top of page


Enterprise Security Tech
A cybersecurity resource for CxOs
Search


Chainguard Expands Athena Coalition as AI-Driven Open Source Vulnerability Defense Accelerates
Chainguard says its Athena coalition has processed more than 40,000 open source vulnerability findings in three weeks, highlighting how AI is changing the speed and scale of software security. Chainguard is expanding Athena, its industry coalition for coordinated open source software defense, as the cybersecurity world races to adapt to a new vulnerability landscape shaped by frontier AI models, automated exploit discovery, and increasingly compressed response windows. The Ki
7 days ago


KDDI Cyberattack Exposes 12 Million Email Addresses and 7.6 Million Passwords in Japan ISP Breach
A cyberattack on an email platform operated by Japanese telecom giant KDDI exposed more than 12.2 million customer email addresses and 7.6 million passwords, marking one of the larger recent credential exposure incidents tied to shared internet service provider infrastructure in Japan. KDDI said the breach affected an email system it runs for five Japanese internet service providers. The platform supports customer email account management, webmail access and email storage. Th
7 days ago


China-Linked Hackers Target University Physics Departments in Roundcube Espionage Campaign
A previously unknown espionage group believed to be operating on behalf of China is targeting physics and engineering departments at universities in the United States and Canada, with a particular focus on research tied to national security, astrophysics, and particle physics. Security researchers at Proofpoint are tracking the activity as UNK_MassTraction. The group is exploiting a chain of vulnerabilities in Roundcube, a widely used open-source webmail platform, to steal cr
7 days ago


CrySome RAT Campaign Turns a Fake Freight Document Into a Full Remote Access Breach
A logistics-themed phishing campaign recently pushed the CrySome remote access trojan through a multi-stage Windows infection chain, showing how attackers are blending believable business lures, native system tools, open-source security-disabling utilities, and modular malware to gain persistent control of victim machines. Researchers with LevelBlue’s SpiderLabs said the incident began with a targeted spear-phishing email disguised as a freight rate confirmation. The message
Jul 6


AI Agent Carries Out Ransomware Attack in Possible Cybercrime First
A ransomware operation tracked as JadePuffer may be one of the clearest signs yet that autonomous AI agents are moving from theory into real-world cybercrime. According to cloud security firm Sysdig, JadePuffer used a large language model agent to conduct much of the ransomware attack chain on its own, including reconnaissance, credential theft, lateral movement, persistence, privilege escalation, and data encryption. The most important part was not that the attack used new t
Jul 6
bottom of page