enterprise

Oracle issues emergency fix for pre-auth RCE in Identity Manager (CVE-2026-21992)

Oracle issues emergency fix for pre-auth RCE in Identity Manager (CVE-2026-21992) 2026-03-23 at 13:50 By Zeljka Zorz Oracle has released an out-of-band patch for a critical and easily exploitable vulnerability (CVE-2026-21992) in Oracle Identity Manager and Oracle Web Services Manager. The company did not say whether the vulnerability has been exploited as a zero-day, but […]

Oracle issues emergency fix for pre-auth RCE in Identity Manager (CVE-2026-21992) Read More »

Cisco FMC flaw was exploited by Interlock weeks before patch (CVE-2026-20131)

Cisco FMC flaw was exploited by Interlock weeks before patch (CVE-2026-20131) 2026-03-20 at 15:21 By Zeljka Zorz A critical vulnerability (CVE-2026-20131) in Cisco Secure Firewall Management Center (FMC) that Cisco disclosed and patched in early March 2026 has been exploited as a zero-day by the Interlock ransomware gang, Amazon CISO and VP of Security Engineering

Cisco FMC flaw was exploited by Interlock weeks before patch (CVE-2026-20131) Read More »

As AI agents start making purchases, security teams must rethink risk

As AI agents start making purchases, security teams must rethink risk 2026-03-05 at 08:17 By Zeljka Zorz In this Help Net Security interview, Donald Kossmann, CTO at fintech company Chargebacks911, talks about the emerging security, fraud, and governance risks of “agentic commerce,” where AI agents can autonomously make purchasing decisions on behalf of users or

As AI agents start making purchases, security teams must rethink risk Read More »

Over 1,200 IceWarp servers still vulnerable to unauthenticated RCE flaw (CVE-2025-14500)

Over 1,200 IceWarp servers still vulnerable to unauthenticated RCE flaw (CVE-2025-14500) 2026-03-04 at 15:57 By Zeljka Zorz A critical RCE vulnerability (CVE-2025-14500) in IceWarp, an EU-made business communication and collaboration platform, may be exploited by attackers to gain unauthorized access to exposed unpatched servers. According to the Shadowserver Foundation, there are currently over 1,200 internet-facing

Over 1,200 IceWarp servers still vulnerable to unauthenticated RCE flaw (CVE-2025-14500) Read More »

AI went from assistant to autonomous actor and security never caught up

AI went from assistant to autonomous actor and security never caught up 2026-03-03 at 08:35 By Mirko Zorz Enterprise AI deployments have shifted from pilot programs to production systems handling customer data, executing business transactions, and integrating with core infrastructure. That has exposed a significant gap between what AI agents can do and what security

AI went from assistant to autonomous actor and security never caught up Read More »

Industrial networks continue to leak onto the internet

Industrial networks continue to leak onto the internet 2026-02-27 at 07:30 By Mirko Zorz Industrial operators continue to run remote access portals, building automation servers, and other operational technology services on public IP address ranges. Palo Alto Networks, Siemens, and Idaho National Laboratory describe the scope of that exposure in the Intelligence-Driven Active Defense Report

Industrial networks continue to leak onto the internet Read More »

Cyber valuations climb as capital concentrates, AI security expands

Cyber valuations climb as capital concentrates, AI security expands 2026-02-25 at 08:59 By Sinisa Markovic Venture funding in cybersecurity continued to concentrate in large private rounds at the end of 2025, driving valuations higher across stages. Data from DataTribe shows total capital invested approached $150 billion for the year, with a disproportionate share flowing into

Cyber valuations climb as capital concentrates, AI security expands Read More »

BeyondTrust fixes easy-to-exploit pre-auth RCE vulnerability in remote access tools (CVE-2026-1731)

BeyondTrust fixes easy-to-exploit pre-auth RCE vulnerability in remote access tools (CVE-2026-1731) 2026-02-09 at 13:36 By Zeljka Zorz BeyondTrust fixed a critical remote code execution vulnerability (CVE-2026-1731) in its Remote Support (RS) and Privileged Remote Access (PRA) solutions and is urging self-hosted customers to apply the patch as soon a possible. Unlike the Remote Support zero-day

BeyondTrust fixes easy-to-exploit pre-auth RCE vulnerability in remote access tools (CVE-2026-1731) Read More »

Ransomware attackers are exploiting critical SmarterMail vulnerability (CVE-2026-24423)

Ransomware attackers are exploiting critical SmarterMail vulnerability (CVE-2026-24423) 2026-02-06 at 13:12 By Zeljka Zorz For the third time in two weeks, CISA added a vulnerability (CVE-2026-24423) affecting SmarterTools’ SmarterMail email and collaboration server to its Known Exploited Vulnerabilities catalog, and this one is being exploited in ransomware attacks. A glut of SmarterMail vulnerabilities On January

Ransomware attackers are exploiting critical SmarterMail vulnerability (CVE-2026-24423) Read More »

Measuring AI use becomes a business requirement

Measuring AI use becomes a business requirement 2026-02-05 at 09:11 By Anamarija Pogorelec Enterprise teams already run dozens of AI tools across daily work. Usage stretches from code generation and analytics to customer support drafting and internal research. Oversight remains uneven across roles, functions, and industries. A new Larridin survey of enterprise leaders places measurement

Measuring AI use becomes a business requirement Read More »

AI is driving a new kind of phishing at scale

AI is driving a new kind of phishing at scale 2026-02-05 at 09:11 By Sinisa Markovic Email remains a primary entry point for attackers, and security teams continue to manage high volumes of malicious messages that change form across campaigns. Attackers generate large numbers of messages with small variations in wording, structure, and delivery paths.

