cybersecurity

23 ClawHub plugins squatting official scopes expose AI registry security gaps

agentic AI, AI, cybersecurity, Don't miss, News, OpenClaw, research, Video /

23 ClawHub plugins squatting official scopes expose AI registry security gaps 2026-06-22 at 11:00 By Help Net Security Plugin registries for AI agents use npm-style scopes like @openclaw/ and @clawhub/ to signal who published a package. But on ClawHub, a registry whose plugins run with Claude, OpenClaw, and other agents, those official scopes weren’t reserved […]

23 ClawHub plugins squatting official scopes expose AI registry security gaps Read More »

Who pays when you gate cyber-capable AI models?

AI, CISO, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Risk Management, strategy /

Who pays when you gate cyber-capable AI models? 2026-06-22 at 09:00 By Mirko Zorz In this interview with Help Net Security, Jaya Baloo, COO & CISO at Aisle, examines the debate over restricting access to cyber-capable AI models. She lays out the strongest argument for gating these tools, then explains where it breaks down for

Who pays when you gate cyber-capable AI models? Read More »

Agent Beacon: Open-source telemetry layer for AI agents

agentic AI, AI, cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, security telemetry, software /

Agent Beacon: Open-source telemetry layer for AI agents 2026-06-22 at 08:30 By Mirko Zorz AI coding agents such as Claude Code, Codex CLI, Cursor, and Claude Cowork run on developer laptops, CI jobs, cloud environments, where they edit files, run commands, and call outside tools. Beacon, an open-source project from Asymptote Labs, configures telemetry for

Agent Beacon: Open-source telemetry layer for AI agents Read More »

Encrypted DNS still tells an eavesdropper where to look

cybersecurity, data analysis, DNS, Don't miss, Encryption, Features, Hot stuff, Internet of Things, network, News, packet analysis, Privacy, research /

Encrypted DNS still tells an eavesdropper where to look 2026-06-22 at 08:00 By Mirko Zorz Encrypted DNS runs across much of the Internet. DNS over TLS, HTTPS, and QUIC keep the contents of a query away from anyone watching a network link. The encryption covers the message inside each packet. The packet still carries plaintext

Encrypted DNS still tells an eavesdropper where to look Read More »

Product showcase: Avira Security for iOS blends security, privacy, and device optimization

antivirus, Avira, cybersecurity, mobile security, News, Privacy, VPN /

Product showcase: Avira Security for iOS blends security, privacy, and device optimization 2026-06-22 at 07:30 By Anamarija Pogorelec Avira Mobile Security for iOS combines security, privacy, and device optimization tools in a single application. The app is also available for Android, macOS, and Windows devices. After downloading the application from the App Store users are

Product showcase: Avira Security for iOS blends security, privacy, and device optimization Read More »

Your browser tab could become encrypted storage for someone else’s files

browser, cybersecurity, data, Don't miss, Encryption, Features, Hot stuff, News, research, storage /

Your browser tab could become encrypted storage for someone else’s files 2026-06-19 at 08:30 By Mirko Zorz Decentralized storage networks already hand pieces of people’s data to strangers’ machines. The lasting question across these networks is whether the machine holding the data can read it. A research paper by Gregory Magarshak, a professor at IENYC,

Your browser tab could become encrypted storage for someone else’s files Read More »

Operation FanTrap: Inside the FIFA 2026 Fraud Ecosystem

cyber news, cybersecurity, darkweb, OSINT, phishing /

Operation FanTrap: Inside the FIFA 2026 Fraud Ecosystem 2026-06-18 at 17:05 By Ashish Khaitan Executive Summary  The FIFA World Cup 2026 has become more than a global sporting event. It has evolved into a large-scale cybercrime opportunity exploited by threat actors through a coordinated ecosystem of fraudulent domains, social media channels, messaging platforms, pirated streaming

Operation FanTrap: Inside the FIFA 2026 Fraud Ecosystem Read More »

What happens to oversight when AI agents write a lab’s own code

agentic AI, AI, cybersecurity, Don't miss, News, research /

What happens to oversight when AI agents write a lab’s own code 2026-06-18 at 08:00 By Mirko Zorz Inside the labs building frontier AI, a growing share of the coding gets done by the AI itself. These agents write, edit, and run software with light human oversight between steps, and they reach into production infrastructure,

What happens to oversight when AI agents write a lab’s own code Read More »

France to stop certifying products lacking quantum-resistant encryption

Cryptography, cybersecurity, Latest News, quantum computing /

France to stop certifying products lacking quantum-resistant encryption 2026-06-18 at 07:06 By Felix Ng France’s cybersecurity agency plans to block certification of products without quantum-resistant encryption starting in 2027, with full adoption targeted for 2030. This article is an excerpt from Cointelegraph.com News View Original Source

France to stop certifying products lacking quantum-resistant encryption Read More »

Most agentic AI projects in production have stalled over data problems

AI, automation, Confluent, cybersecurity, data, LLMs, News, report /

Most agentic AI projects in production have stalled over data problems 2026-06-18 at 07:00 By Anamarija Pogorelec Enterprises are connecting AI agents to live data feeds and putting them to work on tasks that once required human review, from IT operations to software development. The number doing this in production reached 32 percent in 2026,

Most agentic AI projects in production have stalled over data problems Read More »

Low-skilled attacker used Claude, Codex to breach 14 companies

agentic AI, attack, attack tools, Claude Code, cybersecurity, Don't miss, Hot stuff, LLMs, News, research /

