Browsing Tag
Enterprise Security
17 posts
Security issues affecting enterprise software, IT systems, identity, observability, and business infrastructure.
F5’s Emergency NGINX Patches Put Web Server Teams on a Fast Upgrade Clock
F5 issued out-of-band NGINX updates for flaws affecting HTTP/3, proxy protocol, gRPC, Gateway Fabric, and related products. Teams running internet-facing NGINX should check versions, exposed modules, Kubernetes ingress paths, and temporary mitigations before treating this as routine patching.
Accenture’s Dragos Deal Puts OT Security on an AI Threat Clock
Accenture agreed to take a majority stake in Dragos and buy runZero and NetRise, creating a $4.175 billion bet on operational technology security as AI and geopolitical risk push industrial systems onto the cybersecurity agenda.
HPE Turns Juniper Into the Network Layer for AI Factories
HPE used Discover 2026 to fold Juniper deeper into its AI data center strategy, adding QFX switches for inference and AMD Helios, Mist and Marvis AIOps updates, and SASE controls for self-driving networks.
LiteSpeed cPanel Flaw Puts Shared Hosting Servers on CISA’s Patch Clock
CISA added CVE-2026-54420, an actively exploited LiteSpeed cPanel plugin flaw, to its Known Exploited Vulnerabilities catalog. Shared hosting providers running CloudLinux or CageFS should move to the fixed plugin versions, check cPanel logs, and treat suspicious access as a possible root-level incident.
NewCore’s $66M Launch Puts AI Agents Inside the Identity Stack
NewCore emerged from stealth with $66 million and an identity-security platform built for AI agents. The launch shows why enterprises need agent identities, revocation paths, and access controls before autonomous tools touch production systems.
Oracle PeopleSoft Zero-Day Turns ERP Servers Into an Incident Response Priority
Oracle’s CVE-2026-35273 alert, CISA’s exploited-vulnerability listing, and Mandiant’s ShinyHunters findings make PeopleSoft patching only the first step. Exposed systems need log review, endpoint checks, and network hardening now.
Splunk Enterprise Flaw Hits CISA’s Exploited-Vulnerability List
CISA added CVE-2026-20253 to its Known Exploited Vulnerabilities catalog after evidence of active exploitation, and Splunk now says it is aware of limited exploitation. Affected self-managed Splunk Enterprise 10.0 and 10.2 systems should upgrade or carefully apply the PostgreSQL sidecar mitigation.