Topic: enterprise security
-
Securing Identity in the Age of AI Agents
Traditional security frameworks are inadequate for governing autonomous AI agents, which operate outside conventional perimeters and make independent decisions across multiple platforms. Key risks include shadow agents that bypass formal procedures, privilege escalation enabling unauthorized admi...
Read More » -
Avalara Launches Avi: AI-Powered Compliance Agents with Human Oversight
Avalara has launched Avi, an AI-powered compliance platform that automates tax and regulatory tasks while integrating essential human oversight at key checkpoints. The system coordinates specialized AI agents for functions like tax filing, exemption validation, and cross-border trade, all operati...
Read More » -
TeKnowledge Launches AI-Ready Security Suite for Cyber Resilience
TeKnowledge has launched an AI-Ready Security Suite, a managed service to help large enterprises securely manage the risks associated with rapid generative AI adoption, such as prompt injection and data leakage. The suite is built on a three-pillar framework—Assess, Implement, and Optimize—that p...
Read More » -
Chrome Extension Backdoor Disguised as Fake Crash Alerts
The malicious "NexShield" browser extension, a copy of a legitimate ad blocker, uses social engineering to trick users into running a harmful PowerShell command, deploying a remote access trojan that specifically targets corporate domain-joined computers. A separate, coordinated campaign involved...
Read More » -
Tycoon 2FA Phishing Platform Exposes Legacy MFA Flaws
The Tycoon 2FA phishing kit enables attackers to easily bypass multi-factor authentication by using automated tools and fake login portals, primarily targeting Microsoft 365 and Gmail credentials. It intercepts user credentials and session cookies in real-time while mimicking legitimate login exp...
Read More » -
3 Browser Sandbox Threats That Evade Security Tools
Browsers are the primary target for cyberattacks but are often neglected in security frameworks, as they handle critical tasks yet prioritize performance over advanced threat protection. Key browser threats include credential theft, malicious extensions, and lateral movement, which exploit standa...
Read More » -
Citrix Unveils Quantum-Ready Tools for Remote Work
Citrix introduces quantum-resistant encryption (PQC) for NetScaler, combining X25519 and ML-KEM768 to protect against future quantum computing threats while maintaining browser compatibility. The company launches Citrix Virtual Apps and Desktops (CVAD) 2507 LTSR, offering 400+ enhancements, inclu...
Read More » -
Cayosoft Guardian SaaS: Always-On Hybrid Identity Protection
Cayosoft Guardian is now available as a SaaS model, launching in Q1 2026, offering zero downtime and no maintenance for continuous identity protection and rapid recovery during attacks. The platform enhances hybrid Microsoft identity security by moving to the cloud, ensuring businesses can mainta...
Read More » -
Futurex & Spire Solutions Bring Enterprise Encryption to Middle East & Africa
Futurex and Spire Solutions have formed a strategic alliance to enhance the availability of advanced data protection services in the Middle East and Africa, combining Futurex's encryption technologies with Spire's regional expertise. The partnership addresses the growing demand for cybersecurity ...
Read More » -
Gartner Urges Temporary Halt to AI Browser Features
Gartner advises businesses to temporarily block AI-powered browsers due to significant security risks, like data loss and exploitation, that currently outweigh their productivity benefits. Key threats include indirect prompt injection attacks, credential theft from phishing, and costly erroneous ...
Read More » -
The Looming Threat of Malicious AI Agents
Businesses are rapidly adopting AI agents but lack proper security measures, particularly in identity management, creating risks as these non-human workers operate without adequate tracking of their credentials and actions. The core security challenge is that AI agents require access to sensitive...
Read More » -
React, Node.js Flaws Fixed, Ransomware Exposes Spy Threat
A critical vulnerability in React Server Components and high-severity Android flaws were patched, urging immediate updates due to potential exploitation. Law enforcement disrupted a major cryptocurrency laundering service, while a ransomware attack exposed a hidden, long-term espionage operation ...
