Enterprise Security Tech

A sophisticated compromise of the widely used Axios JavaScript library has reignited concerns about the fragility of the open-source software supply chain, with security researchers warning that traditional defenses are no longer enough to protect modern development environments. The incident, which involved the hijacking of Axios’ npm distribution, allowed attackers to deliver remote access trojans across Windows, macOS, and Linux systems during a narrow but impactful expos

U.S. federal authorities are raising alarms about a surge in state-linked cyber activity targeting widely used messaging platforms, signaling a shift in how nation-state actors bypass encryption by exploiting users instead of software vulnerabilities. In two coordinated advisories , the FBI detailed separate campaigns tied to Russian intelligence services and Iran’s Ministry of Intelligence and Security. Both operations rely heavily on social engineering and the abuse of trus

As governments and enterprises race to prepare for the arrival of quantum computing threats, cybersecurity vendor pQCee has introduced a new cryptographic platform designed to help organizations transition faster to post-quantum standards without overhauling their infrastructure. The company announced the release of its Cryptographic Next Generation (CNG) provider for Microsoft Windows, a move aimed at embedding quantum-safe cryptography directly into one of the world’s most

A widely used open source security tool at the center of modern software pipelines has been compromised again, raising new concerns about how attackers are targeting the software supply chain to access sensitive developer infrastructure. Trivy , the vulnerability scanner maintained by Aqua Security, was recently exploited to distribute malware through its official GitHub Actions integrations. The incident marks the second breach involving the project in less than a month, sig

A new cyber threat landscape is emerging alongside escalating geopolitical tensions in the Middle East, with security researchers warning that the region’s instability is increasingly mirrored in cyberspace. A recent update from NCC Group highlights a growing convergence between physical conflict and coordinated cyber activity, signaling a shift toward more persistent and strategically aligned digital operations. The report points to a steady rise in cyber campaigns linked t

This guest article was contributed by Alastair Parr, CTO of Spur A growing share of the traffic security teams evaluate each day comes from residential proxies that pool IP addresses from consumer ISPs and mobile devices. Most people don’t realize they’ve opted into a residential proxy, and most organizations lack the context to fully understand how often this traffic reaches them. Residential proxies make it difficult to distinguish legitimate traffic from malicious activity