Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

STARDUST CHOLLIMA Likely Compromises Axios npm Package

On March 31, 2026, a threat actor used stolen maintainer credentials to compromise the widely used HTTP client library Axios Node Package Manager (npm) package and deploy platform-specific ZshBucket variants. CrowdStrike Counter Adversary Operations attributes this activity to STARDUST CHOLLIMA with moderate confidence based on the adversary’s deployment of updated variants of ZshBucket (malware uniquely attributed to STARDUST CHOLLIMA) and overlaps with known STARDUST CHOLLIMA infrastructure.

March Release Rollup: Egnyte MCP Server Controls, Egnyte Sign Enhancements, and More

We’re excited to share new updates and enhancements for March, including: For more info on these updates, check out the list below and dive into the detailed articles. Please join the Egnyte Community to get the latest updates, chat with experts, share feedback, and learn from other users.

DSPM, DLP, and AI Security: Why You Need All Three

Security budgets are tightening, and tool consolidation reviews keep landing on the same three categories: data security posture management (DSPM), data loss prevention (DLP), and AI security. At the same time, vendor marketing has done little to clarify the differences among the three and the path for organizations needing to enhance data security efficiently.

Proven incident response and business continuity strategy

From cybersecurity breaches to natural disasters, disruptive events can occur suddenly and without warning. As a result, it is crucial for organizations to develop resilient plans that not only respond to incidents in real time but also ensure long-term operational survivability. This article examines the concepts of incident response and business continuity, exploring their differences and similarities while offering practical strategies to integrate them into a cohesive operational plan.

BitLocker Encryption Management for Windows Devices

Every Windows laptop used in your organization carries sensitive data: customer records, internal documents, credentials, and intellectual property. If even one of those devices is lost or stolen without encryption, the consequences can be severe. According to industry insights, over 70% of data breaches originate at endpoint devices, highlighting the growing risk posed by unmanaged devices.

10 Fantastic SSO Platforms for the Best Enterprise Security

In 2026, Single Sign-On (SSO) is no longer just a convenience feature. It has become a foundational pillar of enterprise security, user experience, and IT governance. As organizations accelerate cloud adoption and expand their SaaS ecosystems, the demand for the best SSO solutions has never been higher.

The Sword Has Been Drawn: What DarkSword's Expansion in the Wild Means for Mobile Security and the Enterprise

The last few weeks have marked a chaotic turning point in the mobile threat landscape. We’ve seen mass exploitations across numerous iOS versions by multiple threat actors, driven by sophisticated exploit chains like Coruna and now DarkSword. What makes these threats different is not just their activity, but their trajectory. Until recently, these capabilities were expensive, highly secretive, and limited to a small number of advanced actors. Now, that dynamic has shifted rapidly.

Sovereign Cloud vs Public Cloud: A Side-by-Side Technical Comparison

Cloud adoption is no longer a binary decision. Most enterprises already use public cloud in some form. The real question in 2026 is whether that model satisfies growing requirements around data residency, regulatory compliance, and jurisdictional control. Sovereign cloud has emerged as a response to those pressures. It is designed to ensure that data, infrastructure, and operational control remain within a defined legal boundary. For organizations operating in regulated industries or across multiple jurisdictions, that distinction has become critical.