cybersecurity

Rocky Linux launches opt-in security repository for urgent fixes

Rocky Linux launches opt-in security repository for urgent fixes 2026-05-15 at 14:32 By Sinisa Markovic Rocky Linux has introduced a Security Repository that allows the distribution to ship urgent security fixes ahead of upstream Enterprise Linux when public exploit code exists and upstream patches are unavailable. “The repository is disabled by default. That’s intentional. The […]

Rocky Linux launches opt-in security repository for urgent fixes Read More »

Deepfake detection is losing ground to generative models

Deepfake detection is losing ground to generative models 2026-05-15 at 09:04 By Sinisa Markovic Deepfake detection has been built around a single question for close to a decade. Given a video or audio clip, is it real or synthetic? Commercial detectors analyze pixels, frequencies, and biometric signals to answer that question, and the best of

Deepfake detection is losing ground to generative models Read More »

AI cyber capability is speeding past earlier projections

AI cyber capability is speeding past earlier projections 2026-05-14 at 12:48 By Sinisa Markovic AI cyber capability is improving faster than expected, with newer models surpassing earlier projections, according to the UK government’s AI Security Institute (AISI). AISI measures AI cyber capability using “time horizon benchmarks”, which estimate how long AI systems can complete cybersecurity

AI cyber capability is speeding past earlier projections Read More »

Vector embedding security gap exposes enterprise AI pipelines

Vector embedding security gap exposes enterprise AI pipelines 2026-05-14 at 08:30 By Mirko Zorz Enterprise adoption of retrieval-augmented generation has moved sensitive corporate content into a new storage format that existing security tools cannot inspect. Companies deploying internal AI assistants convert documents into high-dimensional numerical vectors and ship them to embedding services and vector databases

Vector embedding security gap exposes enterprise AI pipelines Read More »

Closing the AI governance gap in your enterprise

Closing the AI governance gap in your enterprise 2026-05-14 at 08:00 By Help Net Security In this Help Net Security video, Casey Bleeker, CEO at SurePath AI, talks about the AI governance gap that exists in almost every organization. Drawing from three years of conversations with IT, business, and security leaders, Casey explains why AI

Closing the AI governance gap in your enterprise Read More »

Over 70% of organizations hit by identity breaches

Over 70% of organizations hit by identity breaches 2026-05-14 at 07:30 By Anamarija Pogorelec Attackers rely on stolen credentials, compromised service accounts, and social engineering attacks targeting employees, according to Sophos’ The State of Identity Security 2026 survey. What do you estimate to be the overall cost to your organization to rectify the identity breach?

Over 70% of organizations hit by identity breaches Read More »

Machine identities outnumber humans 109 to 1

Machine identities outnumber humans 109 to 1 2026-05-14 at 07:00 By Anamarija Pogorelec Organizations manage an average of 109 machine identities for every human identity. AI agents account for a growing share of those identities, with companies expecting AI agent growth of 85% over the next 12 months. Machine identities are projected to increase by

Machine identities outnumber humans 109 to 1 Read More »

Signal responds to phishing attacks with new in-app security warnings

Signal responds to phishing attacks with new in-app security warnings 2026-05-13 at 16:08 By Sinisa Markovic Signal is adding new protections for users following recent phishing and social engineering attacks. In March, the FBI and CISA issued a warning stating that Signal had become a primary target of Russian intelligence-linked hackers. Dutch and German security

Signal responds to phishing attacks with new in-app security warnings Read More »

Fedora Hummingbird brings the container security model to a Linux host OS

Fedora Hummingbird brings the container security model to a Linux host OS 2026-05-13 at 02:05 By Anamarija Pogorelec Container image security pipelines have spent the past several years pushing toward minimal footprints, hermetic builds, and continuous CVE remediation. The Fedora Project is now applying that same approach to the host operating system. At Red Hat

Fedora Hummingbird brings the container security model to a Linux host OS Read More »

OpenAI’s Daybreak uses Codex Security to identify risky attack paths

OpenAI’s Daybreak uses Codex Security to identify risky attack paths 2026-05-12 at 11:38 By Anamarija Pogorelec OpenAI Daybreak is the company’s cybersecurity initiative focused on building AI-assisted software defense into the development process from the start. It combines OpenAI models, Codex Security, and cyber-focused GPT-5.5 variants to help organizations identify, validate, and prioritize software vulnerabilities.

