Consider the history of any recent corporate scandal, and it is quite possible to guess what the story…
Tag: corporate
AI, Compliance, Global Security News
Microsoft says it’s making AI ‘safe for work’ in your browser
Microsoft is testing the addition of agentic AI to its corporate browser, Edge for Business. A new version, currently available in a limited preview, will help perform routine tasks more efficiently, according to Microsoft’s partner product manager for Edge, Lindsay Kubasik. Agentic AI will help with completing multi-step tasks such as filling in forms, navigating…
AI, Compliance, Global Security News
Microsoft says it’s making AI ‘safe for work’ in your browser
Microsoft is testing the addition of agentic AI to its corporate browser, Edge for Business. A new version, currently available in a limited preview, will help perform routine tasks more efficiently, according to Microsoft’s partner product manager for Edge, Lindsay Kubasik. Agentic AI will help with completing multi-step tasks such as filling in forms, navigating…
AI, Global Security News
TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates
OpenAI has disclosed that two of its employee devices in its corporate environment were impacted via the Mini Shai-Hulud supply chain attack on TanStack, but noted that no user data, production systems, or intellectual property were compromised or modified in an unauthorized manner. “Upon identification of the malicious activity, we worked quickly to investigate, contain,…
AI, APAC, Global Security News, Network Security
Vector embedding security gap exposes enterprise AI pipelines
Enterprise adoption of retrieval-augmented generation has moved sensitive corporate content into a new storage format that existing security tools cannot inspect. Companies deploying internal AI assistants convert documents into high-dimensional numerical vectors and ship them to embedding services and vector databases over ordinary HTTPS connections. Data loss prevention products scan documents and network traffic, and…
AI, Global Security News, malware
ThreatDown ITDR prevents credential-based attacks
ThreatDown, the former corporate business unit of Malwarebytes, launched ThreatDown Identity Threat Detection and Response (ITDR). ITDR is a new product that helps security teams monitor identities to detect suspicious activity, misconfigurations, and active attacks targeting user accounts and privileges. With native integrations for Microsoft Entra ID, Okta, and Active Directory, security teams gain unified…
AI, Global Security News, Risk Management
Xurrent Intros MCP Server to Enhance AI Integration for ITOps
AI-powered service and operations management platform for corporate IT teams and enterprise MSPs, Xurrent, is launching its Model Context Protocol (MCP) server. This MCP standard enables Xurrent to act as a universal connector, enabling different AI models and digital agents to securely access Xurrent data and perform tasks within established workflows. AI models now connect…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, Government & Policy, Network Security, Risk Management
ClickUp Data Leak Exposes Enterprise Emails for Over a Year
A hardcoded API key embedded in ClickUp’s public website has quietly exposed hundreds of corporate and government email addresses for more than a year. The flaw, first reported in early 2025, remained active as of April 2026 — allowing anyone to access sensitive data with a simple request and no authentication. “I went to http://clickup[.]com,…
Global Security News, malware
The Gentlemen ransomware now uses SystemBC for bot-powered attacks
A SystemBC proxy malware botnet of more than 1,570 hosts, believed to be corporate victims, has been discovered following an investigation into a Gentlemen ransomware attack carried out by a gang affiliate. […]
AI, Global Security News, Risk Management
Webinar: From phishing to fallout — Why MSPs must rethink both security and recovery
Cyberattacks are evolving faster than many MSP and corporate defenses can keep up, with phishing driving much of today’s cybercrime. Join our upcoming webinar to learn how to combine security and recovery strategies to reduce risk and maintain business continuity. […]
AI, Global Security News, Risk Management
Why risk alone doesn’t get you to yes
I have been in security rooms for years, from military operations centers to corporate boardrooms. In all those years I can tell you that the hardest mission that most security leaders will face is not identifying a threat, but getting someone to act on it. We’re trained to see exposure before they are identified by…
AI, Global Security News, Network Security
FIRESIDE CHAT: In the AI age, your MFA, authentication apps can be compromised in minutes
The authentication layer that corporate America spent a decade building is now a liability. Listen to the podcast:The day MFA became the problem That’s the blunt assessment of Kevin Surace, chairman of Token, a Rochester, N.Y.-based security company whose biometric hardware is drawing attention from enterprise security teams and federal regulators alike. Surace made the…
Global Security News, malware
LeakNet ransomware uses ClickFix and Deno runtime for stealthy attacks
The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a malware loader based on the open-source Deno runtime for JavaScript and TypeScript. […]
Global Security News, Risk Management
UK: Companies House Web Glitch Exposes Corporate Details to Fraudsters
An issue with the Companies House website has put the personal and corporate information of millions at risk
AI, Compliance, Global Security News
Pre-travel authorisation is the next big audit focus in Australian business travel
GUEST OPINION: For years, corporate travel governance in Australia has followed a familiar and largely unchallenged sequence: employees book trips, incur costs, and submit expense claims, then finance teams check compliance afterwards. That post-trip model worked until now. As travel volumes regain momentum, finance and audit leaders face new pressure to avoid non-compliant spend. The answer is pre-travel authorisation,…
AI, Global Security News
AI-Generated Writing is Everywhere, and It’s Still Easy to Spot—For Now
Which AI bot reveals itself by sounding like a corporate intern? Which comes across like a nervous student? I asked the chatbots and here’s what they said.
Global Security News, malware
Telegram Increasingly Used to Sell Access, Malware and Stolen Logs
Cybercriminals are now increasingly using Telegram to sell corporate access, malware subscriptions, and stealer logs, turning the messaging app into a fast cybercrime hub.
Data Breaches, Global Security News
Huge “Shadow Layer” of Organizations Hit by Supply Chain Attacks
Black Kite reveals 26,000 unnamed corporate victims linked to 136 third-party breaches
Global Security News, Risk Management
The $19.5 million insider risk problem
Routine employee activity across corporate systems carries an average annual cost of $19.5 million per organization. That figure comes from the 2026 Cost of Insider Risks Global Report, conducted by the Ponemon Institute and based on data from 354 organizations that experienced one or more material insider related incidents over the past year. Negligent or…
Global Security News, Network Security
Japanese tech giant Advantest hit by ransomware attack
Advantest Corporation disclosed that its corporate network has been targeted in a ransomware attack that may have affected customer or employee data. […]
AI, Global Security News
Operation DoppelBrand: Weaponizing Fortune 500 Brands
The GS7 cyberthreat group targets US financial institutions with near-perfect imitations of corporate portals to steal credentials and gain remote access.
Global Security News
Naming and shaming: How ransomware groups tighten the screws on victims
When corporate data is exposed on a dedicated leak site, the consequences linger long after the attack fades from the news cycle
AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management
Software developers: Prime cyber targets and a rising risk vector for CISOs
Threats against corporate software developers are increasing and diversifying, challenging security leaders to develop more agile defenses against this growing attack vector. Attackers are increasingly targeting the tools, access, and trusted channels used by software developers rather than simply exploiting application bugs. The threats blend technical compromise — malicious packages, development pipeline abuse, etc. —…
AI, Apps, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Network Security, Risk Management
Software developers: Prime cyber targets and a rising risk vector for CISOs
Threats against corporate software developers are increasing and diversifying, challenging security leaders to develop more agile defenses against this growing attack vector. Attackers are increasingly targeting the tools, access, and trusted channels used by software developers rather than simply exploiting application bugs. The threats blend technical compromise — malicious packages, development pipeline abuse, etc. —…