Enterprise Security Tech

OpenAI has disclosed that attackers tied to the ongoing TanStack npm supply chain compromise gained access to internal credentials after breaching two employee devices, underscoring how deeply modern software attacks can penetrate development environments without ever touching production systems. The company said the intrusion was part of the broader “Mini Shai-Hulud” campaign, a fast-moving operation targeting npm ecosystems, CI/CD pipelines, and developer tooling. While Ope

A new 2026 industry report from Integris reveals a widening gap between how law firms view technology and how their clients judge it, with cybersecurity failures, uneven AI adoption, and weak strategic planning emerging as key risks to both trust and revenue. The findings, based on surveys of more than 400 law firm decision makers and 600 clients, show that technology is no longer a back-office function. It is now a core part of how legal services are delivered and evaluated.

A new phase in software supply chain attacks is unfolding across the JavaScript ecosystem, as publicly released worm code fuels a surge of low-effort but highly effective malicious packages on npm. Security researchers warn that what began as a proof of concept has quickly evolved into a scalable attack model that favors speed over sophistication. The shift follows the public release of the Shai-Hulud worm source code, which has enabled copycat attackers to rapidly deploy var

This guest article was contributed by Aviral Verma, Head of Research, Securin Ransomware remains one of the most dangerous cyber threats in 2026. Not because it’s new, but because it’s faster, more scalable and increasingly powered by AI. Attackers are using AI to automate malware, refine phishing and chain exploits with unprecedented efficiency, while defenders rely on it to improve detection and response. Securin’s latest Ransomware Index Report shows that in 2025, ransom

The recent incident involving Stryker highlights a critical shift in mobile security risk, where legitimate tools like remote wipe can be turned against organizations. We sat down with Hypori CFO Jerry Raphael to learn why the breach exposes deeper architectural flaws rather than just gaps in controls. The recent Stryker attack demonstrates the continuing challenges with mobile device security and remote wipe risk. Can you put those risk into greater context? Sure. I fly int

A high-profile cyberattack targeting one of the world’s most widely used education platforms has escalated into a multi-stage extortion campaign, raising fresh concerns about SaaS security, identity risk, and third-party dependencies across higher education. The hacking collective ShinyHunters claims it breached systems tied to Instructure, the company behind Canvas LMS, not once but twice in recent weeks. The timing has amplified the impact. Both incidents coincided with fin