Don’t miss

Initial access broker pleads guilty to selling access to 50 corporate networks

CloudSEK, court, cybercrime, cybercriminals, Don't miss, FBI, Hot stuff, initial access broker, News /

Initial access broker pleads guilty to selling access to 50 corporate networks 2026-01-20 at 15:43 By Zeljka Zorz A 40-year-old Jordanian man has admitted to selling unauthorized access to computer networks of at least 50 companies, the US Attorney’s Office of the District of New Jersey has announced. Feras Khalil Ahmad Albashiti has pleaded guilty […]

Initial access broker pleads guilty to selling access to 50 corporate networks Read More »

Confusion and fear send people to Reddit for cybersecurity advice

Don't miss, Europol, Features, Google, Hot stuff, Incogni, Malwarebytes, News, Privacy, research, scams /

Confusion and fear send people to Reddit for cybersecurity advice 2026-01-20 at 09:00 By Sinisa Markovic A strange charge appears on a bank account. An email claims a package is on the way. A social media account stops accepting a password that worked yesterday. When these moments hit, many people do the same thing. They

Confusion and fear send people to Reddit for cybersecurity advice Read More »

Product showcase: PrivacyHawk for iOS helps users track and remove personal data from data brokers

cybersecurity, Don't miss, iOS, iPhone, News, Privacy, Product showcase, software /

Product showcase: PrivacyHawk for iOS helps users track and remove personal data from data brokers 2026-01-20 at 08:06 By Anamarija Pogorelec Every interaction online, from signing up for a newsletter to making a purchase, leaves a trace. These traces are collected by data brokers and resold to advertisers, analytics firms, or, in some cases, criminals

Product showcase: PrivacyHawk for iOS helps users track and remove personal data from data brokers Read More »

Fake browser crash alerts turn Chrome extension into enterprise backdoor

browser, Chrome, Chrome Web Store, Don't miss, enterprise, extension, Hot stuff, Huntress, Microsoft Edge, News, Remote Access Trojan, social engineering, Socket /

Fake browser crash alerts turn Chrome extension into enterprise backdoor 2026-01-19 at 17:21 By Zeljka Zorz Browser extensions are a high-risk attack vector for enterprises, allowing threat actors to bypass traditional security controls and gain a foothold on corporate endpoints. Case in point: A recently identified malicious extension called NexShield proves that a single user

Fake browser crash alerts turn Chrome extension into enterprise backdoor Read More »

Law enforcement tracks ransomware group blamed for massive financial losses

cybercrime, Don't miss, Europol, Interpol, law enforcement, News, Ransomware, Ukraine /

Law enforcement tracks ransomware group blamed for massive financial losses 2026-01-19 at 14:00 By Sinisa Markovic Law enforcement agencies in Ukraine and Germany have identified two members of a Russian-affiliated ransomware group and carried out searches in western Ukraine. Search (Source: Cyber ​​Police of Ukraine) Investigators also named the alleged organizer, a Russian national, and

Law enforcement tracks ransomware group blamed for massive financial losses Read More »

Global tensions are pushing cyber activity toward dangerous territory

critical infrastructure, cybersecurity, disinformation, Don't miss, Features, Hot stuff, News, strategy, World Economic Forum /

Global tensions are pushing cyber activity toward dangerous territory 2026-01-19 at 09:48 By Sinisa Markovic Cybersecurity is inseparable from geopolitics. Ongoing conflicts, sanctions, trade wars, geoeconomic rivalry, and technological competition have pushed state competition into cyberspace. States use cyber operations to exert pressure on rivals, enabling disruption without resorting to conventional weapons. Infrastructure vulnerabilities in

Global tensions are pushing cyber activity toward dangerous territory Read More »

