News

Senior engineers are spending their week cleaning up AI-generated code

Senior engineers are spending their week cleaning up AI-generated code 2026-06-15 at 07:00 By Anamarija Pogorelec At most U.S. technology companies, machines now write the bulk of the code that ships each week. The engineer’s job has shifted toward reviewing what the AI produces, and that review gives the code high marks. Leaders rate AI-generated […]

Senior engineers are spending their week cleaning up AI-generated code Read More »

Week in review: Exploited Check Point VPN zero-day, Oracle PeopleSoft servers under attack

Week in review: Exploited Check Point VPN zero-day, Oracle PeopleSoft servers under attack 2026-06-14 at 11:00 By Anamarija Pogorelec Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: DockSec: Open-source AI-powered Docker security scanner DockSec is an OWASP Incubator Project that combines three container security scanners with a language-model

Week in review: Exploited Check Point VPN zero-day, Oracle PeopleSoft servers under attack Read More »

Google sues China-based scammers over Gemini AI abuse

Google sues China-based scammers over Gemini AI abuse 2026-06-12 at 15:43 By Sinisa Markovic Google has filed a lawsuit against Outsider Enterprise, a China-based cybercrime network for using AI tools, including Gemini, to build phishing websites and scam infrastructure. The company said the operation has affected “hundreds of thousands of victims,” with losses estimated in

Google sues China-based scammers over Gemini AI abuse Read More »

Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751)

Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751) 2026-06-12 at 15:14 By Zeljka Zorz WatchTowr researchers have disclosed a technical analysis and a “Detection Artefact Generator” for CVE-2026-50751, an authentication bypass flaw in Check Point’s Remote Access VPN and Mobile Access, which the vendor confirmed to be actively exploited. The attacks were

Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751) Read More »

Cybercriminals are moving away from mass phishing campaigns

Cybercriminals are moving away from mass phishing campaigns 2026-06-12 at 13:47 By Sinisa Markovic Phishing activity declined by roughly 20% in both 2024 and 2025, according to research from Zscaler’s ThreatLabz team. The drop followed years of growth that pushed phishing activity above 2 billion hits in 2023. “Phishing volume measured by blocked emails is

Cybercriminals are moving away from mass phishing campaigns Read More »

How to use NIST and ISO frameworks to govern AI agents

How to use NIST and ISO frameworks to govern AI agents 2026-06-12 at 11:07 By Help Net Security Security leaders no longer need convincing that AI agents introduce risk. What’s missing is how to govern them once they move into production and begin operating autonomously across enterprise environments. AI agents already read sensitive documents, invoke

How to use NIST and ISO frameworks to govern AI agents Read More »

The assembly line behind 1.5 million malicious domains

The assembly line behind 1.5 million malicious domains 2026-06-12 at 11:07 By Anamarija Pogorelec Attackers registered roughly 1.5 million malicious domains during the first five months of 2026. The registration patterns resemble industrial output. Most of the domains were created by attackers, put to use within weeks, and concentrated among a small set of registrars,

The assembly line behind 1.5 million malicious domains Read More »

Authorities dismantle crypto laundering service that moved €336 million for cybercriminals

Authorities dismantle crypto laundering service that moved €336 million for cybercriminals 2026-06-12 at 10:58 By Sinisa Markovic An international law enforcement operation has dismantled a cryptocurrency laundering service linked to ransomware groups and other cybercriminals that processed more than €336 million in illicit funds. The domain seizure notice (Source: Europol) Europol said the service, known

Authorities dismantle crypto laundering service that moved €336 million for cybercriminals Read More »

CISA orders federal agencies to “patch smarter”

CISA orders federal agencies to “patch smarter” 2026-06-11 at 20:18 By Zeljka Zorz The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a Binding Operational Directive that will change how the US federal government approaches vulnerability management. The directive arrives as the patching problem has become nearly unmanageable, driven by a surge in newly

