Darktrace is doubling down on the Middle East. The British-born cybersecurity company—known for pioneering AI systems that autonomously detect and respond to cyber threats—announced it will establish a legal entity and new regional office in Riyadh, Saudi Arabia , marking a significant milestone in its global expansion strategy. The office, located in Riyadh’s landmark Kingdom Centre , will open in January 2026 , serving as a new regional hub for customers across Saudi Arabia and the wi...| Enterprise Security Tech
In the evolving theatre of cyber-conflict, large-scale breaches are no longer just the result of a single dramatic failure—now they are nearly always the result of many smaller failures colliding. According to recent analysis by Panaseer —a specialist in continuous controls monitoring—the statistic that sets the alarm bells ringing is stark: 70 % of major breaches stem from “toxic combinations” of overlapping cybersecurity risks. Understanding the domino effect The term toxic comb...| Enterprise Security Tech
Password reuse just became a lot more dangerous. In what may be one of the largest credential-harvesting operations ever documented, threat actors have compiled 3.5 terabytes of stolen login data—now labeled the “Synthient Stealer Log Threat Data”—and it’s been added to Have I Been Pwned (HIBP). The dataset includes 183 million unique email addresses, each paired with the passwords and websites where they were stolen. For the average person juggling dozens of logins across apps an...| Enterprise Security Tech
When high-profile campaigns by groups like LAPSUS$ and Scattered Spider make headlines, they often leave the strong impression of technical wizardry: zero-days, clever malware, intricate breaches. But according to research from Flashpoint , that narrative misses the more profound evolution underway. Gone are the days when data extortion simply meant bulk-stealing databases: the playbook has matured to target the single most vulnerable link in modern enterprise security— human identity and...| Enterprise Security Tech
At a time when autonomous artificial-intelligence agents are increasingly conducting transactions, engaging with services and making decisions on behalf of humans, Incode Technologies is positioning itself at the vanguard of a shift in identity security. Yesterday the company unveiled its new solution, Agentic Identity , which is aimed squarely at giving enterprises the tools to verify, authorize and continuously monitor AI agents — by anchoring each one to a human. The problem: agents th...| Enterprise Security Tech
In what may prove to be a pivotal moment for enterprise AI security, Xage Security has partnered with NVIDIA to embed hardware-accelerated zero-trust protections deep into the network fabric of the modern data centre. The integration of Xage’s Fabric Platform with NVIDIA’s BlueField Data Processing Unit (DPU) signals a major move to secure “AI factories” and the infrastructure supporting agentic AI workflows. At its core, the alliance aims to address one of the fastest-growing cyber r...| Enterprise Security Tech
In a move underscoring the growing urgency of executive-digital exposure defense, Nashville-based 360 Privacy today announced two high-profile board additions and a C-suite promotion — signaling a deliberate shift from boutique privacy service toward full-scale enterprise digital risk platform.Strategic Expansion at the TopThe company has appointed Wendy Bahr and Brian Murphy to its board of directors. Alongside this, internal executive politics are shifting: Trinity Davis has been elevated...| Enterprise Sec Tech
This guest blog was contributed by Donald Fischer, Vice President at Sonar . AI-assisted coding is rapidly transforming enterprise software development, promising unprecedented speed and efficiency. But this transformation is not without risk. A recent report from Sonar, " The Coding Personalities of Leading LLMs ," delivered a stark finding: while a model like Claude Sonnet 4 provides significant performance gains, it also introduces a staggering 93% more vulnerabilities considered “severe...| Enterprise Security Tech
In what many in the cybersecurity world feared might happen, the global ransomware threat has begun to rev back into gear. According to research from NCC Group , after a sustained slide in attack volume, September saw a 28 % month-on-month increase in ransomware incidents—421 attacks globally, up sharply from lower levels in the preceding months. The Anatomy of the Surge While 421 attacks is still below half a thousand, the increase is significant primarily for what it signals: a potential...| Enterprise Security Tech
In a twist that might surprise even seasoned CISOs, the fourth annual Global Ransomware Survey from OpenText reveals a paradox: businesses are increasingly confident in their ability to bounce back from ransomware — yet at the same time, they’re quietly admitting that the real threats are multiplying and shifting in ways they’re only beginning to grasp. Confidence vs. Reality According to the survey of roughly 1,800 security practitioners and business leaders, 95 % of respondents say...| Enterprise Security Tech
In the steadily escalating conflict between cyber-defenders and adversaries, an emerging battleground is crystal clear: the gaming community. A new tool, originally designed for legitimate red-team operations, is now being weaponized against gamers—with alarming implications for credential theft, payment fraud and identity compromise.From open-source toolbox to weaponized infostealerFirst released publicly in 2024, the toolkit known as RedTiger was marketed as a versatile, Python-based fra...| Enterprise Sec Tech
This guest blog was contributed by Brad Gerlach, aProduct Manager at 11:11 Systems Cybersecurity has always been a high-stakes game of cat and mouse. Defenders build taller walls, and attackers find longer ladders. But with the rapid rise of AI, the very nature of this conflict is changing. AI is no longer just a tool for defenders; it’s being weaponized by cybercriminals to automate and scale attacks with unprecedented speed and sophistication. For IT security professionals, this new reali...| Enterprise Security Tech
This guest blog was contributed by Tom Findling , CEO and Co-Founder, Conifers.ai Artificial intelligence is reshaping the landscape, giving attackers new speed and scale while forcing defenders to rethink their operating methods. At the same time, the ongoing global shortage of skilled analysts has left security teams stretched thin and struggling to keep pace. Security leaders can’t hire enough people to tackle the problem. And they’ve invested a great deal in tools that seemed to hol...| Enterprise Security Tech
