๐Ÿท๏ธ enterprise-security

8 articles tagged enterprise-security.

CISA and Five Allies Tell You Not to Put LLMs in Safety-Critical OT Systems โ€” Here's the Actual Guidance

CISA and Five Allies Tell You Not to Put LLMs in Safety-Critical OT Systems โ€” Here's the Actual Guidance

A joint guidance document issued by CISA, the Australian Signals Directorate's ACSC, and international partners establishes principles for integrating AI into operational technology environments. The guidance explicitly differentiates acceptable AI use by Purdue Model layer, warns against LLM-first approaches for safety-critical decisions in OT, and requires AI vendors supplying OT environments to provide software bills of materials, data residency documentation, and transparent AI feature disclosure. For organizations running smart buildings and industrial systems, this is the clearest official framework yet for AI in OT.

 TrapDoor: The Supply Chain Attack Targeting AI Developers That's Stealing Cloud Keys and SSH Credentials

TrapDoor: The Supply Chain Attack Targeting AI Developers That's Stealing Cloud Keys and SSH Credentials

The TrapDoor supply chain campaign, active as of May 22, 2026, is targeting AI developer communities through malicious packages in public repositories. The packages use preinstall scripts to steal cloud credentials, SSH keys, and developer secrets, then exfiltrate them through GitHub-based command and control infrastructure. The campaign is specifically targeting the tooling and repositories used by AI development teams โ€” a population with access to cloud environments, model infrastructure, and enterprise data pipelines.

 CVSS 10.0: Interlock Ransomware Exploited Cisco's Firewall Zero-Day for Weeks Before Cisco Knew

CVSS 10.0: Interlock Ransomware Exploited Cisco's Firewall Zero-Day for Weeks Before Cisco Knew

CVE-2026-20131 in Cisco Secure Firewall Management Center carries the maximum possible CVSS score of 10.0 and allows unauthenticated remote attackers to execute arbitrary Java code as root via an insecure deserialization flaw. The Interlock ransomware group was exploiting it as a zero-day from January 26, 2026 โ€” more than a month before Cisco disclosed the vulnerability publicly โ€” using memory-resident web shells, custom JavaScript and Java remote access trojans, and Active Directory certificate abuse to move through victim networks.

 Routers Are Now the Riskiest Device in Your Network: The 2026 Connected Device Risk Report

Routers Are Now the Riskiest Device in Your Network: The 2026 Connected Device Risk Report

New research tracking connected device risk across IT, OT, IoT, and IoMT environments has named routers the single most dangerous device category in enterprise networks, averaging 32 vulnerabilities per device and accounting for roughly a third of all critical vulnerabilities found in corporate infrastructure. Forty percent of device types on the 2026 riskiest list are entirely new entries, and 75% were not on the list two years ago โ€” a pace of attack surface expansion that most security programs are not designed to absorb.

 Vercel Got Hacked Through an AI Tool's OAuth Token โ€” Every Enterprise Using Third-Party AI Has This Problem

Vercel Got Hacked Through an AI Tool's OAuth Token โ€” Every Enterprise Using Third-Party AI Has This Problem

Attackers breached Vercel by compromising Context.ai's Google Workspace OAuth application, stealing an employee's credentials and accessing customer data. The attack vector โ€” a trusted third-party AI tool with OAuth access to enterprise systems โ€” is present in thousands of organizations.

 Shadow AI Is Your Biggest Unmanaged IoT Problem โ€” And 76% of Organizations Already Have It

Shadow AI Is Your Biggest Unmanaged IoT Problem โ€” And 76% of Organizations Already Have It

Shadow AI has surged to 76% of organizations in 2026, up from 61% a year ago. AI agents now autonomously control IoT devices, access operational systems, and make decisions without security oversight. The result is a new category of unmanaged attack surface that most enterprise security teams aren't equipped to handle.

 165 Vulnerabilities, Zero-Day SharePoint Exploits, and AI Prompt Injection: Microsoft's April Patch Tuesday Is a Turning Point

165 Vulnerabilities, Zero-Day SharePoint Exploits, and AI Prompt Injection: Microsoft's April Patch Tuesday Is a Turning Point

Microsoft's April 2026 Patch Tuesday addressed 165 vulnerabilities โ€” including actively exploited SharePoint zero-days and, for the first time, AI prompt injection vulnerabilities in Microsoft 365 Copilot. The AI attack surface is officially on the patch list.

 Streamlining Enterprise Security for Multi-Location Organizations: Strategies and Best Practices

Streamlining Enterprise Security for Multi-Location Organizations: Strategies and Best Practices

Enhance security in large organizations with multiple locations and a small security team by implementing centralized security management and robust access control systems.

โ† All topics

Ask Sage ๐Ÿค–