enterprise
eScan AV users targeted with malicious updates
The update infrastructure for eScan antivirus, a product of Indian cybersecurity company MicroWorld Technologies, has been compromised by unknown attackers to deliver a …
Attackers use Windows App-V scripts to slip infostealer past enterprise defenses
A malware delivery campaign detailed by Blackpoint researchers employs an impressive array of tricks to deliver an infostealer to employees without triggering enterprise …
RCE flaw in Cisco enterprise communications products probed by attackers (CVE-2026-20045)
Cisco has fixed a critical remote code execution vulnerability (CVE-2026-20045) in some of its unified communications solutions that’s being targeted by attackers in the …
Fake browser crash alerts turn Chrome extension into enterprise backdoor
Browser extensions are a high-risk attack vector for enterprises, allowing threat actors to bypass traditional security controls and gain a foothold on corporate endpoints. …
Cisco fixes AsyncOS vulnerability exploited in zero-day attacks (CVE-2025-20393)
Cisco has finally shipped security updates for its Email Security Gateway and Secure Email and Web Manager devices, which fix CVE-2025-20393, a vulnerability in the …
The next big IT security battle is all about privileged access
Leostream predicts changes in Identity and Access Management (IAM) and Privileged Access Management (PAM) in 2026 driven by new realities of cybersecurity, hybridization, AI, …
Microsoft 365 users targeted in device code phishing attacks
Attackers are targeting Microsoft 365 users with device code authorization phishing, a technique that fools users into approving access tokens, Proofpoint warns. The method …
Cisco email security appliances rooted and backdoored via still unpatched zero-day
A suspected Chinese-nexus threat group has been compromising Cisco email security devices and planting backdoors and log-purging tools on them since at least late November …
Enterprise password audits made practical for busy security teams
Security teams carry a heavy load, and password risk is one of the most overlooked parts of that workload. Every year new systems, cloud tools, and shared services add more …
CISOs are cracking under pressure
Cybersecurity leaders are hitting their limit. A new report from Nagomi Security shows that most CISOs are stretched thin, dealing with nonstop incidents, too many tools, and …
A new way to think about zero trust for workloads
Static credentials have been a weak point in cloud security for years. A new paper by researchers from SentinelOne takes direct aim at that issue with a practical model for …
Passwordless adoption moves from hype to habit
With the average person juggling more than 300 credentials and credential abuse still the top attack vector, the password’s decline is long overdue. Across every major sector, …
Featured news
Resources
Don't miss
- LinkedIn-themed phishing abuses Adobe’s A/B testing platform
- The behavioral signals that sharpen Trojan malware detection
- Zapier exploit chain shows how known anti-patterns compose into critical risk
- The CISO selling confidence in a market full of breach headlines
- Frontier AI models collapse under multi-turn AI attacks, Cisco finds