GitLab exposes abuse of its platform to trick software developers into downloading malicious payloads and finance companies into hiring North Koreans.

Insurers are rewarding organizations that use AI to strengthen their defenses, while growing more cautious with those whose AI use introduces new risks.

Patched vulnerabilities in Ivanti Endpoint Manager and Cisco Catalyst SD-WAN are under attack, according to the US security agency, which added reporting requirements to its previous Cisco directive.

Lacking formal AI risk frameworks allows shadow AI to proliferate unchecked, but a structured approach to governance can prevent dangerous blind spots.

The update introduces a unified operations layer designed to aggregate risk signals across cloud environments and help CISOs manage threats through a single security platform.

As identity environments grow more complex, access failures increasingly stem from decisions made without sufficient context ...

Zero trust works well in enterprise IT. In IoT and OT environments, its assumptions quietly fail. And failure often occurs in ways defenders don’t see until after an incident.

Unauthenticated password reset vulnerability in widely deployed enterprise switching hardware carries a near-maximum severity score.

In 2025, hackers stopped using muskets and started using AI machine guns. If your defense strategy still relies on manual human response, you're already a casualty.

The latest example is detailed by researchers at Aryaka, who this week described a campaign by an unnamed threat actor who is distributing resumés containing a malicious ISO file to HR departments. It ...

We’re running million-dollar production lines on ancient software because no one wants to risk a shutdown, but ignoring that "time bomb" is becoming way too risky.

Salesforce warns that a threat campaign is exploiting overly permissive Experience Cloud guest configurations to harvest data from public portals. Salesforce is urging its customers to review their ...