Black Hat Asia 2026 Is Coming to Singapore — Here’s What the Threat Landscape Looks Like Ahead of It 2026-04-13 at 16:17 By Ashish Khaitan As the cybersecurity community prepares for Black Hat Asia 2026 Singapore, the conversation is shifting from isolated incidents to systemic risk. The Black Hat Asia 2026 conference arrives at a […]
Google makes it harder to exploit Pixel 10 modem firmware 2026-04-13 at 15:44 By Sinisa Markovic Google is working to improve the security of Pixel phones by focusing on the cellular baseband modem, a part of the device that handles communication with mobile networks and processes external data. In the Pixel 9, the company introduced
Google makes it harder to exploit Pixel 10 modem firmware Read More »
Seized VerifTools servers expose 915,655 fake IDs, 8 arrested 2026-04-13 at 13:22 By Anamarija Pogorelec On April 7 and 8, Dutch police arrested eight suspects in a nationwide operation targeting users of the VerifTools platform as part of an identity fraud investigation. The suspects, all men aged 20 to 34, are accused of identity fraud,
Seized VerifTools servers expose 915,655 fake IDs, 8 arrested Read More »
Fixing vulnerability data quality requires fixing the architecture first 2026-04-13 at 09:02 By Mirko Zorz In this Help Net Security interview, Art Manion, Deputy Director at Tharros, examines why vulnerability data across repositories stays inconsistent and hard to trust. The problem starts with systems not designed to collect or manage that data well. They introduce
Fixing vulnerability data quality requires fixing the architecture first Read More »
Bringing governance and visibility to machine and AI identities 2026-04-13 at 07:32 By Mirko Zorz In this Help Net Security interview, Archit Lohokare, CEO of AppViewX, explains how the rise of AI marked a turning point where machine and AI agent identities began converging into a single problem. Drawing on his experience across IBM and
Bringing governance and visibility to machine and AI identities Read More »
When Geopolitical Conflict Spills into Cyberspace — How US Organizations Should Respond 2026-04-10 at 17:22 By Ashish Khaitan Modern conflict no longer begins with troops crossing borders; it often starts with packets crossing networks. For example, the escalation on February 28, 2026, involving Iran, the United States, and Israel gives insights on how quickly geopolitical cyber threats can evolve into
When Geopolitical Conflict Spills into Cyberspace — How US Organizations Should Respond Read More »
Little Snitch for Linux shows what your apps are connecting to 2026-04-10 at 11:48 By Mirko Zorz Network monitoring on Linux has long been a gap for users who want per-process visibility into outbound connections. Existing tools either operate at the command line or were designed for server security rather than desktop privacy. Objective Development,
Little Snitch for Linux shows what your apps are connecting to Read More »
April 2026 Patch Tuesday forecast: Spring-cleaning of a preview 2026-04-10 at 10:37 By Help Net Security I just blinked and the first quarter of the year is GONE. Where does the time go? I looked back at my article from last month where I touched on the use of AI and some of the vulnerabilities
April 2026 Patch Tuesday forecast: Spring-cleaning of a preview Read More »
What vibe hunting gets right about AI threat hunting, and where it breaks down 2026-04-10 at 08:57 By Mirko Zorz In this Help Net Security interview, Aqsa Taylor, Chief Security Evangelist, Exaforce, explains vibe hunting, an AI-driven approach to threat detection that inverts traditional hypothesis-driven methods. Instead of analysts defining attack vectors upfront, the AI
What vibe hunting gets right about AI threat hunting, and where it breaks down Read More »
The Week in Vulnerabilities: OpenClaw, FreeBSD, F5 BIG-IP, and Critical ICS Bugs 2026-04-09 at 14:24 By Mihir Bagwe Cyble Research & Intelligence Labs (CRIL) weekly vulnerability report tracked 1,960 vulnerabilities last week, reflecting a continued surge in vulnerability disclosures across enterprise and cloud ecosystems. Of these, 248 vulnerabilities have publicly available Proof-of-Concept (PoC) exploits, significantly
The Week in Vulnerabilities: OpenClaw, FreeBSD, F5 BIG-IP, and Critical ICS Bugs Read More »
