Researchers at Endor Labs uncovered 88 new packages tied to new waves of the campaign, which uses remote dynamic dependencies to deliver credential-stealing malware.

GitLab exposes abuse of its platform to trick software developers into downloading malicious payloads and finance companies into hiring North Koreans.

Insurers are rewarding organizations that use AI to strengthen their defenses, while growing more cautious with those whose AI use introduces new risks.

A major cyberattack on US medical supplies giant Stryker has resulted in thousands of devices being remotely wiped, after a pro-Iranian hacking group may have compromised the company’s Microsoft ...

The attack is described as not ‘smash-and-grab ransomware’, but ‘strategic, disciplined, and optimized for maximum leverage.’ ...

Patched vulnerabilities in Ivanti Endpoint Manager and Cisco Catalyst SD-WAN are under attack, according to the US security agency, which added reporting requirements to its previous Cisco directive.

Lacking formal AI risk frameworks allows shadow AI to proliferate unchecked, but a structured approach to governance can prevent dangerous blind spots.

The update introduces a unified operations layer designed to aggregate risk signals across cloud environments and help CISOs manage threats through a single security platform.

In 2025, hackers stopped using muskets and started using AI machine guns. If your defense strategy still relies on manual human response, you're already a casualty.

Zero trust works well in enterprise IT. In IoT and OT environments, its assumptions quietly fail. And failure often occurs in ways defenders don’t see until after an incident.

Unauthenticated password reset vulnerability in widely deployed enterprise switching hardware carries a near-maximum severity score.

As enterprises increasing depend on cloud services, living off the land has evolved into living off the cloud.