Enterprise Security Tech

The defining cybersecurity story of late 2025 is not about zero-days or sophisticated exploits. It is about access. Attackers are no longer forcing their way into networks. They are signing in. According to new threat intelligence report by Ontinue , the industry has crossed a structural tipping point where identity has become the central battleground. Credentials, tokens, and machine identities now function as both the entry point and the control layer for modern attacks, f

By all appearances, DNS has remained one of the most quietly critical layers of the internet. It routes traffic, connects users to applications, and underpins nearly every digital interaction. Yet a growing body of research suggests it may also be one of the most under-protected attack surfaces in enterprise cybersecurity. A new report from CSC , The ROI of DNS: A Guide to Risk Reduction and Smart Investment , argues that organizations are still treating DNS security as a tec

A newly disclosed vulnerability in OpenAI’s Codex environment is forcing a broader reckoning across the software industry, as researchers demonstrate how AI-powered coding tools can become high-value targets for credential theft and lateral movement inside developer ecosystems. Security researchers at BeyondTrust Phantom Labs uncovered a command injection flaw that allowed attackers to extract GitHub OAuth tokens directly from Codex execution environments. The issue, now pat

A critical vulnerability in Citrix NetScaler appliances is rapidly escalating from early reconnaissance into active exploitation, according to multiple security researchers tracking activity in the wild. The flaw, tracked as CVE-2026-3055, exposes enterprise systems to sensitive data leakage and is already drawing attention from threat actors probing internet-facing infrastructure. Security researchers at Defused Cyber and watchTowr report that attackers initially began by

At a time when identity-based attacks are outpacing traditional defenses, Token is betting that the future of authentication lies entirely off the grid. At RSA Conference 2026, the company introduced the TokenCore Node, a compact biometric authenticator built for environments where cloud connectivity is not just undesirable, but prohibited. The launch targets a growing segment of security-conscious organizations, including defense contractors, critical infrastructure operato

As governments and enterprises race to prepare for the arrival of quantum computing threats, cybersecurity vendor pQCee has introduced a new cryptographic platform designed to help organizations transition faster to post-quantum standards without overhauling their infrastructure. The company announced the release of its Cryptographic Next Generation (CNG) provider for Microsoft Windows, a move aimed at embedding quantum-safe cryptography directly into one of the world’s most