Read More » -
Stop Malicious PowerShell with New ExtraHop Security Tools
ExtraHop has introduced new security enhancements to detect and neutralize malicious PowerShell activity, which attackers use to operate stealthily within networks by blending in with normal administrative tasks. The platform integrates detection mechanisms that identify specific malicious behavi...
Read More » -
Secure AI Operations with Akeyless AI Agent Identity
Businesses face urgent security challenges from autonomous AI agents, with Akeyless launching a comprehensive AI Agent Identity Security solution to address vulnerabilities from AI-driven identities. AI agents possess inherent design flaws, such as maintaining awareness of their credentials, whic...
Read More » -
The Future is Passkeys: Say Goodbye to Passwords
Passkeys are emerging as a more secure and user-friendly alternative to traditional passwords, simplifying access to online services while enhancing security. A hybrid environment of passwords and passkeys is expected to persist for years as businesses gradually update systems, with consumer adop...
Read More » -
Bedrock Data Adds AI Governance and Natural-Language Policy Tools
Bedrock Data has launched ArgusAI for AI governance and Natural Language Policy to help businesses manage AI-related risks and compliance by securing sensitive information. ArgusAI provides deep visibility into AI data interactions and evaluates safeguards to prevent data leakage, while Natural L...
Read More » -
Netpoleon, Vectra AI Strengthen ANZ Cybersecurity Alliance
Netpoleon and Vectra AI have expanded their strategic alliance to deliver advanced AI-driven Network Detection and Response solutions across Australia and New Zealand, enhancing cybersecurity capabilities for enterprise clients and government agencies. Vectra AI has been recognized as a Leader in...
Read More » -
Zscaler Boosts AI Security with Enhanced Visibility and Control
Businesses are rapidly adopting AI, but this creates new security vulnerabilities as traditional cybersecurity tools fail to protect AI systems' unique traffic and protocols. A major challenge is "shadow AI," where companies lack a complete inventory of their AI assets, creating blind spots that ...
Read More » -
Urgent Microsoft Update: Patch Windows 10, 11, Server Now
Microsoft has urgently patched a zero-day vulnerability (CVE-2025-62215) in the Windows Kernel, which is already being actively exploited to gain system-level privileges. The flaw involves improper synchronization in concurrent execution, allowing attackers to escalate privileges after initial ac...
Read More » -
MajorKey IDProof+: Your Defense Against AI Fraud
MajorKey Technologies launched IDProof+, an identity verification platform developed with authID to combat AI-powered fraud using advanced biometrics and rapid processing. The platform integrates with Microsoft Entra and performs real-time biometric validation in about 700 milliseconds, preventin...
Read More » -
Dataminr Acquires ThreatConnect for $290M to Boost AI Cyber Defense
Dataminr has acquired ThreatConnect for $290 million to merge their technologies into a unified, AI-driven defense platform that provides real-time, personalized insights for clients. The integration will combine Dataminr's public data analysis with ThreatConnect's internal intelligence managemen...
Read More » -
Commvault's New AI Makes Backup and Recovery Conversational
Commvault introduces conversational AI technology that enables businesses to manage data protection tasks using natural language commands through integration with enterprise AI assistants. The system is secured by the Model Context Protocol (MCP) server, which ensures interactions comply with org...
Read More » -
Google's AI Ransomware Defense Has Critical Limits
Google has introduced an AI-powered defense for its Drive desktop application that detects ransomware behavior in real-time and stops cloud synchronization to prevent widespread infection. This feature acts as a supplementary security layer, using an AI model trained on millions of ransomware-enc...
Read More » -
Urgent Patch: Critical Passwordstate Vulnerability Exposed
A critical security update is required for Passwordstate to address a high-severity vulnerability that allows attackers to bypass authentication and gain administrative control. The flaw involves a manipulated URL targeting the emergency access page, enabling unauthorized access to the administra...
Read More » -
Data Zoo and Ping Identity Unite to Secure Global Verification
Data Zoo and Ping Identity have partnered to integrate Data Zoo's global data into the PingOne Verify platform, enabling faster and more secure international identity verification without compromising user experience. This collaboration enhances digital trust by providing Ping Identity customers ...
