On the morning of November 18, 2025, web users around the world, including Hackread.com readers, began encountering error pages and inaccessible apps. The disruption originated with Cloudflare, Inc., a web-infrastructure company whose network handles an estimated 20% of global web traffic.

****What went wrong****

At about 6:40 a.m. ET (11:40 UTC), Cloudflare logged “internal service degradation” after an unusually large traffic event hit one of its services, causing elevated error rates across its network. The company’s **status page** listed “degraded performance” for core functions like Bot Management and Edge Network.

Later in the day, Cloudflare’s Chief Technology Officer, Dane Knecht, publicly addressed the disruption, stating: “I won’t mince words: earlier today we failed our customers and the broader Internet when a problem in @Cloudflare’s network impacted large amounts of traffic that rely on us.”

He clarified that the root cause was a **latent bug** triggered by a routine configuration change in a service underpinning Bot Mitigation. That bug then cascaded into broader traffic errors across the network. He stressed it was not an attack.

Cloudflare later confirmed that, “A fix has been implemented and we believe the incident is now resolved. We are continuing to monitor for errors to ensure all services are back to normal.”

****Who was affected****

Because Cloudflare serves as a content-delivery and security layer for a vast number of websites and platforms, the impact rippled widely:

*   Hackread.com, Canva, Uber, IKEA, Shopify, League of Legends, DoorDash, Discord, Patreon, Medium, Crunchyroll, GitLab, Udemy and many more.
*   Popular AI tools such as ChatGPT and other LLM services reported outages or high error rates.
*   Social-media platform X (formerly Twitter) experienced disruptions.
*   Other streaming or gaming services, large web-apps and corporate domains relying on Cloudflare’s network also reported errors.

Downdetector – a user-reported outage tracker – **showed** tens of thousands of reports at peak for affected services. However, the platform itself faced Clouflare-related issues.

Cloudflare is not a household brand in the way Apple or Google are, yet a major part of the internet’s functionality and security depends on it. When a service like this owns so much traffic, faults can escalate quickly from “one site down” to “large-scale service disruption.”

****Some Sites Still Facing Issues****

While Cloudflare’s CTO says the issue is resolved, users on X are **pointing out** that it is not fully back to normal. Many, including Hackread.com, are still dealing with slow loading, problems inside dashboards, redirects to a Cloudflare error window and trouble saving drafts or reaching the login page.

Some users also report that they cannot log in to Cloudflare or open the service properly on either computers or smartphones.

Nevertheless, it feels like the internet barely caught its breath from the last widespread disruption. Just a month ago, AWS went down and knocked countless services offline, as detailed in the **Hackread.com report**. Now Cloudflare is dealing with its own outage, turning this into the second major breakdown of core web infrastructure within a short span.

Cloudflare Outage Jolts the Internet – What Happened, and Who Was Hit

Austin, TX/USA, 18th November 2025, CyberNewsWire

**Austin, TX/USA, November 18th, 2025, CyberNewsWire**

**Forecast report highlights surge in identity-based threats, evolving threat actor tactics, and increased risk from AI and insider threats.**

SpyCloud, the leader in identity threat protection, today released its report, The Identity Security Reckoning: 2025 Lessons, 2026 Predictions, outlining 10 of the top trends that will shape the cyber threat landscape in the coming year. The predictions, based on observed and analyzed cybercrime activities from the past year and SpyCloud’s proprietary research and recaptured identity intelligence, shed light on the evolving tactics of cybercriminals and the identity-based threats security teams need to anticipate.

> “Identity misuse is threaded throughout nearly every trend outlined in the report, from malware-driven session hijacking to synthetic identities and exposed non-human credentials,” said Damon Fleury, SpyCloud’s Chief Product Officer. “As attackers exploit this expanding footprint, organizations will be forced to rethink how they detect, respond to, and prevent identity threats across their entire ecosystem.”