As October draws to a close, organizations worldwide are winding down campaigns marking Cybersecurity Awareness Month (NCSAM) —- an annual reminder to rethink our digital hygiene. But this year, the message landed in a very different place: no longer just about strong passwords and antivirus updates, but about who and what gets access . A new emphasis: identity at the core The theme for the 22nd edition of NCSAM underscored a stark reality: identities — both human and machine — are now ...| Enterprise Security Tech
A new class of cyber-attack has surfaced in the age of enterprise AI, and it is rewriting the data-governance rulebook. The stealthy exploit, dubbed Shadow Escape , reportedly allows bad actors to exfiltrate sensitive personal and organizational data via standard AI assistant workflows — even when all systems appear to be operating inside trusted boundaries. The vulnerability was uncovered by the security research team at Operant AI, which characterizes the attack as a zero-click chain that...| Enterprise Security Tech
Researchers have uncovered a new exploit that targets the AI-powered browsers Atlas by OpenAI and Comet by Perplexity, showing how attackers can create fake AI sidebars indistinguishable from the real interface to deliver malicious commands. The vulnerability—dubbed AI Sidebar Spoofing —was demonstrated by cybersecurity firm SquareX, which found that a rogue browser extension could overlay a counterfeit sidebar capable of intercepting every user interaction. The spoof mimics the authe...| Enterprise Security Tech
Researchers at Forescout’s Vedere Labs say they’ve pulled open a fresh set of dangerous doors in TP-Link’s Omada and Festa VPN appliances — two newly cataloged vulnerabilities that let an attacker execute shell commands as root and resurrect a patched debug backdoor. The duo of flaws, tracked as CVE-2025-7850 and CVE-2025-7851 , expose an uncomfortable truth: incremental patches that don’t remove legacy developer features can create new, high-severity attack paths. The most immedi...| Enterprise Security Tech
RecordPoint , the Australian-born data governance company trusted by global banks and regulators, has snapped up Redactive , a rising star in AI-driven data discovery and classification. The acquisition, announced October 21, underscores the rapid convergence of AI innovation and enterprise-grade data governance as organizations grapple with managing explosive data growth under tightening compliance regimes. AI for the Era of Data Deluge Founded just 18 months ago, Redactive made waves by...| Enterprise Security Tech
Hypori is taking another step toward redefining mobile security. The company—long recognized for its zero-trust virtual mobile infrastructure (VMI)—has launched Hypori Secure Messaging , a communications solution designed for environments where privacy, compliance, and auditability aren’t optional. Replacing Shadow IT with Mission-Ready Messaging For years, agencies and enterprises have relied on consumer-grade apps like Signal or WhatsApp for quick communication, often creating complia...| Enterprise Security Tech
A Russian-linked hacking group notorious for espionage against Western governments has returned with a faster, stealthier, and more aggressive malware campaign—this time disguised as a simple “I’m not a robot” CAPTCHA. Google’s Threat Intelligence Group (GTIG) has identified a new, modular malware suite developed by ColdRiver —also tracked as Star Blizzard , Callisto , and UNC4057 —that replaces the group’s previous toolset known as LostKeys . According to GTIG’s October 20 ...| Enterprise Security Tech
Cyderes , a global managed security powerhouse known for its rapid-response capabilities, just unveiled Howler Cell , a new strike-force-style division tasked with uncovering and neutralizing the world’s most advanced cyber adversaries. Led by former FBI agents and seasoned experts from Google, Rapid7, SentinelOne, and other major security players, Howler Cell operates as Cyderes’ intelligence nerve center — part research lab, part cyber-defense special operations unit. Its mission: to...| Enterprise Security Tech
The public sector’s digital ramparts are buckling under the pressure of increasingly sophisticated ransomware — and 2025 is proving to be a watershed year. According to fresh intelligence gathered by the cyber-defence unit of Trustwave SpiderLabs (a division of Trustwave, now under LevelBlue), nearly 200 government or public-service entities around the globe have already been hit by ransomware so far this year. These attacks aren’t isolated incidents of data theft —they’re orchestra...| Enterprise Security Tech
Silicon Valley’s API security specialist Cequence Security yesterday made official what had been quietly gaining momentum: the full launch and expansion of its Partner Program, underscoring the company’s deliberate transition to a channel-only business model. With a striking metric — 74 % of its net-new revenue already coming through partners — Cequence is positioning itself as one of the few players in the API-security and bot-management landscape to lean entirely on a partner-led...| Enterprise Security Tech
As software supply chain threats continue to evolve from nuisance to existential risk, Chainguard is doubling down on its mission to make open source dependencies verifiably safe. The company today announced the general availability of Chainguard Libraries for Python , a new class of trusted, continuously verified open source builds that now includes built-in CVE remediation — giving developers a way to stay secure without constantly chasing version upgrades. Securing the Software Commons...| Enterprise Security Tech
In an era when security teams are drowning in alerts but starving for context, Axonius is aiming to shift the paradigm from visibility to meaningful action. Today, the asset-intelligence specialist introduced Axonius AI™ , an operational artificial-intelligence engine anchored in its flagship platform, the Axonius Asset Cloud™, and rolled out significantly expanded capabilities — including the newly packaged Axonius for Healthcare™, targeting hospital and clinical environments...| Enterprise Security Tech
Security researchers at Varonis have uncovered a subtle yet powerful flaw in Microsoft Azure’s application registration system that allowed malicious actors to create fake apps with names like “Azure Portal,” bypassing long-standing safeguards meant to prevent impersonation of official Microsoft tools.The loophole—since patched by Microsoft—stemmed from the use of hidden Unicode characters to disguise application names. By inserting invisible “Combining Grapheme Joiner” characte...| Enterprise Sec Tech
