Hot stuff

Data discovery gaps that catch enterprises off guard

Data discovery gaps that catch enterprises off guard 2026-06-01 at 11:46 By Mirko Zorz In this interview with Help Net Security, Avani Desai, CEO at Schellman, talks about the gap between what organizations think they know about their data and what discovery scans turn up. She shares stories of shadow data in abandoned cloud storage, […]

Data discovery gaps that catch enterprises off guard Read More »

EU organizations buckle under rising compliance pressure

EU organizations buckle under rising compliance pressure 2026-06-01 at 08:19 By Sinisa Markovic Cybersecurity governance in the EU is shifting under expanding frameworks such as NIS2 and DORA, while AI raises new questions for security teams. What the future brings is hard to predict, and organizations must find a way to cope. Antonija Vojnović, Governance,

EU organizations buckle under rising compliance pressure Read More »

New infostealer reaches enterprise devices through FortiClient EMS vulnerability

New infostealer reaches enterprise devices through FortiClient EMS vulnerability 2026-05-29 at 18:31 By Zeljka Zorz Attackers are delivering a broad-spectrum infostealer to enterprise computers by exploiting a known vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS). “The [malicious] payload was presented as a Fortinet endpoint update and executed through FortiClient-managed VPN scripting workflows,” Arctic Wold

New infostealer reaches enterprise devices through FortiClient EMS vulnerability Read More »

Dutch police disrupts botnet composed of 17 million devices

Dutch police disrupts botnet composed of 17 million devices 2026-05-29 at 17:26 By Zeljka Zorz The Dutch National Police and the country’s National Cyber Security Center (NCSC) have taken offline 200 servers controlling a botnet of 17 million devices, the law enforcement agency announced on Thursday. The investigation was launched after the NCSC received a

Dutch police disrupts botnet composed of 17 million devices Read More »

LinkedIn-themed phishing abuses Adobe’s A/B testing platform

LinkedIn-themed phishing abuses Adobe’s A/B testing platform 2026-05-29 at 14:08 By Zeljka Zorz A newly documented phishing campaign is targeting professionals with fake LinkedIn business emails and abusing a trusted service operated by Adobe. The attack from the victim’s perspective The attack starts with an email that looks, at first glance, like a routine business

LinkedIn-themed phishing abuses Adobe’s A/B testing platform Read More »

The CISO selling confidence in a market full of breach headlines

The CISO selling confidence in a market full of breach headlines 2026-05-28 at 10:16 By Mirko Zorz Engineering teams across enterprise IT are writing their own software with AI coding assistants, spinning up agents that act on their behalf, and assigning those agents the same access privileges their human creators hold. The shift has pulled

The CISO selling confidence in a market full of breach headlines Read More »

Coinflow CISO on crypto payments security under AI pressure

Coinflow CISO on crypto payments security under AI pressure 2026-05-27 at 09:24 By Mirko Zorz Crypto payment firms sit near the top of the target list for advanced persistent threat groups, and the workload on their security leaders keeps growing. Malcolm Portelli, CISO at Coinflow, runs the company’s security program from Malta. Coinflow is headquartered

Coinflow CISO on crypto payments security under AI pressure Read More »

Actively exploited Trend Micro Apex One flaw gets CISA warning (CVE-2026-34926)

Actively exploited Trend Micro Apex One flaw gets CISA warning (CVE-2026-34926) 2026-05-26 at 17:32 By Zeljka Zorz A relative directory path traversal vulnerability (CVE-2026-34926) in Trend Micro’s Apex One platform has been exploited in zero-day attacks, the company confirmed. “TrendAI has observed at least one attempt to exploit this vulnerability in the wild,” Trend Micro

Actively exploited Trend Micro Apex One flaw gets CISA warning (CVE-2026-34926) Read More »

High-severity SharePoint RCE bug patched by Microsoft (CVE-2026-45659)

High-severity SharePoint RCE bug patched by Microsoft (CVE-2026-45659) 2026-05-26 at 13:56 By Zeljka Zorz Microsoft has released patches for a high-severity remote code execution vulnerability (CVE-2026-45659) in SharePoint that may be exploited in low-complexity attacks. It affects the SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Enterprise Server 2016. About CVE-2026-45659 CVE-2026-45659 stems from

High-severity SharePoint RCE bug patched by Microsoft (CVE-2026-45659) Read More »

What happens when security teams inherit identity

What happens when security teams inherit identity 2026-05-26 at 13:38 By Sinisa Markovic At the Span Cyber Security Arena conference, I sat down with Eric Woodruff, Chief Identity Architect at Semperis, to talk about how organizations perceive identity and the challenges those perceptions create for security. He shared his perspective on where organizations struggle with

