Enterprise Security Tech

A cybersecurity incident at Carnival Corporation has once again highlighted how human-focused attacks continue to bypass traditional security defenses, exposing sensitive customer information despite the presence of enterprise-grade security controls. The cruise giant disclosed that threat actors gained unauthorized access to company systems in April after successfully manipulating an employee through a social engineering scheme. While Carnival said it moved quickly to contai

AI security startup 7AI has launched three new capabilities designed to give security teams greater control over autonomous security operations: Threat Hunt, Threat Intel Hunt, and Skills. The additions allow analysts to proactively investigate threats, automate intelligence-driven investigations, and customize how AI agents operate within their environments. Rather than relying solely on alerts, Threat Hunt enables analysts to launch hypothesis-driven investigations using na

A sophisticated cybercrime campaign is reshaping how attackers exploit the modern software ecosystem, moving beyond isolated breaches into a model where compromise can spread autonomously across trusted development pipelines. BlueVoyant security researchers tracking an actor known as Replicating Marauder say the group has evolved its operations into a multi-phase supply chain campaign that leverages developer tools, package registries, and CI/CD workflows as both entry points

Cybersecurity teams are facing a sharper, more deceptive class of attacks as adversaries refine techniques designed to blend seamlessly into everyday enterprise activity. New research from Barracuda highlights how attackers are shifting away from noisy intrusion methods toward strategies that mimic legitimate behavior, exploit AI hype, and evade traditional detection altogether. One of the most concerning trends is the rise in successful account takeovers within cloud platfor

A new phishing campaign is quietly turning everyday “free reward” emails into a global data theft machine, according to fresh research from KnowBe4 Threat Labs. Security analysts say the operation blends high-volume email distribution with polished brand impersonation and behavioral psychology to extract credit card details and personal data from victims at scale. The campaign revives a familiar lure. Users receive emails promising high-end prizes like smartphones or headphon

A cyberattack that disrupted systems at the Los Angeles County Metropolitan Transportation Authority is now being attributed to Iranian state-backed actors, according to new research that points to a broader escalation in cyber activity targeting U.S. infrastructure. Researchers at Gambit Security say the group behind the March breach, calling itself Ababil of Minab, is likely linked to Iran’s Ministry of Intelligence and State Security. The group had claimed to act independe