Read More » -
OpenID Foundation's Plan to Tame Dangerous AI Agents
The rapid adoption of AI agents introduces significant security vulnerabilities, as they can bypass traditional digital security barriers, necessitating new, open identity and access management standards to prevent unauthorized access to sensitive data and processes. AI agents, enabled by technol...
Read More » -
AI SSD Subscription Fights Ransomware at Hardware Level
Flexxon has launched the X-Phy Guard Solution, an AI-integrated SSD designed as a final defense against cyberattacks like ransomware, targeting high-security sectors with a subscription starting at $249 annually. The drive's AI engine monitors for threats such as encryption patterns and physical ...
Read More » -
Google AI Detects Malware That Morphs During Attacks
Google has identified a new generation of AI-powered malware that rewrites its own code during attacks, making it more resilient and harder to detect by dynamically altering behavior and evading security systems. Several malware families, such as FRUITSHELL, PROMPTFLUX, and PROMPTLOCK, are active...
Read More » -
HP's PC-in-a-Keyboard: A Hot-Desking Solution for Businesses
HP has introduced the EliteBoard G1a, a full Windows computer built into a keyboard, designed for high portability by connecting to any monitor via USB-C. The device features modern AMD Ryzen AI processors, qualifies as a Copilot+ PC for offline AI features, and is aimed at enterprise use with se...
Read More » -
Cisco Customers Vulnerable to New Chinese Hacking Campaign
A Chinese state-sponsored hacking campaign is exploiting a critical zero-day vulnerability (CVE-2025-20393) in Cisco's Secure Email Gateway and Web Manager software, primarily targeting systems in India, Thailand, and the United States. The attack surface is limited to hundreds of systems, as exp...
Read More » -
Microsoft Fortifies Entra ID Against Script Injection Attacks
Microsoft is enhancing Entra ID security in October 2026 by restricting script downloads to trusted Microsoft domains and allowing inline scripts only from verified sources during sign-ins. This update protects users from threats like cross-site scripting by blocking unauthorized scripts, with th...
Read More » -
Kanister: Simplify Data Protection with Open-Source Workflows
Kanister is an open-source tool that simplifies Kubernetes data management through reusable blueprints, offering flexibility across diverse storage systems. It features native Kubernetes integration, storage-agnostic functionality, and execution flexibility for backup, restore, and migration oper...
Read More » -
CrowdStrike & Meta Simplify AI Security Tool Evaluation
CrowdStrike and Meta have launched CyberSOCEval, an open-source benchmarking suite to evaluate large language models' effectiveness in critical security tasks. The framework tests LLMs in incident response, threat analysis, and malware detection to help organizations identify genuinely effective ...
Read More » -
Critical Veeam Flaws Let Hackers Execute Code on Backup Servers
Veeam has released a critical security patch for its Backup & Replication software to address a high-severity remote code execution vulnerability (CVE-2025-59470) that requires privileged account access. The update fixes two additional vulnerabilities, including one allowing remote code execution...
Read More » -
Tenable Uncovers Critical Google Gemini AI Flaws That Risked User Data
Tenable Research uncovered three critical security flaws in Google's Gemini AI, known as the Gemini Trifecta, which allowed attackers to manipulate the AI and steal sensitive user data without direct system access. The vulnerabilities affected components like Gemini Cloud Assist, Search Personali...
Read More » -
Sharjah Digital Dept. Honored for AI Government Excellence
The Sharjah Digital Department (SDD) received a prestigious award at GITEX Global 2025 for its innovative use of artificial intelligence and digital governance, recognized for enhancing service delivery and residents' quality of life. SDD's AI initiatives have streamlined government operations, i...
Read More » -
Google Drive now blocks ransomware with AI
Google has introduced a new AI-powered feature in Google Drive for desktop that detects ransomware attacks and helps users recover compromised files with minimal effort. The tool automatically halts file synchronization upon detecting suspicious activity, preventing data encryption and allowing q...