What happens when security teams inherit identity Read More »

Manage machine identities: The hidden privileged access layer you need to manage

Manage machine identities: The hidden privileged access layer you need to manage 2026-05-26 at 08:37 By Help Net Security Why are machine identities becoming the majority of “things with access”? Every automation, integration, and workload needs a way to authenticate and the right permissions to act. That quiet requirement has created a massive population of

Manage machine identities: The hidden privileged access layer you need to manage Read More »

Lessons for organizations from the Verizon 2026 Data Breach Investigations Report

Lessons for organizations from the Verizon 2026 Data Breach Investigations Report 2026-05-25 at 08:59 By Help Net Security This is my favourite time of the year, not just because spring is here and the promise of summer is on the way. But also, because one of my must reads each year gets published. There are

Lessons for organizations from the Verizon 2026 Data Breach Investigations Report Read More »

OpenHack: Open-source AI-powered vulnerability research

OpenHack: Open-source AI-powered vulnerability research 2026-05-25 at 08:11 By Sinisa Markovic Source-guided vulnerability research increasingly leans on coding harnesses such as Claude Code, Codex, and Cursor to drive agent-based reviews of application code. A new MIT-licensed project from the Dutch security firm Hadrian, called OpenHack, packages that approach into a file-based workspace that any of

OpenHack: Open-source AI-powered vulnerability research Read More »

$20 per zero-day is already the WordPress plugin reality

$20 per zero-day is already the WordPress plugin reality 2026-05-22 at 17:05 By Mirko Zorz Vulnerability researchers have spent the past year arguing about whether AI agents can find real bugs at scale or whether they mostly generate noise. A pipeline built in three days by researchers from TrendAI and CHT Security supplies an answer,

$20 per zero-day is already the WordPress plugin reality Read More »

Deleted Google API keys keep working for up to 23 minutes, researchers warn

Deleted Google API keys keep working for up to 23 minutes, researchers warn 2026-05-22 at 15:08 By Zeljka Zorz Google API keys are credentials that let applications access Google services, from Maps to the Gemini AI. If a key is leaked, an attacker can use it to make API calls, rack up charges, and, if

Deleted Google API keys keep working for up to 23 minutes, researchers warn Read More »

Meet Fractal, an OS made for microarchitecture reverse engineering

Meet Fractal, an OS made for microarchitecture reverse engineering 2026-05-22 at 12:17 By Sinisa Markovic Probing how a CPU isolates user code from kernel code is messy work. Researchers patch kernels, write drivers, or boot stripped-down bare-metal programs, and any of those choices change variables they were trying to hold still. Fractal, a new operating

Meet Fractal, an OS made for microarchitecture reverse engineering Read More »

Microsoft open-sources tools for designing and testing AI agents

Microsoft open-sources tools for designing and testing AI agents 2026-05-21 at 19:15 By Zeljka Zorz Microsoft has open-sourced two tools aimed at bringing security discipline to AI agent development: Clarity, a structured design review tool, and RAMPART, a continuous testing framework. The release comes from Microsoft’s AI Red Team, the company’s internal unit that stress-tests

Microsoft open-sources tools for designing and testing AI agents Read More »

Authorities dismantle First VPN, used by ransomware actors

Authorities dismantle First VPN, used by ransomware actors 2026-05-21 at 17:12 By Anamarija Pogorelec First VPN, a virtual private network service marketed to cybercriminals, promising anonymity for its users, was taken offline on May 19 and 20 as part of Operation Saffron. During the operation, French and Dutch authorities, with support from Europol and Eurojust,

Authorities dismantle First VPN, used by ransomware actors Read More »

GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise

GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise 2026-05-21 at 16:56 By Zeljka Zorz GitHub CISO Alexis Wales has named the malicious VS Code extension behind the breach they suffered at the hands of the threat group TeamPCP: Nx Console, a popular developer tool with 2.2 million installs. A malicious version of

GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise Read More »

Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)

Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498) 2026-05-21 at 14:22 By Zeljka Zorz Attackers are exploiting two Microsoft Defender vulnerabilities (CVE-2026-41091 and CVE-2026-45498), Microsoft acknowledged and CISA confirmed by adding them to its Known Exploited Vulnerabilities catalog. The vulnerabilities CVE-2026-41091 allows for local privilege elevation (LPE), and is caused by the Microsoft Malware

Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498) Read More »

Scroll to Top