Don’t miss

Microsoft open-sources tools for designing and testing AI agents

agentic AI, Don't miss, Hot stuff, Microsoft, News, open source, red team /

Microsoft open-sources tools for designing and testing AI agents 2026-05-21 at 19:15 By Zeljka Zorz Microsoft has open-sourced two tools aimed at bringing security discipline to AI agent development: Clarity, a structured design review tool, and RAMPART, a continuous testing framework. The release comes from Microsoft’s AI Red Team, the company’s internal unit that stress-tests […]

Microsoft open-sources tools for designing and testing AI agents Read More »

GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise

Don't miss, GitHub, Grafana, Hot stuff, News, open source, supply chain attacks, supply chain compromise /

GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise 2026-05-21 at 16:56 By Zeljka Zorz GitHub CISO Alexis Wales has named the malicious VS Code extension behind the breach they suffered at the hands of the threat group TeamPCP: Nx Console, a popular developer tool with 2.2 million installs. A malicious version of

GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise Read More »

Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)

Don't miss, Hot stuff, Microsoft, Microsoft Defender, News, vulnerability, vulnerability disclosure, Windows /

Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498) 2026-05-21 at 14:22 By Zeljka Zorz Attackers are exploiting two Microsoft Defender vulnerabilities (CVE-2026-41091 and CVE-2026-45498), Microsoft acknowledged and CISA confirmed by adding them to its Known Exploited Vulnerabilities catalog. The vulnerabilities CVE-2026-41091 allows for local privilege elevation (LPE), and is caused by the Microsoft Malware

Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498) Read More »

Why AI changed the threat model for travel technology

CISO, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Risk Management, strategy, tips /

Why AI changed the threat model for travel technology 2026-05-21 at 09:16 By Mirko Zorz In this Help Net Security interview, Devon Bryan, SVP, Global CSO at Booking Holdings, reflects on his path from Air Force network security engineer to global CSO across financial services, hospitality, and travel technology. He discusses why the travel industry’s

Why AI changed the threat model for travel technology Read More »

AI red teaming agents change how LLMs get tested

agentic AI, AI, cybersecurity, Don't miss, Features, Hot stuff, LLMs, News, research /

AI red teaming agents change how LLMs get tested 2026-05-21 at 08:00 By Mirko Zorz Adversarial probing of LLMs has piled up a sprawling toolkit over the past three years. Attack techniques with names like Tree of Attacks with Pruning, Crescendo, and Skeleton Key sit alongside hundreds of prompt transforms and scoring methods across open-source

AI red teaming agents change how LLMs get tested Read More »

Verizon DBIR: Vulnerability exploitation is the dominant initial access vector

AI, CISO, credentials, data breach, Don't miss, Hot stuff, News, phishing, Ransomware, report, social engineering, Verizon, vulnerability disclosure, vulnerability management /

Verizon DBIR: Vulnerability exploitation is the dominant initial access vector 2026-05-20 at 17:16 By Zeljka Zorz Vulnerability exploitation has overtaken stolen credentials as the most common way attackers gain initial access to target networks, according to the 2026 Verizon Data Breach Investigations Report. This is the first time credential theft has been knocked off the

Verizon DBIR: Vulnerability exploitation is the dominant initial access vector Read More »

TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension

cybercriminals, data theft, Don't miss, GitHub, Hot stuff, News, open source, supply chain compromise /

TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension 2026-05-20 at 13:47 By Zeljka Zorz Following TeamPCP’s claim that they’ve breached GitHub’s own private code repositories, the Microsoft-owned company launched an investigation and confirmed the compromise. “Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only. The attacker’s current claims of

TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension Read More »

Microsoft provides mitigation for “YellowKey” BitLocker bypass flaw (CVE-2026-45585)

CVE, Don't miss, exploit, Hot stuff, Microsoft, News, PoC, vulnerability disclosure, Windows, Windows Server /

Microsoft provides mitigation for “YellowKey” BitLocker bypass flaw (CVE-2026-45585) 2026-05-20 at 11:49 By Zeljka Zorz Microsoft is working on a fix for CVE-2026-45585 (aka “Yellowkey”), a vulnerability that can be used by attackers to bypass protections offered by BitLocker, the full-disk encryption feature built into Windows, and access users’ data. In the meantime, the company

Microsoft provides mitigation for “YellowKey” BitLocker bypass flaw (CVE-2026-45585) Read More »

Communicating cyber risk in dollars boards understand

boardroom, CISO, communication, conferences, cyber resilience, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Span, strategy, tips /

Communicating cyber risk in dollars boards understand 2026-05-20 at 09:34 By Mirko Zorz In this Help Net Security interview, Nick Nieuwenhuis, Cybersecurity Architect at Nedscaper, explains why cybersecurity has not delivered the resilience that decades of investment have promised. He argues that spending has leaned too heavily on technical controls while neglecting people, processes, and

Communicating cyber risk in dollars boards understand Read More »

When your AI assistant has the keys to production

agentic AI, AI, cybersecurity, Don't miss, LLMs, News, research, security operations /

When your AI assistant has the keys to production 2026-05-20 at 09:34 By Sinisa Markovic Large language models in operational roles query telemetry, propose configuration changes, and in some deployments execute those changes against live infrastructure. Ticket drafting and alert summarization were the starting point. Vendors describe this work as autonomous remediation or self-healing infrastructure.

