Enterprise Security Tech

Artificial intelligence is no longer just changing how organizations defend themselves online. It is fundamentally reshaping how cybercrime works, compressing the time, cost, and skill required to launch attacks that once demanded large criminal operations or nation-state backing. That is one of the clearest signals emerging from the World Economic Forum’s Global Cybersecurity Outlook 2026 , which finds that cyber-enabled fraud and phishing have overtaken ransomware as the to

As the cybersecurity industry closes the books on 2025, the year is already solidifying around a familiar but unsettling conclusion: attackers didn’t need radically new malware to cause outsized damage. They needed people, timing, and a growing catalog of quietly catastrophic infrastructure flaws. That’s the throughline emerging from a year-end review by incident response specialists at LevelBlue , which absorbed digital forensics heavyweight Stroz Friedberg earlier this year

A flaw buried deep inside enterprise security tooling is once again forcing defenders to confront an uncomfortable truth: the systems designed to protect the network can also become its most dangerous point of failure. This week, Trend Micro  issued emergency updates for its on-premises Apex Central management console after researchers disclosed three serious vulnerabilities — including a critical zero-day that allows unauthenticated attackers to execute code remotely with fu

A newly disclosed flaw in MongoDB dubbed 'MongoBleed' is exposing a subtle but dangerous reality of modern cloud infrastructure: sometimes the most sensitive data does not need to be stolen from a database table at all. It can simply leak out of memory. Tracked as CVE-2025-14847 , the vulnerability affects how MongoDB  processes zlib-compressed network traffic. Under specific conditions, a remote attacker can trigger the database server to return fragments of its own uniniti

In the race to automate cybersecurity research, large language models are increasingly being treated as tireless junior analysts that can scan endless codebases in search of fatal flaws. But a recent experiment in AI-assisted vulnerability hunting by Kat Traxler, Principal Security Researcher at Vectra suggests the future of bug discovery is less about replacing humans and more about forcing them into a new role: referee. The experiment unfolded during Zeroday Cloud, a high-

Apple has pushed out a rare round of urgent security updates after confirming that two previously unknown flaws were actively exploited in what the company describes as an extremely sophisticated campaign aimed at specific individuals. The vulnerabilities affect WebKit, the browser engine that quietly underpins much of Apple’s software ecosystem, from Safari to in app browsers embedded across iOS. In a security bulletin released this week , Apple said the flaws were used agai