Bytebase: Open-source database DevOps tool

DevOps, Don't miss, GitHub, News, software /

Bytebase: Open-source database DevOps tool 2026-01-19 at 09:19 By Sinisa Markovic Bytebase is a DevOps platform for managing database schema and data changes through a structured workflow. It provides a central place for teams to submit change requests, run reviews, and track executions across environments. The open-source edition is designed for organizations that want to

Bytebase: Open-source database DevOps tool Read More »

Review: AI Strategy and Security

Artificial Intelligence, books, CISO, cybersecurity, Don't miss, News, Review, Reviews /

Review: AI Strategy and Security 2026-01-19 at 09:00 By Mirko Zorz AI Strategy and Security is a guide for organizations planning enterprise AI programs. The book targets technology leaders, security professionals, and executives responsible for strategy, governance, and operational execution. It treats AI adoption as an organizational discipline that spans planning, staffing, security engineering, risk

Review: AI Strategy and Security Read More »

Cisco fixes AsyncOS vulnerability exploited in zero-day attacks (CVE-2025-20393)

APT, backdoor, China, Cisco, cyber espionage, Don't miss, email security, enterprise, Hot stuff, News /

Cisco fixes AsyncOS vulnerability exploited in zero-day attacks (CVE-2025-20393) 2026-01-16 at 17:05 By Zeljka Zorz Cisco has finally shipped security updates for its Email Security Gateway and Secure Email and Web Manager devices, which fix CVE-2025-20393, a vulnerability in the devices’ AsyncOS that has been exploited as a zero-day by suspected Chinese attackers since at

Cisco fixes AsyncOS vulnerability exploited in zero-day attacks (CVE-2025-20393) Read More »

Product showcase: Penetration test reporting with PentestPad

cybersecurity, Don't miss, News, penetration testing, Product showcase /

Product showcase: Penetration test reporting with PentestPad 2026-01-16 at 09:57 By Help Net Security If you’ve done a pentest before, you know things can get messy fast. You start organized, but a few hours in, notes are scattered, screenshots have odd filenames, and small details get lost. PentestPad was built to help with that, not

Product showcase: Penetration test reporting with PentestPad Read More »

Sensitive data of Eurail, Interrail travelers compromised in data breach

data breach, Don't miss, EU, Europe, Hot stuff, News, transportation /

Sensitive data of Eurail, Interrail travelers compromised in data breach 2026-01-15 at 17:04 By Zeljka Zorz A data breach at the Netherlands-based company that sells Eurail (Interrail) train passes resulted in the compromise of personal and sensitive information belonging to an as-yet unknown number of travelers. What data was accessed? Eurail B.V. operates on behalf

Sensitive data of Eurail, Interrail travelers compromised in data breach Read More »

PoC exploit for critical FortiSIEM vulnerability released (CVE-2025-64155)

Don't miss, Fortinet, Horizon3.ai, Hot stuff, News, PoC, SIEM, Tenable, vulnerability /

PoC exploit for critical FortiSIEM vulnerability released (CVE-2025-64155) 2026-01-15 at 15:27 By Zeljka Zorz A critical vulnerability (CVE-2025-64155) in Fortinet’s FortiSIEM security platform has now been accompanied by publicly released proof-of-concept (PoC) exploit code, raising the urgency for organizations to patch immediately. About CVE-2025-64155 CVE-2025-64155 may allow unauthenticated, remote attackers to execute unauthorized code or

PoC exploit for critical FortiSIEM vulnerability released (CVE-2025-64155) Read More »

Microsoft shuts down RedVDS cybercrime subscription service tied to millions in fraud losses

cybercrime, Don't miss, law enforcement, Microsoft, News /

Microsoft shuts down RedVDS cybercrime subscription service tied to millions in fraud losses 2026-01-15 at 10:22 By Sinisa Markovic Microsoft has announced a coordinated legal action in the United States and the United Kingdom to disrupt RedVDS, a global cybercrime subscription service tied to large-scale fraud losses. The effort forms part of a broader joint

Microsoft shuts down RedVDS cybercrime subscription service tied to millions in fraud losses Read More »

