Tag: enterprise security
78 articles

AI Agents Expose Blind Spots in APAC Enterprise Security
Attackers are now targeting AI agents embedded within APAC enterprises, exploiting weaknesses in non-human identities to gain access to sensitive systems, data, and workflows. This emerging threat highlights a significant blind spot in enterprise security, one that's ripe for exploitation by malicious actors.

Security Researchers Exploit 47 Zero-Days for $1.3 Million at Pwn2Own Berlin
In a stunning display of cybersecurity prowess, researchers at Pwn2Own Berlin 2026 exploited a whopping 47 zero-day flaws, raking in a total of $1.3 million in just three days. The competition saw contestants disclose and exploit vulnerabilities in top enterprise and AI-facing products, earning daily payouts of $523,000, $385,750, and $389,500.

Microsoft Unveils 100-Agent AI System for Advanced Bug Hunting
Microsoft has just unveiled MDASH, a game-changing AI system that leverages 100 specialized agents to supercharge bug hunting and vulnerability discovery. This cutting-edge technology combines multiple AI models to outperform traditional single-model approaches, giving enterprises a powerful new defense against cyber threats.

Microsoft Alters Edge to Mitigate Password Exposure Risk
Microsoft is taking a major step to boost password security in its Edge browser, rolling out a defense-in-depth change to mitigate the risk of password exposure. This update will be applied across all supported Edge versions, prioritizing a swift rollout to protect users.

Securing Autonomous AI Requires New Risk Strategies
Autonomous AI agents are revolutionizing enterprise environments with lightning-fast speed, unprecedented autonomy, and access to sensitive systems and data - but many security teams lack the visibility and control to manage the resulting risks. This game-changing technology is rapidly expanding the enterprise attack surface, demanding new risk strategies to stay ahead.

Autonomous AI Exposes Governance Gaps in Enterprise Security
As autonomous AI revolutionizes enterprise security, it's also revealing alarming governance gaps that can leave organizations in highly regulated environments exposed to unprecedented risks. The rapid adoption of autonomous AI is creating a trust gap, where innovation outpaces control, and novel risks to visibility, control, and regulatory compliance are emerging.

Enterprises Lag in AI-Agent Risk Mitigation Despite Funding
Most enterprise leaders are bracing for a major security breach or fraud incident driven by AI agents within the next year, yet their organizations are woefully unprepared to mitigate the risks. A recent survey of 300 security leaders reveals a stark gap between threat awareness and adequate safeguards.

Exaforce Secures $125M to Accelerate Real-Time Cyber Reasoning
In a world where cyber threats move at lightning speed, Exaforce founder Ankur Singla stresses that defense must too, with humans supervising while machines react in real-time. His startup's innovative platform aims to make this vision a reality with autonomous, near-instant responses to enterprise telemetry.

Low-Severity Alerts Expose Hidden Threats in Enterprise Security
Don't let low-severity alerts fly under the radar - nearly 1% of confirmed incidents come from these seemingly minor warnings, translating to around one missed breach per week for a typical enterprise. This small but significant gap in enterprise security can have big consequences.

AI-BOMs Emerge to Secure Enterprise AI Supply Chains
Imagine biting into a mysterious birthday cake without knowing its ingredients or who baked it - that's what it's like for enterprises trying to secure their AI supply chains without visibility into the components used to build their AI systems. Traditional software bills of materials just aren't cutting it in this new landscape.

AI-BOMs Tackle Shadow AI Risks in Enterprise Supply Chains
Imagine biting into a cake without knowing the recipe, ingredients, or who's behind the baking - it's a risk you wouldn't take, right? Similarly, without AI-BOMs, enterprises are left in the dark about the AI components powering their supply chains, leaving them vulnerable to shadow AI risks.

Microsoft Enhances App Removal Policy for Windows 11 Enterprises
Microsoft just made it easier for IT admins to manage Microsoft Store apps on Windows 11 devices - you can now dynamically remove preinstalled apps across your enterprise using a simple policy update. Just reference the Package Family Name (PFN) to uninstall any unwanted MSIX/APPX apps.

