CISOs grapple with AI demands within flat budgets 2026-04-06 at 09:16 By Anamarija Pogorelec Security spending continues to edge upward across large organizations, though the changes remain gradual and tightly managed. The 2026 RH-ISAC CISO Benchmark reflects a steady environment where budgets expand in small steps, even as AI becomes a routine part of security […]
CISOs grapple with AI demands within flat budgets Read More »
Microsoft releases open-source toolkit to govern autonomous AI agents 2026-04-03 at 08:39 By Anamarija Pogorelec AI agents can book travel, execute financial transactions, write and run code, and manage infrastructure without human intervention at each step. Frameworks like LangChain, AutoGen, CrewAI, and Azure AI Foundry Agent Service have made this kind of autonomy straightforward to
Microsoft releases open-source toolkit to govern autonomous AI agents Read More »
Click, wait, repeat: Digital trust erodes one login at a time 2026-04-03 at 07:58 By Anamarija Pogorelec Sign-up forms that drag on, login steps that repeat, and access requests that take longer than expected have become a normal part of using digital services. These moments rarely stand out on their own, and over time they
Click, wait, repeat: Digital trust erodes one login at a time Read More »
New infosec products of the month: March 2026 2026-04-03 at 07:02 By Anamarija Pogorelec Here’s a look at the most interesting products from the past month, featuring releases from Beazley, Bonfy.AI, Mend.io, Mimecast, NinjaOne, Novee, Intel 471, Singulr AI, Stellar Cyber, Teleport, and Vicarius. Beazley Exposure Management platform identifies external exposures and prioritizes cyber risk
New infosec products of the month: March 2026 Read More »
Trust, friction, and ROI: A CISO’s take on making security work for the business 2026-04-02 at 08:42 By Mirko Zorz In this Help Net Security interview, John O’Rourke, CISO at PPG, talks about what it means for security to drive business value. He explains how mature security programs reduce friction in sales cycles and M&A
Trust, friction, and ROI: A CISO’s take on making security work for the business Read More »
Mimecast makes enterprise email security deployable in minutes 2026-04-01 at 10:34 By Mirko Zorz Most organizations running Microsoft 365 rely on native email controls as their primary line of defense. According to Mimecast research, 38% of organizations depend exclusively on those native controls for collaboration security, and 64% say those controls are insufficient against the
Mimecast makes enterprise email security deployable in minutes Read More »
Malware detectors trained on one dataset often stumble on another 2026-04-01 at 07:05 By Anamarija Pogorelec Machine learning models built to catch malware on Windows systems are typically evaluated on data that closely resembles their training set. In practice, the malware arriving on enterprise endpoints looks different, comes from different sources, and in many cases
Malware detectors trained on one dataset often stumble on another Read More »
Crypto industry may be running out of time to prepare for quantum attacks 2026-03-31 at 22:44 By Sinisa Markovic Google’s latest research suggests the cryptocurrency industry may have less time than expected to prepare for quantum computing. In a whitepaper, Google examines risks to elliptic curve cryptography, the system securing most blockchain networks. The researchers
Crypto industry may be running out of time to prepare for quantum attacks Read More »
Amazon sends AI agents into pen testing and DevOps 2026-03-31 at 20:31 By Sinisa Markovic Amazon’s latest AI capabilities bring on-demand penetration testing through the AWS Security Agent, alongside the AWS DevOps Agent. “These agents are changing the way we secure and operate software. AWS Security Agent compresses penetration testing timelines from 2-6 weeks to
Amazon sends AI agents into pen testing and DevOps Read More »
Apple counters ClickFix attacks with macOS Terminal warning 2026-03-31 at 16:05 By Sinisa Markovic Apple has added a new security feature in macOS Tahoe 26.4 that warns users before they enter commands in Terminal that could cause harm. The goal is to stop ClickFix attacks, a social engineering trick that gets users to run malicious
Apple counters ClickFix attacks with macOS Terminal warning Read More »