**SpyCloud’s Top 10 Identity-Driven Threats That Will Shape 2026:**

1.  **The cybercriminal supply chain continues to transform:** Malware-as-a-Service and Phishing-as-a-Service will remain core enablers of cybercrime, but 2026 will bring new “specialized roles” in the criminal economy that will make it easier for bad actors to operate at scale and with startup-like efficiency. These specialized roles include infrastructure providers, tool developers, access brokers, and even support services.
2.  **Threat actor communities will fragment, evolve, and get younger:** Law enforcement crackdowns and platform policy changes will continue pushing threat actors from darknet forums to mainstream apps. But perhaps more alarming is the influx of teen cybercriminals experimenting with plug-and-play attack kits for clout, profit, or curiosity. 2025 was also a big year for exposing Chinese cybercrime tactics, a trend expected to continue in 2026 alongside the rise of Latin America as a new hotbed for fraud and organized threat activity.
3.  **The non-human identity (NHI) explosion will fuel hidden risks:** Driven at least in part by the proliferation of AI tools and services, APIs, OAuth tokens, and service accounts, known as NHIs, are proliferating across cloud environments. These NHI’s often lack protections found more commonly in human-based credentials, like multi-factor authentication (MFA) and device fingerprinting. As these machine credentials quietly amass privileged access to critical systems, they create stealthy entry points for attackers and serious compliance gaps for enterprises.
4.  **Insider threats will be fueled by M&A, malware, and missteps:** In 2026, security teams will grapple with risks from compromised users, employment fraud from nation-state bad actors, and M&A activity that introduces inherited vulnerabilities and identity access sprawl. The “human element” will continue to be a weak point in proactive defense.
5.  **AI-enabled cybercrime has only just gotten started:** In 2026, AI will increasingly be used by bad actors to craft better malware, more believable phishing, and quickly triage vulnerable environments, increasing the overall risk to enterprises posed by this rapidly advancing technology
6.  **Attackers will find creative ways around MFA:** This year, SpyCloud found that 66% of malware infections bypassed endpoint protections. Expect to see more trending methods used to bypass MFA and other session defenses: residential proxies to spoof location authentication measures, anti-detect browsers to bypass device fingerprinting, Adversary-in-the-Middle (AitM) attacks used to phish credentials and steal valid cookies.
7.  **Vendors and contractors will test enterprise defenses:** Vendors and contractors continue to be a preferred attack vector to access enterprises. In 2026, organizations will need to treat third-party and contractor exposed identities with the same rigor as employee accounts – especially in tech, telecom, and software supply chains where threats are most acute and have a broader impact.
8.  **Synthetic identities will get smarter and harder to spot:** Criminals are assembling fake identities from real, stolen data and then enhancing them with AI-generated personas and deepfakes to defeat verification checks. With banks already flagging synthetic identity fraud as a top concern, expect this to become a front-page issue in 2026.
9.  **Distractions like combolists and “megabreaches” will obscure real threats:** Expect more viral headlines touting “billions of records leaked” even as many stem from recycled data found in combolists or infostealer logs – collections of already-exposed records repackaged by criminals to generate hype, fear, and clout. While older, unremediated data can still cause risk for organizations, these events often trigger widespread concern and divert attention away from more immediate, actionable threats.
10.  **Cybersecurity teams will restructure to tackle new threat realities:** As identity security becomes the common denominator across fraud, cyber, and risk workflows, teams will prioritize cross-functional collaboration, automation, and holistic identity intelligence to drive faster, more accurate decisions.

> “With the speed that technology moves, cybercrime evolves in lockstep and it’s equal parts fascinating to watch and challenging to keep up with,” said Trevor Hilligoss, SpyCloud’s Head of Security Research. “The commoditization and influence of the dark web will continue to complicate things, making 2026 another nonstop year for defenders. Understanding the TTPs of these cybercriminals and gaining insights into the data they find most valuable will help these defenders continue to stay one step ahead and positively impact these efforts in years to come. But you can be sure we’ll track these shifts in real time and enable our customers and partners to effectively combat identity misuse in all of its forms.”

To explore the full report and see how SpyCloud’s holistic identity threat protection solutions help security teams prevent identity-based attacks like ransomware, account takeover, and fraud, users can click here.