OpenAI’s Daybreak uses Codex Security to identify risky attack paths Read More »

Linux developers weigh emergency “killswitch” for vulnerable kernel functions

Linux developers weigh emergency “killswitch” for vulnerable kernel functions 2026-05-11 at 16:48 By Zeljka Zorz Linux kernel developers are reviewing a proposal for an emergency risk mitigation mechanism (“Killswitch”) that would allow administrators to disable vulnerable kernel functions at runtime. The proposal, submitted by Linux kernel developer/maintainer Sasha Levin, arrives in the wake of the

Linux developers weigh emergency “killswitch” for vulnerable kernel functions Read More »

Google researchers uncover criminal zero-day exploit likely built with AI

Google researchers uncover criminal zero-day exploit likely built with AI 2026-05-11 at 16:48 By Mirko Zorz Google’s threat intelligence researchers have linked a zero-day exploit to AI-assisted development by a criminal group. The exploit targeted a popular open-source web-based system administration tool. It allowed attackers to bypass two-factor authentication once they had valid user credentials.

Google researchers uncover criminal zero-day exploit likely built with AI Read More »

The scam economy has found its AI upgrade

The scam economy has found its AI upgrade 2026-05-11 at 12:32 By Anamarija Pogorelec Scam attempts continue to reach consumers via email, text messages, social media, online advertising, and phone calls. The volume of exposure has remained stable over the past year, with more than half of consumers encountering scam attempts at least monthly, according

The scam economy has found its AI upgrade Read More »

Security teams are turning to AI to survive alert overload

Security teams are turning to AI to survive alert overload 2026-05-11 at 08:18 By Anamarija Pogorelec The World Economic Forum white paper “Empowering Defenders: AI for Cybersecurity” identified AI as the biggest driver of change in cybersecurity for 94% of survey respondents. The paper found that 77% of organizations already use AI in cybersecurity, with

Security teams are turning to AI to survive alert overload Read More »

Dirty Frag: Unpatched Linux vulnerability delivers root access

Dirty Frag: Unpatched Linux vulnerability delivers root access 2026-05-08 at 18:03 By Zeljka Zorz A week after Copy Fail, another Linux local privilege escalation vulnerability dubbed “Dirty Frag” has been revealed, along with a PoC exploit. What is Dirty Frag In effect, Dirty Frag refers to two flaws: A xfrm-ESP Page-Cache Write vulnerability (CVE-2026-43284, aka

Dirty Frag: Unpatched Linux vulnerability delivers root access Read More »

Your coworker might be selling company logins, and thinks it’s fine

Your coworker might be selling company logins, and thinks it’s fine 2026-05-08 at 08:17 By Anamarija Pogorelec Employee behavior once considered unacceptable is becoming tolerated across various industries, particularly in IT and telecommunications, and at all levels of seniority, including leadership. Cifas Workplace Fraud Trends research, based on a survey of 2,000 UK employees working

Your coworker might be selling company logins, and thinks it’s fine Read More »

One keypress is all it takes to compromise four AI coding tools

One keypress is all it takes to compromise four AI coding tools 2026-05-08 at 01:14 By Mirko Zorz Developers clone unfamiliar repositories all the time. Open-source projects, work from teammates, sample code from a tutorial, a library someone recommended on a forum. The convention is old and reasonable: you look at what’s inside before you

One keypress is all it takes to compromise four AI coding tools Read More »

One in four MCP servers opens AI agent security to code execution risk

One in four MCP servers opens AI agent security to code execution risk 2026-05-05 at 13:21 By Anamarija Pogorelec Enterprise deployments of AI agents lean on two extension mechanisms that introduce risk at different layers of the stack. MCP servers expose deterministic code functions with structured, loggable invocations. Skills load textual instruction sets directly into

One in four MCP servers opens AI agent security to code execution risk Read More »

Can your coding style predict whether your code is vulnerable?

Can your coding style predict whether your code is vulnerable? 2026-05-05 at 13:21 By Sinisa Markovic Developers leave fingerprints in the code they write. Naming choices, indentation patterns, preferred APIs, and the way someone structures a loop or handles a pointer all carry traces of individual habit. Researchers have used these stylistic signals for years

Can your coding style predict whether your code is vulnerable? Read More »

Pipelock: Open-source AI agent firewall

Pipelock: Open-source AI agent firewall 2026-05-04 at 09:46 By Mirko Zorz AI coding agents run with shell access, environment variables containing API keys, and unrestricted internet connectivity, creating a single point of failure where one compromised tool call can leak credentials to an attacker-controlled domain. Pipelock, an open-source security harness developed by Joshua Waldrep under

Pipelock: Open-source AI agent firewall Read More »

Scroll to Top