Low-skilled attacker used Claude, Codex to breach 14 companies 2026-06-17 at 18:43 By Zeljka Zorz Researchers have long warned that AI agents could lower the skill floor for offensive cyber operations, and a recent report by OALABS (Open Analysis) researchers bears that out. After recovering and analyzing over 1,000 agent sessions from a compromised server

Low-skilled attacker used Claude, Codex to breach 14 companies Read More »

What’s new in Android 17? Anti-theft tools, scam detection, and parental controls

Android, cybersecurity, Google, location tracking, News, Privacy, software development /

What’s new in Android 17? Anti-theft tools, scam detection, and parental controls 2026-06-17 at 13:40 By Anamarija Pogorelec The Android 17 rollout has started for supported Pixel devices, delivering new security and privacy capabilities before expanding to other devices later this year. Security and privacy updates Google has improved location privacy features so users can

What’s new in Android 17? Anti-theft tools, scam detection, and parental controls Read More »

The Chainguard Athena coalition already shipped 2,000 patches across 500 open source projects

Chainguard, cybersecurity, DevSecOps, Don't miss, News, open source, vulnerability management /

The Chainguard Athena coalition already shipped 2,000 patches across 500 open source projects 2026-06-17 at 12:42 By Mirko Zorz Chainguard launched Athena, an industry coalition that pools open source vulnerability findings and remediates them under embargo before public disclosure. The group went live with more than two dozen member organizations. Founding members include BNY, Chainguard,

The Chainguard Athena coalition already shipped 2,000 patches across 500 open source projects Read More »

The SOC’s visibility gap comes down to staffing

agentic AI, AI, cybersecurity, Don't miss, LLMs, News, SANS, security operations, SOC, survey, Threat Intelligence /

The SOC’s visibility gap comes down to staffing 2026-06-17 at 09:00 By Mirko Zorz AI has settled into security operations centers faster than any earlier wave of technology. Around four in five practitioners report reaching for AI or machine learning tools in their daily work. The catch shows up one layer down. Roughly a third

The SOC’s visibility gap comes down to staffing Read More »

The checklist problem behind critical infrastructure cyber safety

asset discovery, Compliance, critical infrastructure, cyber resilience, cyber risk, cybersecurity, Don't miss, Government, ICS/SCADA, News, policy, regulation, research, USA /

The checklist problem behind critical infrastructure cyber safety 2026-06-17 at 07:00 By Anamarija Pogorelec An asset owner can meet major federal cyber compliance standards and still run equipment that lacks the engineering to withstand an attack or a failure. New research from George Mason University examines how United States cyber policy defines reasonable care for

The checklist problem behind critical infrastructure cyber safety Read More »

Software supply chains are heading for a transparency test

Compliance, cybersecurity, ENISA, EU, Europe, News, regulation, software development, supply chain /

Software supply chains are heading for a transparency test 2026-06-16 at 12:24 By Anamarija Pogorelec Software supply chain visibility is becoming part of product security work as the EU Cyber Resilience Act (CRA) moves toward application in December 2027. ENISA’s SBOM Adoption State of Play 2026 shows organizations preparing for CRA obligations through SBOM tooling,

Software supply chains are heading for a transparency test Read More »

Reachability makes AI threat modeling worth the trust

CXO, cybersecurity, Don't miss, Features, Hot stuff, how-to, News, opinion, scanning, threat modeling, tips /

Reachability makes AI threat modeling worth the trust 2026-06-16 at 09:00 By Mirko Zorz In this interview with Help Net Security, Oscar Andersson, CTO at Oplane, explains why most scanning tools fail. They cry wolf, flagging threats that cannot run in real code. The argument centers on reachability. A finding counts only when someone walks

Reachability makes AI threat modeling worth the trust Read More »

Onspring CISO on where automated GRC systems fall short

automation, CISO, cyber risk, cybersecurity, Don't miss, Features, GRC, Hot stuff, monitoring, News, opinion, Risk Management /

Onspring CISO on where automated GRC systems fall short 2026-06-15 at 09:00 By Mirko Zorz In this interview with Help Net Security, Nichole Windholz, CISO at Onspring, talks about the limits of automated GRC systems and continuous control monitoring. She explains why color-coded dashboards can hide nuance, how teams can check the data feeding their

Onspring CISO on where automated GRC systems fall short Read More »

How to use NIST and ISO frameworks to govern AI agents

agentic AI, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, framework, Hot stuff, News, NIST, opinion, Token Security /

How to use NIST and ISO frameworks to govern AI agents 2026-06-12 at 11:07 By Help Net Security Security leaders no longer need convincing that AI agents introduce risk. What’s missing is how to govern them once they move into production and begin operating autonomously across enterprise environments. AI agents already read sensitive documents, invoke

How to use NIST and ISO frameworks to govern AI agents Read More »

The assembly line behind 1.5 million malicious domains

AWS, Cloudflare, cybercrime, cybersecurity, domain information, Don't miss, News, research, threats, VirusTotal /

The assembly line behind 1.5 million malicious domains 2026-06-12 at 11:07 By Anamarija Pogorelec Attackers registered roughly 1.5 million malicious domains during the first five months of 2026. The registration patterns resemble industrial output. Most of the domains were created by attackers, put to use within weeks, and concentrated among a small set of registrars,

The assembly line behind 1.5 million malicious domains Read More »

Scroll to Top