Enterprise Security Tech

When high-profile campaigns by groups like LAPSUS$ and Scattered Spider make headlines, they often leave the strong impression of technical wizardry: zero-days, clever malware, intricate breaches. But according to research from Flashpoint , that narrative misses the more profound evolution underway. Gone are the days when data extortion simply meant bulk-stealing databases: the playbook has matured to target the single most vulnerable link in modern enterprise security— human

In what many in the cybersecurity world feared might happen, the global ransomware threat has begun to rev back into gear. According to research from NCC Group , after a sustained slide in attack volume, September saw a 28 % month-on-month increase in ransomware incidents—421 attacks globally, up sharply from lower levels in the preceding months. The Anatomy of the Surge While 421 attacks is still below half a thousand, the increase is significant primarily for what it signal

In a twist that might surprise even seasoned CISOs, the fourth annual Global Ransomware Survey from OpenText reveals a paradox: businesses are increasingly confident in their ability to bounce back from ransomware — yet at the same time, they’re quietly admitting that the real threats are multiplying and shifting in ways they’re only beginning to grasp. Confidence vs. Reality According to the survey of roughly 1,800 security practitioners and business leaders, 95 %  of respo

A Russian-linked hacking group notorious for espionage against Western governments has returned with a faster, stealthier, and more aggressive malware campaign—this time disguised as a simple “I’m not a robot” CAPTCHA. Google’s Threat Intelligence Group (GTIG) has identified a new, modular malware suite developed by ColdRiver —also tracked as Star Blizzard , Callisto , and UNC4057 —that replaces the group’s previous toolset known as LostKeys . According to GTIG’s October 20 r

The public sector’s digital ramparts are buckling under the pressure of increasingly sophisticated ransomware — and 2025 is proving to be a watershed year. According to fresh intelligence gathered by the cyber-defence unit of Trustwave SpiderLabs (a division of Trustwave, now under LevelBlue), nearly 200 government or public-service entities around the globe have already been hit by ransomware so far this year. These attacks aren’t isolated incidents of data theft —they’re o

In what security researchers are describing as a watershed moment for developer supply-chain attacks, a new malware campaign dubbed GlassWorm  has begun spreading through extensions for Visual Studio Code (VS Code) and its open-source alternative, OpenVSX. The worm-like code has been installed on an estimated 35,800 developer machines so far. What happened: A stealthy worm enters the IDE According to analysts at Koi Security, the campaign first surfaced on October 17, 2025 wh