Read More » -
Critical JumpCloud Windows Agent Flaw Allows Local Privilege Escalation
A critical security flaw (CVE-2025-34352) in JumpCloud's Remote Assist for Windows agent allows local users to escalate privileges to SYSTEM level or cause denial-of-service attacks by exploiting insecure file handling during uninstallation. The vulnerability stems from the agent's uninstaller pe...
Read More » -
AI Agents on Your Team: The Unseen Security Risks
AI agents are evolving into autonomous systems that perform complex tasks like incident resolution and system management, introducing significant security challenges alongside efficiency gains. These autonomous agents differ from traditional tools by reasoning, adapting strategies, and accessing ...
Read More » -
UiPath Partners with OpenAI to Automate Workflows
UiPath and OpenAI have partnered to integrate advanced AI models into enterprise workflows, aiming to accelerate the return on investment from agentic AI initiatives by simplifying development and deployment. The collaboration includes the introduction of a performance benchmark for computer-use ...
Read More » -
Microsoft Tests Windows 365 Cloud Disaster Recovery PCs
Microsoft introduced Windows 365 Reserve, a cloud-based disaster recovery solution that provides temporary virtual desktops for up to 10 days per user during hardware or cyber incidents, ensuring business continuity. The service, currently in limited public preview, allows seamless ac...
Read More » -
Fortanix PQC Central Enhances Post-Quantum Security
Fortanix launched PQC Central, a tool within its Key Insight platform to simplify post-quantum cryptography (PQC) adoption for enterprises, addressing urgent quantum computing threats to traditional encryption. The platform offers four key functions: automated discovery of cryptographic d...
Read More » -
New ChatGPT Data Breach Exposes AI's Vicious Cycle
AI safety often relies on reactive patches for specific exploits, rather than addressing underlying systemic vulnerabilities, creating a cycle of temporary fixes. The "ZombieAgent" exploit against ChatGPT demonstrated a severe flaw, covertly extracting private data from servers and persisting acr...
Read More » -
Ring's Mobile Security Trailer: 360-Degree Protection On the Go
Ring is launching a new series of high-definition security cameras, including a 360-degree panoramic model, and a portable, solar-powered Mobile Security Trailer for flexible property monitoring. The company is expanding its ecosystem with upcoming products like a Ring Car Alarm and smart sensors...
Read More » -
Stack Overflow Pivots to Become an AI Data Provider
Stack Overflow is pivoting from a public developer community to an enterprise AI data provider, focusing on its Stack Overflow Internal product to structure its knowledge for corporate AI agents. The platform now includes a reliability score for answers and rich metadata, enabling AI systems to a...
Read More » -
Forescout eyeSentry: Continuous Cloud Exposure Management
Forescout launched eyeSentry, a cloud-native platform that helps enterprises identify and manage vulnerabilities across IT, IoT, and IoMT assets, addressing the limitations of traditional security measures in modern networks. A study by Forescout reveals that 65% of connected assets in organizati...
Read More » -
UiPath and Snowflake Partner to Unite Automation and AI
UiPath and Snowflake have formed a partnership to combine their AI and automation technologies, enabling businesses to quickly turn complex data into actionable insights and operational improvements. The integration enhances UiPath Maestro by allowing it to orchestrate a wider range of agents, in...
Read More » -
Motorola Solutions Named #1 Best Workplace for Innovators by Fast Company
Motorola Solutions is named Fast Company's top Best Workplace for Innovators for its purpose-built AI that helps safety professionals automate tasks and respond to threats more effectively. The company's AI assistant, Assist, supports 911 dispatchers by managing critical information during emerge...
Read More » -
OpenAI's Voice AI Strategy: Expressive Speech for Enterprise Edge
OpenAI has launched gpt-realtime, a voice AI model for enterprises that delivers expressive, natural speech and follows complex instructions, targeting applications like customer support and real-time translation. The model operates on a speech-to-speech framework, enabling real-time vocal respon...
Read More » -
ownCloud Urges MFA Activation Following Credential Theft
ownCloud is urging all users to immediately enable multi-factor authentication (MFA) to block unauthorized access, even if login credentials are stolen. The company clarified its platform was not hacked; attackers instead used credentials stolen by malware from employee devices to access accounts...
Read More »