Enterprise Security Tech

A coalition of the world’s largest technology companies is betting that artificial intelligence can tip the balance in cybersecurity before attackers fully weaponize it. Anthropic this week unveiled Project Glasswing , a coordinated effort with industry heavyweights including Amazon, Apple, Microsoft, Cisco, CrowdStrike, Broadcom, Palo Alto Networks, and the Linux Foundation. The initiative centers on a new AI system called Claude Mythos Preview, a model designed to uncover d

Federal cybersecurity agencies are warning that Iran-affiliated hackers are actively exploiting weaknesses in the industrial control systems that underpin America’s water and energy infrastructure, signaling a renewed focus on operational disruption rather than simple espionage. In a joint advisory released , a coalition that includes the Cybersecurity and Infrastructure Security Agency, National Security Agency, Federal Bureau of Investigation, U.S. Cyber Command, Department

A newly disclosed vulnerability in OpenAI’s Codex environment is forcing a broader reckoning across the software industry, as researchers demonstrate how AI-powered coding tools can become high-value targets for credential theft and lateral movement inside developer ecosystems. Security researchers at BeyondTrust Phantom Labs uncovered a command injection flaw that allowed attackers to extract GitHub OAuth tokens directly from Codex execution environments. The issue, now pat

A critical vulnerability in Citrix NetScaler appliances is rapidly escalating from early reconnaissance into active exploitation, according to multiple security researchers tracking activity in the wild. The flaw, tracked as CVE-2026-3055, exposes enterprise systems to sensitive data leakage and is already drawing attention from threat actors probing internet-facing infrastructure. Security researchers at Defused Cyber and watchTowr report that attackers initially began by

Google has redrawn one of the most important timelines in cybersecurity. The company now says it aims to be ready for “Q Day” by 2029, a milestone when quantum computers could break the cryptographic systems that underpin global digital trust. That shift compresses what many in the industry expected to be a longer runway. It also signals a sharper sense of urgency around post-quantum cryptography, or PQC, as governments, cloud providers, and software vendors race to secure d

A sophisticated compromise of the widely used Axios JavaScript library has reignited concerns about the fragility of the open-source software supply chain, with security researchers warning that traditional defenses are no longer enough to protect modern development environments. The incident, which involved the hijacking of Axios’ npm distribution, allowed attackers to deliver remote access trojans across Windows, macOS, and Linux systems during a narrow but impactful expos