2026

Anthropic’s magic code-sniffer: More Swiss cheese than cheddar, for now

Anthropic’s magic code-sniffer: More Swiss cheese than cheddar, for now 2026-04-27 at 11:49 By Rupert Goodwins AI vuln-hunter finds what humans taught it to find. Funny that Opinion  In retrospect, calling it Mythos made it a hostage to fortune. Anthropic may have hoped that the name implied its AI code security model had mythical god-like […]

Anthropic’s magic code-sniffer: More Swiss cheese than cheddar, for now Read More »

Aptori expands its platform with autonomous offensive testing to reduce security bottlenecks

Aptori expands its platform with autonomous offensive testing to reduce security bottlenecks 2026-04-27 at 11:49 By Industry News Aptori has expanded its Runtime-Driven Validation Platform with autonomous offensive testing capabilities to address the growing gap between code output and security team capacity. By moving beyond passive scanning to active validation, the platform helps organizations identify,

Aptori expands its platform with autonomous offensive testing to reduce security bottlenecks Read More »

Firefox Vulnerability Allows Tor User Fingerprinting

Firefox Vulnerability Allows Tor User Fingerprinting 2026-04-27 at 11:49 By Eduard Kovacs The vulnerability is tracked as CVE-2026-6770 and it has been patched with the release of Firefox 150 and Tor 15.0.10. The post Firefox Vulnerability Allows Tor User Fingerprinting appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Firefox Vulnerability Allows Tor User Fingerprinting Read More »

Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud

Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud 2026-04-27 at 11:48 By Cybersecurity researchers have disclosed details of a telecommunications fraud campaign that uses fake CAPTCHA verification tricks to dupe unsuspecting users into sending international text messages that incur charges on their mobile bills, generating illicit revenue for the threat

Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud Read More »

Your IAM was built for humans, AI agents don’t care

Your IAM was built for humans, AI agents don’t care 2026-04-27 at 11:18 By Help Net Security Identity and access management was built for a simpler world. One where the hardest problem was a human logging in, and where “Who are you?” was sufficient to decide what someone could do. That model served enterprises well

Your IAM was built for humans, AI agents don’t care Read More »

The AI criminal mastermind is already hiring on gig platforms

The AI criminal mastermind is already hiring on gig platforms 2026-04-27 at 10:30 By Mirko Zorz Labor-hire platforms let anyone with a credit card post a task and pay a stranger to complete it. The RentAHuman platform extends that model to AI agents through a Model Context Protocol server, allowing an agent to post gigs

The AI criminal mastermind is already hiring on gig platforms Read More »

25 open-source cybersecurity tools that don’t care about your budget

25 open-source cybersecurity tools that don’t care about your budget 2026-04-27 at 10:30 By Anamarija Pogorelec Regardless of the operating system you use, managing secrets, apps, cloud, compliance, and security operations can be overwhelming. The free, open-source tools presented in this article can help you detect threats, increase visibility, enforce controls, and investigate and respond

25 open-source cybersecurity tools that don’t care about your budget Read More »

Product showcase: LuLu reveals unauthorized outbound connections from Mac apps

Product showcase: LuLu reveals unauthorized outbound connections from Mac apps 2026-04-27 at 07:03 By Anamarija Pogorelec LuLu is a free, open-source firewall for macOS that lets you control which apps are allowed to send data from your computer. macOS includes a built-in firewall, but it mainly handles incoming connections. LuLu also monitors outgoing traffic. Installing

Product showcase: LuLu reveals unauthorized outbound connections from Mac apps Read More »

Google Cloud Next proves what we suspected: Everything is AI now

Google Cloud Next proves what we suspected: Everything is AI now 2026-04-27 at 04:57 By Brandon Vigliarolo Join us for this week’s Kettle as we dive into GCN and the latest not-so-alarming revelations about Mythos KETTLE  If you needed further evidence that AI comes first in pretty much everything nowadays, look no further than this

Google Cloud Next proves what we suspected: Everything is AI now Read More »

Go straight to sell! Windows second-chance setup hawks Microsoft services at IT’s expense

Go straight to sell! Windows second-chance setup hawks Microsoft services at IT’s expense 2026-04-26 at 15:06 By Avram Piltch The OS trying to upsell you subscriptions is more than just an annoyance opinion  You’ve had your laptop for months, and you’ve always made sure it installed Microsoft updates. Then one day you boot up, and

Go straight to sell! Windows second-chance setup hawks Microsoft services at IT’s expense Read More »

Week in review: Claude Mythos finds 271 Firefox flaws, Vercel breach

Week in review: Claude Mythos finds 271 Firefox flaws, Vercel breach 2026-04-26 at 12:27 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines Boost Security has released SmokedMeat, an open-source framework that runs attack chains

Week in review: Claude Mythos finds 271 Firefox flaws, Vercel breach Read More »

Ex-AWS legend explains what enterprises need to make AI actually work

Ex-AWS legend explains what enterprises need to make AI actually work 2026-04-25 at 17:17 By Thomas Claburn AI transformation is about people and organization, not technology Enterprise AI projects go off the rails when companies focus on the technology instead of the people.… This article is an excerpt from The Register View Original Source

Ex-AWS legend explains what enterprises need to make AI actually work Read More »

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks 2026-04-25 at 14:57 By Ionut Arghire Dubbed GopherWhisper, the group relies on multiple Go-based backdoors alongside custom loaders and injectors. The post China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks Read More »

Crime crew impersonates help desk, abuses Microsoft Teams to steal your data

Crime crew impersonates help desk, abuses Microsoft Teams to steal your data 2026-04-25 at 12:49 By Jessica Lyons Coming in cold with custom Snow malware A previously unknown threat group using tried-and-tested social engineering tactics – Microsoft Teams chat invitations and helpdesk staff impersonation – is also using custom malware in its data-stealing attacks, according

Crime crew impersonates help desk, abuses Microsoft Teams to steal your data Read More »

Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software

Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software 2026-04-25 at 12:48 By Cybersecurity researchers have discovered a new Lua-based malware created years before the notorious Stuxnet worm that aimed to sabotage Iran’s nuclear program by destroying uranium enrichment centrifuges. According to a new report published by SentinelOne, the previously undocumented cyber sabotage framework dates back

Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software Read More »

CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline

CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline 2026-04-25 at 11:19 By The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added four vulnerabilities impacting SimpleHelp, Samsung MagicINFO 9 Server, and D-Link DIR-823X series routers to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of

CISA Adds 4 Exploited Flaws to KEV, Sets May 2026 Federal Deadline Read More »

DeepSeek’s new models are so efficient they’ll run on a toaster … by which we mean Huawei’s NPUs

DeepSeek’s new models are so efficient they’ll run on a toaster … by which we mean Huawei’s NPUs 2026-04-25 at 01:03 By Tobias Mann Now available in preview, DeepSeek V4 cuts inference costs to a fraction of R1 Chinese AI darling DeepSeek is back with a new open weights large language model that promises performance

DeepSeek’s new models are so efficient they’ll run on a toaster … by which we mean Huawei’s NPUs Read More »

Tesla’s Cybercab robotaxi has entered production, Elon Musk says

Tesla’s Cybercab robotaxi has entered production, Elon Musk says 2026-04-24 at 23:27 By Thomas Barrabi Splashy promotional videos shared on X by Tesla and Musk showed the robotaxi, which doesn’t have a steering wheel or pedals, drive itself off the factory floor at the company’s Gigafactory in Austin, Texas. This article is an excerpt from

Tesla’s Cybercab robotaxi has entered production, Elon Musk says Read More »

Scroll to Top