AI is driving a new kind of phishing at scale Read More »

Sandisk brings SPRandom to open source for large SSD testing

Sandisk brings SPRandom to open source for large SSD testing 2026-02-03 at 15:15 By Anamarija Pogorelec Enterprise storage environments already run long qualification cycles as solid-state drive capacities rise and validation teams try to mirror production workloads. Preconditioning steps now consume days of lab time for a single device, especially in data centers supporting AI

Sandisk brings SPRandom to open source for large SSD testing Read More »

Ivanti provides temporary patches for actively exploited EPMM zero-day (CVE-2026-1281)

Ivanti provides temporary patches for actively exploited EPMM zero-day (CVE-2026-1281) 2026-01-30 at 05:32 By Zeljka Zorz Ivanti has released provisional patches that fix two critical code injection vulnerabilities in Endpoint Manager Mobile (EPMM), one of which (CVE-2026-1281) has been exploited in zero-day attacks and has been added to CISA’s Known Exploited Vulnerabilities catalog. Investigating potential

Ivanti provides temporary patches for actively exploited EPMM zero-day (CVE-2026-1281) Read More »

eScan AV supply chain compromise: Users targeted with malicious updates

eScan AV supply chain compromise: Users targeted with malicious updates 2026-01-29 at 17:29 By Zeljka Zorz The update infrastructure for eScan antivirus, a product of Indian cybersecurity company MicroWorld Technologies, has been compromised by unknown attackers to deliver a persistent downloader to enterprise and consumer endpoints. The supply chain compromise also resulted in the eScan

eScan AV supply chain compromise: Users targeted with malicious updates Read More »

Attackers use Windows App-V scripts to slip infostealer past enterprise defenses

Attackers use Windows App-V scripts to slip infostealer past enterprise defenses 2026-01-27 at 17:17 By Zeljka Zorz A malware delivery campaign detailed by Blackpoint researchers employs an impressive array of tricks to deliver an infostealer to employees without triggering enterprise defenses or close examination by security researchers. The attackers aim to get the Amatera Stealer

Attackers use Windows App-V scripts to slip infostealer past enterprise defenses Read More »

RCE flaw in Cisco enterprise communications products probed by attackers (CVE-2026-20045)

RCE flaw in Cisco enterprise communications products probed by attackers (CVE-2026-20045) 2026-01-21 at 20:57 By Zeljka Zorz Cisco has fixed a critical remote code execution vulnerability (CVE-2026-20045) in some of its unified communications solutions that’s being targeted by attackers in the wild, the company announced on Wednesday via a security advisory. About CVE-2026-20045 CVE-2026-20045 is

RCE flaw in Cisco enterprise communications products probed by attackers (CVE-2026-20045) Read More »

Fake browser crash alerts turn Chrome extension into enterprise backdoor

Fake browser crash alerts turn Chrome extension into enterprise backdoor 2026-01-19 at 17:21 By Zeljka Zorz Browser extensions are a high-risk attack vector for enterprises, allowing threat actors to bypass traditional security controls and gain a foothold on corporate endpoints. Case in point: A recently identified malicious extension called NexShield proves that a single user

Fake browser crash alerts turn Chrome extension into enterprise backdoor Read More »

Cisco fixes AsyncOS vulnerability exploited in zero-day attacks (CVE-2025-20393)

Cisco fixes AsyncOS vulnerability exploited in zero-day attacks (CVE-2025-20393) 2026-01-16 at 17:05 By Zeljka Zorz Cisco has finally shipped security updates for its Email Security Gateway and Secure Email and Web Manager devices, which fix CVE-2025-20393, a vulnerability in the devices’ AsyncOS that has been exploited as a zero-day by suspected Chinese attackers since at

Cisco fixes AsyncOS vulnerability exploited in zero-day attacks (CVE-2025-20393) Read More »

The next big IT security battle is all about privileged access

The next big IT security battle is all about privileged access 2025-12-26 at 07:01 By Help Net Security Leostream predicts changes in Identity and Access Management (IAM) and Privileged Access Management (PAM) in 2026 driven by new realities of cybersecurity, hybridization, AI, and more. Passwordless moves from pilot to production In 2026, passwordless authentication will

The next big IT security battle is all about privileged access Read More »

Microsoft 365 users targeted in device code phishing attacks

Microsoft 365 users targeted in device code phishing attacks 2025-12-18 at 16:12 By Zeljka Zorz Attackers are targeting Microsoft 365 users with device code authorization phishing, a technique that fools users into approving access tokens, Proofpoint warns. The method abuses Microsoft’s OAuth 2.0 device authorization grant flow by presenting users with device codes that, when

Microsoft 365 users targeted in device code phishing attacks Read More »

Scroll to Top