The $19.5 million insider risk problem 2026-02-26 at 09:09 By Mirko Zorz Routine employee activity across corporate systems carries an average annual cost of $19.5 million per organization. That figure comes from the 2026 Cost of Insider Risks Global Report, conducted by the Ponemon Institute and based on data from 354 organizations that experienced one […]
The $19.5 million insider risk problem Read More »
Open-source security debt grows across commercial software 2026-02-26 at 08:36 By Mirko Zorz Open source code sits inside nearly every commercial application, and development teams continue to add new dependencies. Black Duck’s 2026 Open Source Security and Risk Analysis Report data shows that nearly all audited codebases contain open source components, with average component counts
Open-source security debt grows across commercial software Read More »
Review: Digital Forensics, Investigation, and Response, 5th Edition 2026-02-26 at 08:01 By Mirko Zorz Digital Forensics, Investigation, and Response, 5th Edition presents a structured survey of the digital forensics discipline. The book spans foundational principles, platform specific analysis, specialized branches, and incident response integration. About the author Chuck Easttom has many years of practical experience
Review: Digital Forensics, Investigation, and Response, 5th Edition Read More »
AI-driven DAST reduces manual setup and surfaces exploitable vulnerabilities 2026-02-26 at 07:35 By Mirko Zorz In this Help Net Security interview, Joni Klippert, CEO at StackHawk, discusses what defines DAST coverage in 2026 and why scan completion does not equal security. She explains how AI-driven DAST testing automates attack surface discovery, supports business-logic testing in
AI-driven DAST reduces manual setup and surfaces exploitable vulnerabilities Read More »
Hottest cybersecurity open-source tools of the month: February 2026 2026-02-26 at 07:07 By Anamarija Pogorelec This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Pompelmi: Open-source secure file upload scanning for Node.js Software teams building services in JavaScript are adding more layers of defense to handle
Hottest cybersecurity open-source tools of the month: February 2026 Read More »
Threat actor leveraged Cisco SD-WAN zero-day since 2023 (CVE-2026-20127) 2026-02-25 at 19:04 By Zeljka Zorz A “highly sophisticated” cyber threat actor has been exploiting a zero-day authentication bypass vulnerability (CVE-2026-20127) in Cisco Catalyst SD-WAN Controller (formerly vSmart), Cisco has announced today. The vulnerability was reported by Australian Signals Directorate’s Australian Cyber Security Centre, who said
Threat actor leveraged Cisco SD-WAN zero-day since 2023 (CVE-2026-20127) Read More »
Fake Zoom meeting leads to silent install of surveillance software 2026-02-25 at 18:16 By Zeljka Zorz Malwarebytes researchers have uncovered a fake (but convincing) Zoom meeting page that downloads surveillance software on Windows computers and tricks users into running it. According to Microsoft MVP Steven Lim, the page has claimed nearly 1,500 victims in 12
Fake Zoom meeting leads to silent install of surveillance software Read More »
SolarWinds Serv-U hit by four critical RCE-level vulnerabilities 2026-02-25 at 13:55 By Zeljka Zorz SolarWinds has fixed four critical vulnerabilities in its popular Serv-U file transfer solution, which is used by businesses and organizations of all sizes. If exploited, the flaws may allow attackers to create a system admin user and/or execute code as a
SolarWinds Serv-U hit by four critical RCE-level vulnerabilities Read More »
CISA flags exploited FileZen command injection bug, patch now! (CVE-2026-25108) 2026-02-25 at 12:14 By Zeljka Zorz CISA has added CVE-2026-25108, an OS command injection vulnerability in Soliton Systems’ FileZen secure file transfer solution, to its Known Exploited Vulnerabilities (KEV) catalog. The vendor has confirmed active exploitation, stating it has received multiple reports of damage caused
CISA flags exploited FileZen command injection bug, patch now! (CVE-2026-25108) Read More »
Cyber valuations climb as capital concentrates, AI security expands 2026-02-25 at 08:59 By Sinisa Markovic Venture funding in cybersecurity continued to concentrate in large private rounds at the end of 2025, driving valuations higher across stages. Data from DataTribe shows total capital invested approached $150 billion for the year, with a disproportionate share flowing into
Cyber valuations climb as capital concentrates, AI security expands Read More »
