Enterprise Security Tech

A routine fitness upload has once again exposed the hidden risks of consumer apps in sensitive environments. This time, the unintended disclosure involved one of Europe’s most important naval assets, surfacing at a moment of heightened geopolitical tension in the Middle East. According to a report by Le Monde, a French naval officer onboard the aircraft carrier Charles de Gaulle publicly shared a workout on the fitness platform Strava, inadvertently revealing the vessel’s nea

Federal cybersecurity officials are raising alarms over a growing wave of attacks targeting endpoint management systems across U.S. organizations, following a high-profile breach involving medical technology firm Stryker earlier this month. The Cybersecurity and Infrastructure Security Agency (CISA) confirmed it is actively tracking malicious activity that abuses legitimate endpoint management tools to gain control over enterprise environments. The advisory comes as investig

A widely used open source security tool at the center of modern software pipelines has been compromised again, raising new concerns about how attackers are targeting the software supply chain to access sensitive developer infrastructure. Trivy , the vulnerability scanner maintained by Aqua Security, was recently exploited to distribute malware through its official GitHub Actions integrations. The incident marks the second breach involving the project in less than a month, sig

A new wave of AI-driven cybersecurity tools is reshaping how software vulnerabilities are discovered, validated, and exploited, compressing what once took months of expert human effort into hours. According to new research from Theori , large language models can now scan millions of lines of code and identify high-impact security flaws in less than a day. The findings highlight a turning point for both defenders and attackers as AI accelerates the speed and scale of software

This guest article was contributed by Alastair Parr, CTO of Spur A growing share of the traffic security teams evaluate each day comes from residential proxies that pool IP addresses from consumer ISPs and mobile devices. Most people don’t realize they’ve opted into a residential proxy, and most organizations lack the context to fully understand how often this traffic reaches them. Residential proxies make it difficult to distinguish legitimate traffic from malicious activity

A newly disclosed set of vulnerabilities in the Linux AppArmor security module could allow attackers to escalate privileges to root, potentially undermining security protections across millions of enterprise systems. The flaws, collectively dubbed “CrackArmor,” were uncovered by the Qualys Threat Research Unit and affect Linux environments where AppArmor is enabled by default, including Ubuntu, Debian, and SUSE deployments. According to researchers, the issue stems from a de