Enterprise Security Tech

By all appearances, DNS has remained one of the most quietly critical layers of the internet. It routes traffic, connects users to applications, and underpins nearly every digital interaction. Yet a growing body of research suggests it may also be one of the most under-protected attack surfaces in enterprise cybersecurity. A new report from CSC , The ROI of DNS: A Guide to Risk Reduction and Smart Investment , argues that organizations are still treating DNS security as a tec

A new shift is emerging in how security teams interact with threat data. Instead of logging into complex dashboards, organizations may soon manage cybersecurity operations directly inside AI tools like ChatGPT and Claude. Coro , a cybersecurity platform focused on small and midsize businesses and lean IT teams, has introduced new Model Context Protocol capabilities designed to embed security workflows into everyday AI environments. The move reflects a broader transition towar

A newly disclosed vulnerability in OpenAI’s Codex environment is forcing a broader reckoning across the software industry, as researchers demonstrate how AI-powered coding tools can become high-value targets for credential theft and lateral movement inside developer ecosystems. Security researchers at BeyondTrust Phantom Labs uncovered a command injection flaw that allowed attackers to extract GitHub OAuth tokens directly from Codex execution environments. The issue, now pat

A critical vulnerability in Citrix NetScaler appliances is rapidly escalating from early reconnaissance into active exploitation, according to multiple security researchers tracking activity in the wild. The flaw, tracked as CVE-2026-3055, exposes enterprise systems to sensitive data leakage and is already drawing attention from threat actors probing internet-facing infrastructure. Security researchers at Defused Cyber and watchTowr report that attackers initially began by

Google has redrawn one of the most important timelines in cybersecurity. The company now says it aims to be ready for “Q Day” by 2029, a milestone when quantum computers could break the cryptographic systems that underpin global digital trust. That shift compresses what many in the industry expected to be a longer runway. It also signals a sharper sense of urgency around post-quantum cryptography, or PQC, as governments, cloud providers, and software vendors race to secure d

A sophisticated compromise of the widely used Axios JavaScript library has reignited concerns about the fragility of the open-source software supply chain, with security researchers warning that traditional defenses are no longer enough to protect modern development environments. The incident, which involved the hijacking of Axios’ npm distribution, allowed attackers to deliver remote access trojans across Windows, macOS, and Linux systems during a narrow but impactful expos