Why I’m done calling humans the weakest link 2026-03-31 at 11:22 By Help Net Security Cybersecurity has long suffered from a people problem, but not in the way we often hear about. As industry that is based on enabling communication across the globe via the internet and many types of devices, many of us practitioners
Why I’m done calling humans the weakest link Read More »
The art of making technical risk make sense to executives 2026-03-31 at 11:21 By Help Net Security In this Help Net Security video, Jay Miller, CISO at Paessler, explains how security leaders can communicate technical risk to executives and board members in terms they understand. The focus is on business impact: financial loss, compliance fines,
The art of making technical risk make sense to executives Read More »
Hottest cybersecurity open-source tools of the month: March 2026 2026-03-31 at 07:37 By Anamarija Pogorelec Presented here is a curated selection of noteworthy open-source cybersecurity solutions that have drawn recognition for their ability to enhance security postures across diverse settings. BlacksmithAI: Open-source AI-powered penetration testing framework BlacksmithAI is an open-source penetration testing framework that uses
Hottest cybersecurity open-source tools of the month: March 2026 Read More »
Why risk alone doesn’t get you to yes 2026-03-30 at 09:29 By Help Net Security I have been in security rooms for years, from military operations centers to corporate boardrooms. In all those years I can tell you that the hardest mission that most security leaders will face is not identifying a threat, but getting
Why risk alone doesn’t get you to yes Read More »
Don’t count on government guidance after a smart home breach 2026-03-30 at 07:30 By Sinisa Markovic People are filling their homes with internet-connected cameras, speakers, locks, and routers. When one of those devices is compromised, the next steps are often unclear. Researchers reviewing government cybersecurity advice in 11 countries found that most guidance focuses on
Don’t count on government guidance after a smart home breach Read More »
Breaking out: Can AI agents escape their sandboxes? 2026-03-30 at 07:30 By Anamarija Pogorelec Container sandboxes are part of routine AI agent testing and deployment. Agents use them to run code, edit files, and interact with system resources without direct access to the host. The SandboxEscapeBench benchmark, developed by researchers at the University of Oxford
Breaking out: Can AI agents escape their sandboxes? Read More »
AI frenzy feeds credential chaos, secrets leak through code, tools, and infrastructure 2026-03-27 at 20:33 By Anamarija Pogorelec Code keeps moving through pipelines, and credentials continue to surface alongside it. GitGuardian’s State of Secrets Sprawl 2026 puts the count at 28.65 million new hardcoded secrets in public GitHub commits in 2025, extending a multi-year rise
AI frenzy feeds credential chaos, secrets leak through code, tools, and infrastructure Read More »
China’s APT41 and the Expanding Enterprise Attack Surface: What Security Teams Must Prepare For 2026-03-27 at 16:01 By Ashish Khaitan The modern enterprise attack surface is no longer confined to corporate networks and endpoints; it now stretches across cloud workloads, supply chains, remote devices, and even operational technology environments. Within this fragmented landscape, the activities
The Energy Sector’s Ransomware Nightmare: Why Critical Infrastructure Can’t Catch a Break 2026-03-26 at 12:32 By Ashish Khaitan Let’s talk about the sector that keeps our lights on, water running, and industries humming—and why it’s become ransomware’s favorite target. In 2025, the global energy and utilities sector faced 187 confirmed ransomware attacks. Not attempts. Confirmed, successful intrusions where attackers locked systems, stole
Your facilities run on fragile supply chains and nobody wants to admit it 2026-03-26 at 12:32 By Mirko Zorz In this Help Net Security interview, Christa Dodoo, Global Chair at IFMA, discusses how facility managers are managing supply chain risk in critical building systems. She explains how sourcing, localized redundancy, and flexible infrastructure design are
Your facilities run on fragile supply chains and nobody wants to admit it Read More »