Don’t miss

Google says 2026 will be the year AI supercharges cybercrime

Artificial Intelligence, automation, CISO, cloud security, cybercrime, cybersecurity, Don't miss, Google, Google Cloud, identity management, News, predictions, report /

Google says 2026 will be the year AI supercharges cybercrime 2025-11-05 at 07:06 By Anamarija Pogorelec Security leaders are staring down a year of major change. In its Cybersecurity Forecast 2026, Google paints a picture of a threat landscape transformed by AI, supercharged cybercrime, and increasingly aggressive nation-state operations. Attackers are moving faster, scaling their […]

Google says 2026 will be the year AI supercharges cybercrime Read More »

Former ransomware negotiators allegedly targeted US firms with ALPHV/BlackCat ransomware

arrest, cybercrime, Don't miss, Hot stuff, News, Ransomware, US DoJ, USA /

Former ransomware negotiators allegedly targeted US firms with ALPHV/BlackCat ransomware 2025-11-04 at 15:04 By Zeljka Zorz A ransomware negotiator and an incident response manager have been indicted in Florida for allegedly conspiring to deploy the ALPHV/BlackCat ransomware against multiple US companies and extorting nearly $1.3 million from one of the victims. According to a federal

Former ransomware negotiators allegedly targeted US firms with ALPHV/BlackCat ransomware Read More »

How nations build and defend their cyberspace capabilities

attacks, CERT, CISO, cyber attribution, cybersecurity, Cyberwarfare, Don't miss, Features, Government, Hot stuff, News, strategy, tips /

How nations build and defend their cyberspace capabilities 2025-11-04 at 11:54 By Mirko Zorz In this Help Net Security interview, Dr. Bernhards Blumbergs, Lead Cyber Security Expert at CERT.LV, discusses how cyberspace has become an integral part of national and military operations. He explains how countries develop capabilities to act and defend in this domain,

How nations build and defend their cyberspace capabilities Read More »

Product showcase: Cogent Community democratizes vulnerability intelligence with agentic AI

Cogent Security, Don't miss, Hot stuff, News, Product showcase, vulnerability management /

Product showcase: Cogent Community democratizes vulnerability intelligence with agentic AI 2025-11-03 at 18:13 By Help Net Security The volume of threat intelligence data has grown exponentially, but the ability to interpret and act on it has not. Every day brings new CVE disclosures, exploit releases, and vendor advisories. Teams are buried under overlapping feeds, inconsistent

Product showcase: Cogent Community democratizes vulnerability intelligence with agentic AI Read More »

Cyber-espionage campaign mirroring Sandworm TTPs hit Russian and Belarusian military

Belarus, cyber espionage, Cyble, Don't miss, Hot stuff, News, Russian Federation, Seqrite, spear-phishing /

Cyber-espionage campaign mirroring Sandworm TTPs hit Russian and Belarusian military 2025-11-03 at 15:57 By Zeljka Zorz A spear-phishing campaign aimed to compromise Russian and Belarusian military personnel by using military-themed documents as a lure has been flagged by Cyble and Seqrite security researchers. The goal of the campaign is to get targets to download and

Cyber-espionage campaign mirroring Sandworm TTPs hit Russian and Belarusian military Read More »

A new way to think about zero trust for workloads

CISO, cybersecurity, Don't miss, enterprise, Features, framework, Hot stuff, News, OpenID, research, SentinelOne, strategy, Zero Networks, zero trust /

A new way to think about zero trust for workloads 2025-11-03 at 09:10 By Mirko Zorz Static credentials have been a weak point in cloud security for years. A new paper by researchers from SentinelOne takes direct aim at that issue with a practical model for authenticating workloads without long-lived secrets. Instead of relying on

A new way to think about zero trust for workloads Read More »

Heisenberg: Open-source software supply chain health check tool

AppOmni, Don't miss, GitHub, News, open source, software, supply chain /

Heisenberg: Open-source software supply chain health check tool 2025-11-03 at 08:30 By Mirko Zorz Heisenberg is an open-source tool that checks the health of a software supply chain. It analyzes dependencies using data from deps.dev, Software Bills of Materials (SBOMs), and external advisories to measure package health, detect risks, and generate reports for individual dependencies

Heisenberg: Open-source software supply chain health check tool Read More »

Securing real-time payments without slowing them down

cybersecurity, Don't miss, Features, financial industry, fraud, Hot stuff, identity verification, News, regulation, security controls, Tyro /

Securing real-time payments without slowing them down 2025-11-03 at 08:00 By Mirko Zorz In this Help Net Security interview, Arun Singh, CISO at Tyro, discusses what it takes to secure real-time payments without slowing them down. He explains how analytics, authentication, and better industry cooperation can help stay ahead of fraud. Singh also touches on

Securing real-time payments without slowing them down Read More »

CISA and partners take action as Microsoft Exchange security risks mount

CISA, Don't miss, email security, guidelines, Hot stuff, Microsoft Exchange, News, NSA, tips /

CISA and partners take action as Microsoft Exchange security risks mount 2025-10-31 at 19:32 By Zeljka Zorz In partnership with international cybersecurity agencies, the US Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) outlined security best practices for organizations that use on-premises versions of Microsoft Exchange Server. Microsoft Exchange servers are

CISA and partners take action as Microsoft Exchange security risks mount Read More »

Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491)

Arctic Wolf Networks, China, cyber espionage, Don't miss, government-backed attacks, Hot stuff, News, Trend Micro, vulnerability, Windows /

Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491) 2025-10-31 at 17:09 By Zeljka Zorz A Windows vulnerability (CVE-2025-9491, aka ZDI-CAN-25373) that state-sponsored threat actors and cybercrime groups have been quietly leveraging since at least 2017 continues to be exploited for attacks. “Arctic Wolf Labs assesses with high confidence that [the campaign they detected]

Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491) Read More »

The secret to audit success? Think like your auditor

Appfire, CISO, cybersecurity, Don't miss, News, security auditing, Video /

The secret to audit success? Think like your auditor 2025-10-31 at 09:52 By Help Net Security In this Help Net Security video, Doug Kersten, CISO at Appfire, shares practical, experience-driven advice on how CISOs can avoid the most common mistakes when preparing for an audit. He breaks down what often frustrates auditors, why organization and

The secret to audit success? Think like your auditor Read More »

Shadow AI: New ideas emerge to tackle an old problem in new form

1Password, Artificial Intelligence, Don't miss, Eye Security, Hot stuff, LLMs, News, open source, prompt injection, shadow IT, survey /

Shadow AI: New ideas emerge to tackle an old problem in new form 2025-10-31 at 09:13 By Zeljka Zorz Shadow AI is the second-most prevalent form of shadow IT in corporate environments, 1Password’s latest annual report has revealed. Based on a survey of over 5,000 IT/security professionals and knowledge workers in the US, UK, Europe,

Shadow AI: New ideas emerge to tackle an old problem in new form Read More »

AI chatbots are sliding toward a privacy crisis

Artificial Intelligence, ChatGPT, CISO, cyber risk, cybersecurity, Don't miss, Features, generative AI, Harmonic, Ivanti, LLMs, News, OpenAI, Privacy, Tanium /

AI chatbots are sliding toward a privacy crisis 2025-10-31 at 09:00 By Sinisa Markovic AI chat tools are taking over offices, but at what cost to privacy? People often feel anonymous in chat interfaces and may share personal data without realizing the risks. Cybercriminals see the same opening, and it may only be a matter

AI chatbots are sliding toward a privacy crisis Read More »

You can’t audit how AI thinks, but you can audit what it does

Artificial Intelligence, auditing, CFA Institute, CISO, cybersecurity, Don't miss, Features, financial industry, Hot stuff, News, strategy /

You can’t audit how AI thinks, but you can audit what it does 2025-10-31 at 08:30 By Mirko Zorz In this Help Net Security interview, Wade Bicknell, Head, IT Security & Operations, CFA Institute, discusses how CISOs can use AI while maintaining security and governance. He explains why AI presents both defensive opportunities and emerging

You can’t audit how AI thinks, but you can audit what it does Read More »

Passwordless adoption moves from hype to habit

authentication, CISO, cybersecurity, Dashlane, Don't miss, enterprise, News, passwordless, passwords, report, survey /

Passwordless adoption moves from hype to habit 2025-10-31 at 08:00 By Anamarija Pogorelec With the average person juggling more than 300 credentials and credential abuse still the top attack vector, the password’s decline is long overdue. Across every major sector, organizations are changing how users log in, and new data shows the shift is picking

Passwordless adoption moves from hype to habit Read More »

Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287)

Darktrace, data theft, Don't miss, Eye Security, Hot stuff, Huntress, Malware, News, Palo Alto Networks, Sophos, Windows Server /

Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287) 2025-10-30 at 15:46 By Zeljka Zorz Attackers have been spotted exploiting the recently patched WSUS vulnerability (CVE-2025-59287) to deploy infostealer malware on unpatched Windows servers. An out-of-band update Last week’s release of an emergency fix for CVE-2025-59287, a Windows Server Update Services (WSUS) remote code execution vulnerability,

Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287) Read More »

How neighbors could spy on smart homes

Bluetooth, Bluetooth Low Energy, Don't miss, Features, hardware, Hot stuff, Internet of Things, network, News, Privacy, scanning, smart home, surveillance, wireless /

How neighbors could spy on smart homes 2025-10-30 at 13:34 By Mirko Zorz Even with strong wireless encryption, privacy in connected homes may be thinner than expected. A new study from Leipzig University shows that someone in an adjacent apartment could learn personal details about a household without breaking any encryption. By monitoring the wireless

How neighbors could spy on smart homes Read More »

OpenAI’s gpt-oss-safeguard enables developers to build safer AI

cybersecurity, Don't miss, News, OpenAI, software development /

OpenAI’s gpt-oss-safeguard enables developers to build safer AI 2025-10-29 at 19:07 By Sinisa Markovic OpenAI is releasing a research preview of gpt-oss-safeguard, a set of open-weight reasoning models for safety classification. The models come in two sizes: gpt-oss-safeguard-120b and gpt-oss-safeguard-20b. Both are fine-tuned versions of the gpt-oss open models and available under the Apache 2.0

OpenAI’s gpt-oss-safeguard enables developers to build safer AI Read More »

Sanctions won’t stop cyberattacks, but they can still “bite”

China, Don't miss, EU, government-backed attacks, Hot stuff, News, North Korea, RUSI, Russian Federation, Sanctions, tips, UK, USA /

Sanctions won’t stop cyberattacks, but they can still “bite” 2025-10-29 at 16:58 By Zeljka Zorz Sanctions are one of the tools Western governments use when they want to hit back at state-sponsored cyber threat actors. But do they actually work? That’s the question a group of current and former cybersecurity officials, analysts, and researchers tackled

Sanctions won’t stop cyberattacks, but they can still “bite” Read More »

Scroll to Top