Enterprise Security Tech

In the race to automate cybersecurity research, large language models are increasingly being treated as tireless junior analysts that can scan endless codebases in search of fatal flaws. But a recent experiment in AI-assisted vulnerability hunting by Kat Traxler, Principal Security Researcher at Vectra suggests the future of bug discovery is less about replacing humans and more about forcing them into a new role: referee. The experiment unfolded during Zeroday Cloud, a high-

Apple has pushed out a rare round of urgent security updates after confirming that two previously unknown flaws were actively exploited in what the company describes as an extremely sophisticated campaign aimed at specific individuals. The vulnerabilities affect WebKit, the browser engine that quietly underpins much of Apple’s software ecosystem, from Safari to in app browsers embedded across iOS. In a security bulletin released this week , Apple said the flaws were used agai

By the time a ransomware demand flashes onto a screen, the damage has usually already been done. In 2026, that gap between intrusion and impact is expected to widen, not shrink, as attackers refine how they break in, move laterally, and siphon data long before defenders realize anything is wrong. Ransomware is no longer a chaotic smash-and-grab operation. It has matured into an efficient criminal economy with specialization, tooling, and repeatable playbooks. According to Ziv

For most of the past decade, cybersecurity predictions have followed a familiar script. More ransomware. More phishing. More AI on both sides of the fight. But as 2026 approaches, a quieter shift is underway, one that forces organizations to rethink not just threats, but who and what is actually showing up on their digital front doors. The next wave of disruption is not only about attackers getting smarter. It is about the internet filling up with nonhuman actors that behave

An unusual PayPal scam is highlighting how attackers increasingly rely on trusted platforms rather than obvious forgeries to slip past both technical defenses and human suspicion. Over the past several weeks, security researchers and users have observed phishing campaigns that exploit PayPal’s own subscription and notification systems to deliver emails that look entirely legitimate. The messages arrive from PayPal’s real infrastructure, use authentic templates, and land dire

Every December, the internet dresses itself up for the holidays. Social feeds fill with lights and nostalgia, inboxes clog with end of year reminders, and millions of people quietly reset their passwords. According to a new analysis of breached credentials, that seasonal spirit is leaking straight into login security in ways attackers already understand all too well. Security researchers at Specops Software examined roughly 800 million compromised passwords and found that ho