**About SpyCloud**

SpyCloud transforms recaptured darknet data to disrupt cybercrime. Its automated identity threat protection solutions leverage advanced analytics and AI to proactively prevent ransomware and account takeover, detect insider threats, safeguard employee and consumer identities, and accelerate cybercrime investigations. SpyCloud’s data from breaches, malware-infected devices, and successful phishes also powers many popular dark web monitoring and identity theft protection offerings. Customers include seven of the Fortune 10, along with hundreds of global enterprises, mid-sized companies, and government agencies worldwide. Headquartered in Austin, TX, SpyCloud is home to more than 200 cybersecurity experts whose mission is to protect businesses and consumers from the stolen identity data criminals are using to target them now.

To learn more and see insights on your company’s exposed data, users can visit spycloud.com.

**Contact**

**Account Director**  
**Emily Brown**  
**REQ on behalf of SpyCloud**  
**\[email protected\]**

SpyCloud Unveils Top 10 Cybersecurity Predictions Poised to Disrupt Identity Security in 2026

Microsoft Azure halted a record 15.72 Tbps DDoS attack from the Aisuru botnet exposing risks created by exposed home devices exploited in large-scale cyber attacks.

On October 24, 2025, Microsoft Azure weathered the largest Distributed-Denial-of-Service (DDoS) attack ever recorded in the cloud. This massive digital assault, peaking at 15.72 Terabits per second (Tbps) and nearly 3.64 billion packets per second (pps), targeted a single endpoint in Australia.

Fortunately, according to Microsoft, its Azure global protection system automatically caught and filtered out the flood, keeping the customer’s services fully operational.

****The Growing Aisuru Threat****

The attack originated from the Aisuru botnet, which security firm Netscout calls a “Turbo Mirai-class” threat, which means the botnet can generate multi-TB/sec and -gpps direct-path DDoS attacks.

Aisuru, first spotted in August 2024, has since infected at least 700,000 IoT systems, such as home routers and security cameras. Its scale is stunning: besides the Microsoft incident, Aisuru was also linked to a huge 22.2 Tbps DDoS attack that Cloudflare mitigated in September 2025 and a 6.3 Tbps attack targeting investigative journalist Brian Krebs’s cybersecurity blogsite KrebsOnSecurity in May. Attacks of this magnitude were simply unheard of until recently.

Furthermore, it has been disruptive for US-based Internet Service Providers (ISPs) like AT&T, Comcast and Verizon. Attacks launched from infected customer devices have caused outbound traffic surges over 1.5 Tbps, which can be so extreme that they degrade service for other customers and even cause physical hardware failure in routers.

It’s worth noting that Aisuru’s operators, according to Netscout, restrict their targets, avoiding governmental, military, and law enforcement properties. This self-imposed rule is likely a way to stay under the radar and preserve the service’s criminal viability.

****The Botnet’s Lucrative New Business****

Cybercriminals behind the Aisuru botnet have moved past just offering simple DDoS-for-hire services for things like game servers, as it recently targeted Minecraft servers. They’ve updated their malware to focus on a more sustainable, hidden income stream: renting out the infected devices as ‘residential proxies.’

For your information, a residential proxy lets paying clients, often cybercriminals, hide their malicious activity by channelling it through a regular person’s home internet device. This makes the bad traffic look legitimate, which is much harder to block.

This shady business now heavily supports aggressive data harvesting for AI projects and content scraping. This activity is so widespread that on October 22, social media giant Reddit sued proxy providers, including Oxylabs, alleging they allowed mass-scraping of user data. Other botnets, like BADBOX 2.0, are adding to this growing problem.

The way these devices are infected sometimes involves Software Development Kits (SDKs), which refer to code bundled into other apps that silently turn a user’s device into a traffic relay, with their operators earning a commission.

The DDoS attack and spread of the Aisuru botnet go on to show that the poorly secured IoT devices in our homes are increasingly being turned into malicious tools, threatening not only the internet but even the unsuspecting users around the world.

Microsoft Azure Blocks 15.72 Tbps Aisuru Botnet DDoS Attack

Power vs Practicality in Crypto Automation

Crypto trading automation has transformed how traders approach the market. Instead of watching charts all day, they now rely on trading bots to handle entries, exits, and risk control. Among the top platforms, HaasOnline and Bitsgap take very different routes. 

