Enterprise Security Tech

Phishing has always borrowed from theater. What is changing now is the stage direction. New research from Okta Threat Intelligence shows that modern phishing kits are no longer static web traps. They are interactive tools designed to work in lockstep with a human voice on the other end of the line. In these hybrid attacks, a caller guides a victim through a login flow in real time while dynamically controlling what the victim sees in their browser. The result is a form of vi

Security teams have long relied on deliberately vulnerable web applications to train defenders and test internal defenses. New research shows those same tools are now being used as a shortcut into real enterprise cloud environments. An investigation by automated penetration testing firm Pentera  found that threat actors are actively exploiting misconfigured security training and testing applications that have been left exposed on the public internet. These include intentiona

For years, public key infrastructure quietly did its job in the background, issuing certificates, encrypting traffic, and validating identities. Now it is becoming a frontline failure point. New research from CyberArk suggests that PKI systems are struggling to keep pace with the explosion of machine and workload identities across cloud native and zero trust environments. As certificates multiply, organizations are discovering that legacy tools and manual processes are no lo

Cybercriminals are attempting to sell what they claim is a massive cache of internal source code linked to Target, igniting fresh concern over how quietly sensitive development systems can be exposed without triggering alarms. The episode surfaced after a previously unknown threat actor posted on a well known underground forum, advertising what was described as sensitive development files allegedly taken from the US retail giant. To bolster the claim, the actor briefly publi

This guest article was contributed by Scott Richards, SVP of AI & Discovery and Cybersecurity at OpenText Enterprises are under growing security pressure in 2026. Data volume continues to multiply. Identity sprawl is expanding across hybrid and cloud environments. Threat actors increasingly use AI to find new attack vectors. And at the same time, AI powered security tools have matured and can now provide context aware, automated protection rather than alarm overload. This cre

The University of Hawaii Cancer Center is facing growing scrutiny after quietly navigating a ransomware attack that compromised decades old cancer research data, then waiting months to inform regulators and affected individuals. According to a report filed with the Hawaii state legislature in December, attackers gained unauthorized access to servers supporting cancer research operations in late August. The intruders encrypted systems, disrupted access to research files, and