AI agent intent is a starting point, not a security strategy 2026-04-09 at 08:53 By Mirko Zorz In this Help Net Security video, Itamar Apelblat, CEO of Token Security, walks through findings from the company’s research, which shows that 65% of agentic chatbots have never been used yet still hold live access credentials. He explains
AI agent intent is a starting point, not a security strategy Read More »
Asqav: Open-source SDK for AI agent governance 2026-04-09 at 08:27 By Mirko Zorz AI agents are executing consequential tasks autonomously, often across multiple systems and with little record of what they did or why. Asqav, a Python SDK released under the MIT license, addresses that gap by attaching a cryptographic signature to each agent action
Asqav: Open-source SDK for AI agent governance Read More »
Dual-Brain Architecture: The Cybersecurity AI Innovation That Changes Everything 2026-04-08 at 15:45 By Ashish Khaitan Cybersecurity has always been a race, but it is no longer a fair one. Attackers now operate at machine speed, orchestrating campaigns that evolve in seconds, while many defense teams still rely on workflows measured in hours or days. This widening gap
Dual-Brain Architecture: The Cybersecurity AI Innovation That Changes Everything Read More »
Iranian cyber activity hits US energy, water, and government networks 2026-04-08 at 15:06 By Anamarija Pogorelec U.S. government agencies on Tuesday warned American organizations about ongoing cyber activity targeting OT and PLC devices, including those manufactured by Rockwell Automation and Allen-Bradley, across multiple critical infrastructure sectors. The activity has been attributed to Iranian-affiliated APT actors
Iranian cyber activity hits US energy, water, and government networks Read More »
What managing partners should ask AI vendors before signing any contract 2026-04-08 at 09:28 By Mirko Zorz In this Help Net Security interview, Kumar Ravi is the Chief Security & Resilience Officer at TMF Group, argues that over-privileged access and weak workflow controls pose more danger than ransomware attacks, precisely because they accumulate quietly and
What managing partners should ask AI vendors before signing any contract Read More »
Comp AI: The open-source way to get compliant with SOC 2, ISO 27001, HIPAA and GDPR 2026-04-07 at 12:01 By Anamarija Pogorelec Getting a startup through a SOC 2 audit has long meant months of manual evidence collection, policy writing, and repeated back-and-forth with auditors. A growing number of compliance platforms have moved to automate
Comp AI: The open-source way to get compliant with SOC 2, ISO 27001, HIPAA and GDPR Read More »
The case for fixing CWE weakness patterns instead of patching one bug at a time 2026-04-07 at 09:24 By Mirko Zorz In this Help Net Security interview, Alec Summers, MITRE CVE/CWE Project Lead, discusses how CWE is moving from a background reference into active use in vulnerability disclosure. More CVE records now include CWE mappings
The case for fixing CWE weakness patterns instead of patching one bug at a time Read More »
UK Businesses Are Being Targeted Through Their Middle East Supply Chains — What to Do Now 2026-04-06 at 15:32 By Ashish Khaitan The conversation around cyber risk in the UK has shifted. It is no longer confined to domestic networks, internal systems, or even direct attacks on British infrastructure. The weak link sits thousands of
Residential proxies make a mockery of IP-based defenses 2026-04-06 at 09:16 By Sinisa Markovic Attack traffic moved through ordinary home and mobile connections in ways that limited the usefulness of IP reputation on its own. GreyNoise observed 4 billion malicious sessions during a 90-day period and described activity that appeared indistinguishable from normal user traffic
Residential proxies make a mockery of IP-based defenses Read More »
IT talent looks the other way as wireless security incidents pile up 2026-04-06 at 09:16 By Sinisa Markovic Enterprise wireless networks are supporting a growing mix of devices and applications, increasing operational demand and security exposure. The 2026 Cisco State of Wireless report reflects these conditions through rising incident rates, higher costs, and ongoing staffing
IT talent looks the other way as wireless security incidents pile up Read More »