Microsoft adds domain libraries and Copilot integration to the quantum development kit 2026-02-25 at 08:05 By Anamarija Pogorelec The Microsoft Quantum Development Kit (QDK) is an open-source toolkit that runs on laptops and in common development environments. It includes code, simulators, libraries, and workflows that work with Visual Studio Code and GitHub Copilot. Integration with
Microsoft adds domain libraries and Copilot integration to the quantum development kit Read More »
Airline brands become launchpads for phishing, crypto fraud 2026-02-25 at 08:05 By Sinisa Markovic Airline brands sit at the center of peak travel booking cycles, loyalty programs, and high value transactions. Criminal groups continue to register thousands of lookalike domains tied to these brands, targeting travelers, employees, and business partners. Recent threat intelligence from BforeAI’s
Airline brands become launchpads for phishing, crypto fraud Read More »
Self-spreading npm malware targets developers in new supply chain attack 2026-02-24 at 15:10 By Zeljka Zorz Security researchers have uncovered another supply chain attack targeting developers: 19 typosquatting npm packages published on npmjs.com that steal credentials, infect projects, and propagate themselves across developer environments. The operation, dubbed “SANDWORM_MODE,” represents a (still) rare example of worm-like
Self-spreading npm malware targets developers in new supply chain attack Read More »
Microsoft extends security patching for three Windows products at a price 2026-02-24 at 11:38 By Sinisa Markovic Support is ending for three Windows products released in 2016, with deadlines beginning in October 2026. Windows 10 Enterprise LTSB 2016 and Windows 10 IoT Enterprise 2016 LTSB will reach end of support on October 13, 2026, followed
Microsoft extends security patching for three Windows products at a price Read More »
AI is becoming part of everyday criminal workflows 2026-02-24 at 09:00 By Mirko Zorz Underground forums include long threads about chatbots drafting phishing emails, generating code snippets, and coaching social engineering calls. A new study examined conversations captured between January 1, 2025 and July 31, 2025 across dozens of cybercrime forums to map how AI
AI is becoming part of everyday criminal workflows Read More »
Ransomware group breached SmarterTools via flaw in its SmarterMail deployment 2026-02-09 at 17:18 By Zeljka Zorz SmarterTools, the company behind the popular Microsoft Exchange alternative SmarterMail, has been breached by a ransomware-wielding group that leveraged a recently fixed vulnerability in that solution. How did the SmarterTools breach happen? Derek Curtis, the firm’s Chief Operating Officer,
Ransomware group breached SmarterTools via flaw in its SmarterMail deployment Read More »
European Commission hit by cyberattackers targeting mobile management platform 2026-02-09 at 16:02 By Zeljka Zorz The European Commission’s mobile device management platform was hacked but the incident was swiftly contained and no compromise of mobile devices was detected, EU’s executive branch announced on Friday. The intrusion was detected on January 30, 2026, by CERT-EU, the
European Commission hit by cyberattackers targeting mobile management platform Read More »
BeyondTrust fixes easy-to-exploit pre-auth RCE vulnerability in remote access tools (CVE-2026-1731) 2026-02-09 at 13:36 By Zeljka Zorz BeyondTrust fixed a critical remote code execution vulnerability (CVE-2026-1731) in its Remote Support (RS) and Privileged Remote Access (PRA) solutions and is urging self-hosted customers to apply the patch as soon a possible. Unlike the Remote Support zero-day
United Airlines CISO on building resilience when disruption is inevitable 2026-02-09 at 09:09 By Mirko Zorz Aviation runs on complex digital systems built for stability, safety, and long lifecycles. That reality creates a unique cybersecurity challenge for airlines, where disruption can quickly become an operational and public trust crisis. In this Help Net Security interview,
United Airlines CISO on building resilience when disruption is inevitable Read More »
Allama: Open-source AI security automation 2026-02-09 at 08:19 By Sinisa Markovic Allama is an open-source security automation platform that lets teams build visual workflows for threat detection and response. It includes integrations with 80+ types of tools and services typical in security operations, including SIEM systems, endpoint detection and response products, identity providers, and ticketing
Allama: Open-source AI security automation Read More »