LinkedIn wants to make verification a portable trust signal

cybersecurity, Don't miss, Features, generative AI, Hot stuff, identity verification, LinkedIn, News, scams, social media /

LinkedIn wants to make verification a portable trust signal 2026-01-15 at 08:34 By Mirko Zorz In this Help Net Security interview, Oscar Rodriguez, VP Trust Product at LinkedIn, discusses how verification is becoming a portable trust signal across the internet. He explains how LinkedIn is extending professional identity beyond its platform to address rising AI-driven

LinkedIn wants to make verification a portable trust signal Read More »

QR codes are getting colorful, fancy, and dangerous

cybersecurity, Don't miss, News, NordVPN, Palo Alto Networks, phishing, QR codes, research, scanning, threats /

QR codes are getting colorful, fancy, and dangerous 2026-01-15 at 08:04 By Sinisa Markovic QR codes have become a routine part of daily life, showing up on emails, posters, menus, invoices, and login screens. Security-savvy users have learned to treat links with caution, but QR codes still carry an assumption of safety. Researchers from Deakin

QR codes are getting colorful, fancy, and dangerous Read More »

The NSA lays out the first steps for zero trust adoption

CISO, Don't miss, Government, how-to, News, NSA, strategy, tips, USA, zero trust /

The NSA lays out the first steps for zero trust adoption 2026-01-15 at 07:28 By Anamarija Pogorelec Security pros often say that zero trust sounds straightforward until they try to apply it across real systems, real users, and real data. Many organizations are still sorting out what they own, how access works, and where authority

The NSA lays out the first steps for zero trust adoption Read More »

Webinar: Beyond the Quadrant: An Analyst’s Guide to Evaluating Email Security in 2026

Abnormal AI, Don't miss, Hot stuff, News, Whitepapers and webinars /

Webinar: Beyond the Quadrant: An Analyst’s Guide to Evaluating Email Security in 2026 2026-01-14 at 16:03 By Help Net Security Join former Gartner analyst Ravisha Chugh and Abnormal’s Director of Product Marketing, Lane Billings, on January 20th for an exclusive insider look at how email security vendors will be evaluated in 2026. Backed by years

Webinar: Beyond the Quadrant: An Analyst’s Guide to Evaluating Email Security in 2026 Read More »

CISO Assistant: Open-source cybersecurity management and GRC

CISO, Compliance, cybersecurity, DevSecOps, Don't miss, framework, GitHub, GRC, Hot stuff, News, open source, Risk Management, software, strategy /

CISO Assistant: Open-source cybersecurity management and GRC 2026-01-14 at 13:25 By Mirko Zorz CISO Assistant is an open-source governance, risk, and compliance (GRC) platform designed to help security teams document risks, controls, and framework alignment in a structured system. The community edition is maintained as a self-hosted tool for organizations that want direct access to

CISO Assistant: Open-source cybersecurity management and GRC Read More »

Firmware scanning time, cost, and where teams run EMBA

cybersecurity, Don't miss, Features, firmware, hardware, Hot stuff, Internet of Things, News, open source, research, scanning, software /

Firmware scanning time, cost, and where teams run EMBA 2026-01-14 at 13:25 By Mirko Zorz Security teams that deal with connected devices often end up running long firmware scans overnight, checking progress in the morning, and trying to explain to colleagues why a single image consumed a workday of compute time. That routine sets the

Firmware scanning time, cost, and where teams run EMBA Read More »

How AI image tools can be tricked into making political propaganda

deepfakes, disinformation, Don't miss, Fake News, Features, News /

How AI image tools can be tricked into making political propaganda 2026-01-14 at 08:01 By Sinisa Markovic A single image can shift public opinion faster than a long post. Text to image systems can be pushed to create misleading political visuals, even when safety filters are in place, according to a new study. The researchers

How AI image tools can be tricked into making political propaganda Read More »

Scroll to Top