When your AI assistant has the keys to production Read More »

CVE Lite CLI: Open-source dependency vulnerability scanner

Don't miss, GitHub, News, open source, OWASP, scanner, software, software development, vulnerability assessment /

CVE Lite CLI: Open-source dependency vulnerability scanner 2026-05-20 at 09:34 By Mirko Zorz Dependency vulnerability scanning in JavaScript and TypeScript projects has long sat at the end of the development pipeline. Pull requests get opened, continuous integration runs, and a security scanner returns a list of CVE identifiers that developers then have to triage hours

CVE Lite CLI: Open-source dependency vulnerability scanner Read More »

7 hard truths security pros should know: 2026 DevOps Threats Report

authentication, Cloud, DevOps, DevSecOps, Don't miss, Expert analysis, Expert corner, GitProtect.io, News, threats /

7 hard truths security pros should know: 2026 DevOps Threats Report 2026-05-20 at 09:34 By Help Net Security In 2025, trusted Git hosting platforms became a playground for cyber criminals. This is the main conclusion from the latest “DevOps Threat Unwrapped Report 2026” by GitProtect. If you want to effectively counter attacks targeted at your

7 hard truths security pros should know: 2026 DevOps Threats Report Read More »

What happens when your identity provider becomes the kill chain

Atsign, authentication, cybersecurity, Don't miss, identity protection, News, OAuth, strategy, tips, Video /

What happens when your identity provider becomes the kill chain 2026-05-20 at 09:34 By Help Net Security In this Help Net Security video, Colin Constable, CTO at Atsign, explains why your identity provider (IdP) has become the kill chain in cyberattacks. Attackers steal session cookies, tokens, or consent grants you’ve already issued and walk in

What happens when your identity provider becomes the kill chain Read More »

PureLogs infostealer is stealing credentials worldwide

data theft, Don't miss, Fortinet, Hot stuff, Malware, News, phishing /

PureLogs infostealer is stealing credentials worldwide 2026-05-19 at 16:58 By Zeljka Zorz A phishing campaign is smuggling the powerful PureLogs information stealer onto targets’ Windows machines by hiding encrypted malicious payloads inside cat photos, Fortinet researchers discovered. The attack The attack starts with a phishing email containing a TXZ archive and using an invoice-themed lure

PureLogs infostealer is stealing credentials worldwide Read More »

Earbud sensors can authenticate users by their heartbeat, study finds

authentication, biometrics, cybersecurity, Don't miss, Features, hardware, Hot stuff, News, research, sensors /

Earbud sensors can authenticate users by their heartbeat, study finds 2026-05-19 at 09:17 By Mirko Zorz Researchers built a continuous authentication system called AccLock that identifies a wearer by the tiny vibrations a heartbeat makes inside the ear canal. The signal comes from an accelerometer of the kind already sitting inside many wireless earbuds, so

Earbud sensors can authenticate users by their heartbeat, study finds Read More »

AI is drowning software maintainers in junk security reports

AI, bug bounty, Don't miss, GitHub, Hot stuff, Linux, News, open source, vulnerability assessment, vulnerability disclosure /

AI is drowning software maintainers in junk security reports 2026-05-18 at 21:32 By Zeljka Zorz AI-assisted vulnerability research has exploded, unleashing a firehose of low-quality reports on overworked software maintainers who are wasting hours sifting through noise instead of fixing real problems. Linus Torvalds, the Linux kernel’s creator, says the flood has made the project’s

AI is drowning software maintainers in junk security reports Read More »

Attackers are exploiting critical NGINX vulnerability (CVE-2026-42945)

Don't miss, exploit, Hot stuff, News, Nginx, PoC, VulnCheck, vulnerability /

Attackers are exploiting critical NGINX vulnerability (CVE-2026-42945) 2026-05-18 at 16:32 By Zeljka Zorz A critical NGINX vulnerability (CVE-2026-42945) disclosed last week is being exploited by attackers, VulnCheck security researcher Patrick Garrity revealed on Saturday. The vulnerability, dubbed NGINX Rift, can be reliably exploited to trigger a denial-of-service condition and can potentially allow for unauthenticated remote

Attackers are exploiting critical NGINX vulnerability (CVE-2026-42945) Read More »

Attackers accessed, downloaded code from Grafana Labs’ GitHub

data theft, DevOps, Don't miss, extortion, Grafana, Hot stuff, News, open source /

Attackers accessed, downloaded code from Grafana Labs’ GitHub 2026-05-18 at 12:57 By Zeljka Zorz A threat actor has managed to access Grafana Labs’ GitHub environment and download the company’s codebase, the open-source observability and data visualization firm announced on Sunday. The breach is significant given Grafana Labs’ widespread use across enterprise engineering and DevOps teams

Attackers accessed, downloaded code from Grafana Labs’ GitHub Read More »

The AI backdoor your security stack is not built to see

AI, backdoor, cybersecurity, Don't miss, enterprise, Features, LLMs, Microsoft, News, research /

The AI backdoor your security stack is not built to see 2026-05-18 at 09:42 By Sinisa Markovic Enterprises deploying LLMs have spent the past two years building defenses around a reasonable assumption: malicious behavior leaves a trace in the input. Scan for suspicious tokens, filter unusual characters, watch for prompt injection patterns. New research from

The AI backdoor your security stack is not built to see Read More »

Lyrie: Open-source autonomous pentesting agent

agentic AI, AI, Don't miss, GitHub, News, open source, penetration testing, software /

Lyrie: Open-source autonomous pentesting agent 2026-05-18 at 09:42 By Sinisa Markovic Penetration testing has usually required weeks of manual work, specialized tooling, and teams with narrow skill sets. Lyrie, an open-source autonomous security agent built by OTT Cybersecurity, compresses that process into a command line tool and publishes the entire codebase. The project reached version

Lyrie: Open-source autonomous pentesting agent Read More »

Scroll to Top