Enterprise Security Tech

According to Ontinue , a newly analyzed Linux malware framework called VoidLink is offering defenders an early glimpse into how artificial intelligence is quietly reshaping the underground economy of cyber intrusion. The implant is not a proof of concept or a lab experiment. It is a working command and control framework designed for long term access across cloud and enterprise environments, complete with credential theft, container exploitation, and kernel level stealth. What

For years, security teams have lived with a hard truth: they cannot look at everything. As alert volumes balloon across endpoints, cloud workloads, identity systems, and email gateways, security operations centers have learned to triage aggressively. Low severity and informational alerts are often ignored by design, treated as background noise rather than actionable risk. New research from Intezer suggests that this tradeoff is quietly failing. An analysis of more than 25 mi

Tenable security researchers have uncovered a pair of previously unknown vulnerabilities in Google Looker  that, when chained together, could allow attackers to take complete control of a Looker instance and, in cloud environments, potentially reach across customer boundaries. The flaws were were responsibly disclosed through Google’s Cloud Vulnerability Reward Program , and patched on Google-managed systems. The risk now falls squarely on organizations that run Looker them

Coinbase has confirmed a newly disclosed insider breach after a contractor improperly accessed sensitive customer data late last year, adding to a growing list of incidents that show how fragile trust boundaries can become when internal tools fall into the wrong hands. The cryptocurrency exchange said the incident occurred in December and affected roughly 30 customers. According to the company, the access was detected by its internal security team and tied to a single contra

Cydome is taking aim at one of clean energy’s most stubborn security gaps: how to protect offshore wind farms that are expensive, dangerous, and sometimes impossible to physically reach. The maritime and critical infrastructure security firm this week unveiled a deployment model designed specifically for offshore renewable energy facilities, where traditional cybersecurity assumptions break down. Instead of requiring new hardware or on-site technicians, the company’s softwar