Among the top AI trading platforms, HaasOnline and Bitsgap stand out but for very different reasons. HaasOnline is a powerhouse for professionals who love deep customisation and scripting. Bitsgap focuses on smart simplicity, a powerful AI trading solution that’s easy for anyone to use. 

Both platforms aim to simplify trading, but their methods couldn’t be more different. 

****Setup & Ease of Use** **

When it comes to getting started, Bitsgap is the clear winner in simplicity. There’s no software to download or configure; everything runs in the cloud. You sign up, connect your exchange API, and can start trading in just a few clicks. Even new users can launch a Bitsgap trading bot within minutes using ready-made templates. 

HaasOnline, by contrast, requires local installation. You must download the software, activate your license, and configure it on your own machine. For new traders, this setup can feel complex and time-consuming. While this extra control appeals to tech-savvy users, the steep learning curve can discourage beginners. 

****Trading Bots & Strategies** **

Both platforms provide a wide range of automation tools, but again, they serve different audiences. 

Bitsgap offers several ready-to-use bots designed for various market conditions: 

*   **DCA Bot** – ideal for dollar-cost averaging 

*   **GRID Bot** – great for sideways markets 

*   **COMBO Bot** – combines futures trading and grid logic 

*   **Smart Orders** – manage take-profit, stop-loss, and trailing functions in one place 

These bots require no coding and can be launched instantly with pre-built strategies. 

HaasOnline, meanwhile, takes a more advanced approach. It features HaasScript, a scripting language that lets you create your own algorithms from scratch. This flexibility is unmatched, but it also means more setup time and testing before you see results. 

So, if you’re a developer or a technically skilled trader, HaasOnline might feel like home. But for traders who want fast, effective automation without coding, Bitsgap’s pre-configured bots are far more practical. 

****Interface & User Experience** **

The difference in platform design is immediately clear. 

Bitsgap runs entirely in the cloud, giving users access from any device, desktop, tablet, or phone. The clean dashboard allows easy monitoring of open trades, performance stats, and portfolio value. You can pause, edit, or restart bots anytime without delay. 

HaasOnline relies on a local terminal, meaning you need to manage your own hardware and system resources. While this provides deep control, it limits flexibility when switching devices or trading on the go. 

Bitsgap’s interface is designed for traders who value transparency and smooth navigation. HaasOnline feels more like a developer’s workspace, powerful but less intuitive. 

****Backtesting & Analytics** **

Testing strategies before live trading is key to long-term success. Both services offer backtesting, but the experience is very different. 

With Bitsgap, users can backtest instantly using historical data directly from the dashboard. Results are displayed clearly, showing profit, drawdown, and trade count within seconds. It’s a visual, beginner-friendly process that helps users learn fast. 

HaasOnline also includes advanced backtesting and paper trading options, but the setup can be complex. You often need to configure parameters manually or write scripts to test specific logic. It’s powerful but not effortless. 

In short, HaasOnline offers depth, while Bitsgap delivers speed and clarity. 

****Security, Infrastructure & Support** **

Security is a top priority for any crypto trader. Bitsgap operates in the cloud with encrypted API connections, ensuring your funds remain on the exchange and are never stored by the platform. Its infrastructure guarantees over 99.9% uptime, with automatic updates and maintenance handled server-side. 

HaasOnline’s local hosting approach gives users complete control of their data but also adds responsibility: security depends on your own computer setup, network, and maintenance. 

When it comes to support and documentation, Bitsgap offers responsive live chat, email help, and an extensive knowledge base with tutorials and video guides. HaasOnline provides documentation and forums, but is more oriented toward developers. 

For most traders, Bitsgap’s managed cloud-based setup means fewer risks and less technical hassle. 

****Pricing Comparison** **

Here’s where philosophy meets price. 

Bitsgap uses a subscription model, allowing you to choose a monthly or annual plan with access to all major tools, support, and regular updates. A free trial is available, perfect for testing before committing. 