OAuth Breach Risks Expose AI-Driven Enterprise Vulnerability
A single misstep with a trial AI tool led to a major breach: a Vercel employee's casual OAuth grant to Context.ai created a lasting vulnerability that attackers exploited when Context.ai was compromised. This incident highlights the alarming ease with which AI-driven tools can become enterprise security weak spots.

Governance Gaps Exposed in AI Agent Deployments
To safely deploy AI agents, enterprises must first tighten up governance for the humans, bots, and machine identities that serve as their authority sources, since AI agents aren't independent actors but rather delegated ones. By reframing AI governance as a delegation issue, we can shift the focus from novelty to effective oversight.

Mandiant VP Warns of Resurgent Cybersecurity Risks in AI Deployments
As organizations rush to adopt AI, they're reviving long-standing cybersecurity failures, warns Mandiant VP Jurgen Kutscher, who urges a focus on basic security controls over new AI-specific threats. Neglecting these fundamentals leaves AI-enabled environments vulnerable to measurable operational weaknesses.

MacOS Attacks Evolve, Exploiting Native Tools for Stealth
As macOS use surges in enterprise environments, accounting for over 45% of organizations, attackers are getting creative - exploiting native tools like Remote Application Scripting, Terminal, and AppleScript to stealthily run code, move undetected, and evade security measures. Cisco Talos warns that these tactics allow hackers to issue malicious instructions across processes and systems without triggering conventional monitoring.

Wi-Fi Encryption Flaws Expose Enterprises to AirSnitch Attacks
Enterprises are in grave danger of being hacked through their Wi-Fi networks, as newly discovered AirSnitch attacks can bypass WPA2 and WPA3-Enterprise encryption, exposing sensitive credentials and backend systems to both insider and remote threats. This critical vulnerability undermines the very foundations of wireless network security.

Enterprises Face Identity Crisis as Machine Access Surges
As AI agents increasingly reshape enterprise operations and defenses, a new reality sets in: machine identities are surging, outnumbering human users and introducing unprecedented risks that are autonomous, fast-moving, and difficult to control. This seismic shift demands attention, as organizations scale AI and transform their attack surfaces and decision flows.
Agentic AI Compounds Enterprise Identity Risks
As autonomous machines increasingly act, decide, and transact on their own, a pressing question emerges: what constitutes an "identity" within an enterprise, and how can we safeguard against the rising risks? The lines between human and non-human identities are blurring, demanding a fresh look at enterprise security in the age of agentic AI.
Microsoft patches trigger reboot loops in some Windows servers
Microsoft's latest security updates have caused some Windows servers to malfunction, triggering frustrating reboot loops that can bring entire authentication backbones to a grinding halt. This unexpected issue raises serious concerns about the reliability of enterprise updates.

AI Adoption Exposes Hidden Security Gaps in Enterprise Operations
As AI rapidly moves from experimentation to executive mandate, organizations face a daunting challenge: how to harness its power while securing and governing its adoption. With boards, investors, and executives pushing for integration, the pressure is on to balance AI adoption with robust security and oversight.

Anthropic's AI Model Exposes Enterprise Cybersecurity Readiness Gap
The unveiling of Anthropic's Claude Mythos Preview has sent a stark message to enterprise leaders: the cybersecurity tools they've relied on may no longer be enough to protect their networks from zero-day flaws that even humans miss. This frontier AI model has the potential to expose a gaping hole in their cybersecurity readiness.

Enterprises urged to accelerate post-quantum transition planning
Don't wait until it's too late - experts warn that enterprises must start planning and executing their transition to post-quantum cryptography now to stay ahead of the curve. By taking a proactive approach, organizations can demystify this complex technical shift and turn it into a manageable operational task.

Gmail Bolsters Security with Mobile End-to-End Encryption Rollout
Google just supercharged Gmail security with end-to-end encryption now available on all Android and iOS devices, giving enterprise users a seamless way to send and receive secure emails. This rollout promises stronger protections without the need for extra tools.