enterprise
Cisco FMC flaw was exploited by Interlock weeks before patch (CVE-2026-20131)
A critical vulnerability (CVE-2026-20131) in Cisco Secure Firewall Management Center (FMC) that Cisco disclosed and patched in early March 2026 has been exploited as a …
As AI agents start making purchases, security teams must rethink risk
In this Help Net Security interview, Donald Kossmann, CTO at fintech company Chargebacks911, talks about the emerging security, fraud, and governance risks of “agentic …
Over 1,200 IceWarp servers still vulnerable to unauthenticated RCE flaw (CVE-2025-14500)
A critical RCE vulnerability (CVE-2025-14500) in IceWarp, an EU-made business communication and collaboration platform, may be exploited by attackers to gain unauthorized …
AI went from assistant to autonomous actor and security never caught up
Enterprise AI deployments have shifted from pilot programs to production systems handling customer data, executing business transactions, and integrating with core …
Industrial networks continue to leak onto the internet
Industrial operators continue to run remote access portals, building automation servers, and other operational technology services on public IP address ranges. Palo Alto …
Cyber valuations climb as capital concentrates, AI security expands
Venture funding in cybersecurity continued to concentrate in large private rounds at the end of 2025, driving valuations higher across stages. Data from DataTribe shows total …
Enterprises are racing to secure agentic AI deployments
AI assistants are tied into ticketing systems, source code repositories, chat platforms, and cloud dashboards across many enterprises. In some environments, these systems can …
Attackers keep finding the same gaps in security programs
Attackers keep getting in, often through the same predictable weak spots: identity systems, third-party access, and poorly secured perimeter devices. A new threat report from …
China-linked hackers exploited Dell zero-day since 2024 (CVE-2026-22769)
A suspected China-linked cyberespionage group has been covertly exploiting a critical zero-day flaw (CVE-2026-22769) in Dell’s RecoverPoint for Virtual Machines software since …
Scammers exploit trust in Atlassian Jira to target organizations
Threat actors have leveraged legitimate email notification feature of Atlassian Jira to deliver localized scam emails at scale. The emails From late December 2025 through late …
Everyone uses open source, but patching still moves too slowly
Enterprise security teams rely on open source across infrastructure, development pipelines, and production applications, even when they do not track it as a separate category …
OT teams are losing the time advantage against industrial threat actors
In many industrial environments, internet-facing gateways, remote access appliances, and boundary systems sit close enough to production networks that attackers can move from …