Enterprise Security Tech

Google’s Threat Intelligence Group (GTIG) is warning that artificial intelligence is no longer just a tool for defenders — it’s becoming an active accomplice in cybercrime. In its latest report, the company outlines a new class of malware that uses large language models (LLMs) not just to assist development, but to rewrite itself dynamically during execution. From Static Code to “Thinking” Malware GTIG calls this technique “just-in-time self-modification.”  It enables malicio

Apple just dropped one of its largest security updates in years — and while the company insists no vulnerabilities are under active attack, the scale of the release tells a different story about the growing complexity of its ecosystem. Across its major platforms, Apple patched an eye-popping 105 vulnerabilities in macOS 26.1 , 56 in iOS and iPadOS 26.1 , 43 in visionOS , 32 in watchOS , and 21 in Safari , along with two in Xcode. The cumulative list reads like a blueprint of

When dozens of alumni and students at the University of Pennsylvania (Penn) opened their inboxes on Friday, they encountered more than a phishing lure—what appeared was a full-on reputation-assault, wrapped in the university’s own branding. What began as a shocking email blast is now being treated by Penn’s leadership as a serious cybersecurity incident. According to Reuters, the university has engaged the Federal Bureau of Investigation (FBI) and third-party cyber forensics,

Qilin’s Explosive Reign and What It Means for Critical Infrastructure Ten months into 2025, the ransomware group Qilin  has hit a grim milestone: its 700th claimed victim . That makes it the most prolific ransomware outfit of the year—eclipsing last year’s leader, RansomHub, which logged 547 total victims in 2024. Once a fringe player in the cybercrime underground, Qilin now dominates the ransomware-as-a-service (RaaS) market, turning data extortion into an industrialized bus

Password reuse just became a lot more dangerous. In what may be one of the largest credential-harvesting operations ever documented, threat actors have compiled 3.5 terabytes of stolen login data—now labeled the “Synthient Stealer Log Threat Data”—and it’s been added to Have I Been Pwned  (HIBP). The dataset includes 183 million unique email addresses, each paired with the passwords and websites where they were stolen. For the average person juggling dozens of logins across a

When high-profile campaigns by groups like LAPSUS$ and Scattered Spider make headlines, they often leave the strong impression of technical wizardry: zero-days, clever malware, intricate breaches. But according to research from Flashpoint , that narrative misses the more profound evolution underway. Gone are the days when data extortion simply meant bulk-stealing databases: the playbook has matured to target the single most vulnerable link in modern enterprise security— human