HaasOnline follows a license-based model. You pay for a license that unlocks specific features for a set period. It’s a fair system for professionals who know exactly what they need, but it can feel restrictive for casual users who just want to experiment. 

Both offer solid value, but Bitsgap’s flexible subscription and free trial make it more accessible to a wider audience. 

****Final Verdict: Choose Your Weapon** **

Both HaasOnline and Bitsgap deliver powerful trading automation, but they represent two very different philosophies. 

**Feature** 

**Bitsgap** 

**HaasOnline** 

**Setup** 

Instant, no installation 

Local setup required 

**Ease of Use** 

Beginner-friendly 

Advanced, steep learning curve 

**Bots** 

DCA, GRID, COMBO, Smart Orders 

HaasScript custom bots 

**Hosting** 

Cloud-based 

Local machine 

**Analytics** 

Built-in, visual 

Manual, script-driven 

**Support** 

Live chat, guides 

Forums and docs 

**Pricing** 

Subscription + Free Trial 

License-based 

If you want automation without the pain, Bitsgap is your go-to platform. It combines smart tools, simplicity, and reliability, perfect for anyone who wants to trade confidently without dealing with code or complex setups. HaasOnline remains a solid choice for users who crave full customisation, control, and don’t mind spending extra time tuning every detail. 

(Photo by fabio on Unsplash)

Bitsgap vs HaasOnline: Advanced Features vs Smart Simplicity 

Menlo Park, CA, November 17th, 2025, CyberNewsWire.

AccuKnox, a global leader in Zero Trust Cloud-Native Application Protection Platforms (CNAPP), today announced its partnership with Alice Blue India, a prominent brokerage and financial services firm, to strengthen its security and compliance frameworks across on-prem and cloud workloads.

The partnership was executed through channel partner Airowire. Leveraging AccuKnox’s security capabilities, Alice Blue aims to achieve enhanced visibility, automated compliance, and continuous protection within its infrastructure.

The customer’s Chief Information Security Officer (CISO), Navneethan, expressed strong confidence in the platform following a detailed proof-of-concept evaluation.

**Alice Blue’s Decision to Partner with AccuKnox**

Key differentiators include:

*   Agentless Zero Trust CNAPP architecture ensuring low operational overhead.
*   Rapid deployment with measurable visibility and compliance outcomes
*   Alignment with India’s key regulatory frameworks – RBI, SEBI, PCI-DSS, ISO, and SOC 2

“Financial institutions like Alice Blue require robust, scalable, and compliant security frameworks. AccuKnox’s Zero Trust CNAPP platform provides end-to-end protection from code to cognition, enabling Alice Blue to reduce risk, automate compliance, and focus on domain innovation,” said Rahul Jadhav, CTO at AccuKnox.

“At Alice Blue, securing our trading infrastructure and maintaining regulatory compliance are top priorities, said Navneethan, CISO, Alice Blue India. “Partnering with AccuKnox allows us to leverage world-class Zero Trust CNAPP capabilities while automating compliance across multi-cloud workloads, and this collaboration strengthens both our internal security posture and the services we deliver to our customers._“_

“We are thrilled to support Alice Blue India in deploying AccuKnox’s Zero Trust CNAPP platform. This partnership demonstrates how channel collaboration can accelerate security adoption in regulated industries, delivering measurable outcomes in compliance, visibility, and threat protection,” said Hemath Raj, Account Manager, Airowire Networks.

****About Airowire****

Airowire Networks is a network and cybersecurity solutions provider specializing in infrastructure modernization, cloud security, and managed detection services. With a strong regional presence and a focus on delivering secure digital transformation.

****About Alice Blue****

Alice Blue is a leading brokerage and financial services company offering advanced trading platforms, real-time analytics, and customer-centric solutions. With a strong commitment to innovation and regulatory compliance.

****About AccuKnox****

AccuKnox is a Zero Trust CNAPP platform that delivers runtime protection, agentless risk assessment, and comprehensive visibility across cloud, container, and AI workloads. A core contributor to CNCF open-source projects KubeArmor and ModelArmor.

****Contact****

PMM  
Syed Hadi  
AccuKnox  
\[email protected\].

Source

HackRead