Enterprise Security Tech

Tenable security researchers have uncovered a pair of previously unknown vulnerabilities in Google Looker  that, when chained together, could allow attackers to take complete control of a Looker instance and, in cloud environments, potentially reach across customer boundaries. The flaws were were responsibly disclosed through Google’s Cloud Vulnerability Reward Program , and patched on Google-managed systems. The risk now falls squarely on organizations that run Looker them

Coinbase has confirmed a newly disclosed insider breach after a contractor improperly accessed sensitive customer data late last year, adding to a growing list of incidents that show how fragile trust boundaries can become when internal tools fall into the wrong hands. The cryptocurrency exchange said the incident occurred in December and affected roughly 30 customers. According to the company, the access was detected by its internal security team and tied to a single contra

Quantum computing is often framed as a looming cybersecurity apocalypse. But for many enterprises, cryptographic systems are already buckling long before quantum machines arrive. A new global survey from Entrust of more than 4,000 senior IT and security leaders shows that the foundations of enterprise encryption are under growing strain, driven by shrinking certificate lifespans, exploding volumes of keys and secrets, fragmented ownership across hybrid environments, and a la

According to research from Simcha Kosman, a senior cyber researcher at CyberArk Labs , a critical remote code execution flaw in Apache bRPC  has put a spotlight on a class of debugging features that quietly sit inside many production systems, rarely scrutinized until something goes wrong. Tracked as CVE-2025-60021 and scored at a near-maximum CVSS 9.8, the vulnerability affects all versions of Apache bRPC prior to 1.15.0. It stems from a command injection issue in the framew

The future of enterprise security is supposed to be autonomous. AI agents negotiate contracts, move money, write code, and respond to incidents at machine speed. But according to a new industry survey, the foundation those agents depend on is still riddled with legacy systems that attackers already know how to exploit. That tension sits at the center of The Identity Underground Annual Pulse 2026 , a new report drawing on survey data and candid commentary from more than 150 id

The Everest ransomware crew is once again claiming a marquee victim, this time alleging it has siphoned a vast trove of customer data from Under Armour and leaked it onto a cybercrime forum. If verified, the incident would rank among the largest retail data exposures in recent memory and highlight how modern ransomware campaigns can linger long after an initial intrusion. The scale of the alleged breach comes from Have I Been Pwned , which says it ingested data tied to 72.7