CISA orders federal agencies to “patch smarter” Read More »

Proxmox releases Mail Gateway 9.1 with quarantine and backup encryption changes

Proxmox releases Mail Gateway 9.1 with quarantine and backup encryption changes 2026-06-11 at 20:18 By Anamarija Pogorelec Proxmox Mail Gateway 9.1 adds updated system components, changes to the spam quarantine interface, and encryption for backups. It works as a mail proxy positioned between the firewall and internal mail servers, screening incoming and outgoing traffic for

Proxmox releases Mail Gateway 9.1 with quarantine and backup encryption changes Read More »

FBI seizes 13 websites linked to alleged Chinese intelligence-gathering effort

FBI seizes 13 websites linked to alleged Chinese intelligence-gathering effort 2026-06-11 at 17:12 By Sinisa Markovic Federal authorities have seized 13 internet domains allegedly used to target current and former U.S. government employees and military personnel with access to classified and sensitive information. The post FBI seizes 13 websites linked to alleged Chinese intelligence-gathering effort

FBI seizes 13 websites linked to alleged Chinese intelligence-gathering effort Read More »

9 out of 10 people can no longer distinguish real from AI-generated content

9 out of 10 people can no longer distinguish real from AI-generated content 2026-06-11 at 17:12 By Sinisa Markovic Online fraud is becoming harder to distinguish from legitimate activity as AI-generated messages, voices, photos, reviews, and identities become more convincing. Nearly nine in ten adults say they can no longer tell what is real from

9 out of 10 people can no longer distinguish real from AI-generated content Read More »

Fake Spotify Premium tutorials on TikTok and Instagram Reels spread malware

Fake Spotify Premium tutorials on TikTok and Instagram Reels spread malware 2026-06-11 at 16:51 By Sinisa Markovic Cybercriminals are using TikTok and Instagram Reels videos to spread Vidar, an infostealer malware, through fake downloads for popular paid software, according to ReversingLabs. The researchers uncovered two campaigns behind the activity, each using a different approach to

Fake Spotify Premium tutorials on TikTok and Instagram Reels spread malware Read More »

Oracle PeopleSoft servers under attack, Oracle pushes out-of-band security alert

Oracle PeopleSoft servers under attack, Oracle pushes out-of-band security alert 2026-06-11 at 15:41 By Zeljka Zorz A zero-day vulnerability (CVE-2026-35273) in Oracle PeopleSoft PeopleTools is being exploited in the wild, Charles Carmakal, CTO at cybersecurity firm Mandiant, part of Google Cloud, warned today. The warning comes a day after Oracle published an out-of-band security alert

Oracle PeopleSoft servers under attack, Oracle pushes out-of-band security alert Read More »

Threat actors are recruiting the people who hold cloud logins

Threat actors are recruiting the people who hold cloud logins 2026-06-11 at 11:18 By Anamarija Pogorelec Companies keep most of their data and applications in cloud platforms that anyone can reach with the right login. That setup turns each employee holding those credentials into a security variable, and members of the cybercrime underground have built

Threat actors are recruiting the people who hold cloud logins Read More »

Making the cloud prove it followed your privacy wishes

Making the cloud prove it followed your privacy wishes 2026-06-11 at 08:43 By Sinisa Markovic Making companies that store personal data in cloud key-value databases handle deletion requests by running the operation and confirming the job is complete. The people making those requests and the regulators overseeing them have had limited means to confirm the

Making the cloud prove it followed your privacy wishes Read More »

X Square Robot open sources its robot-free data collection framework

X Square Robot open sources its robot-free data collection framework 2026-06-11 at 08:43 By Sinisa Markovic Companies building robots for physical work spend large amounts of time and money operating machines by hand to gather training examples. Each session with a physical robot produces a small number of demonstrations per day, which slows the growth

X Square Robot open sources its robot-free data collection framework Read More »

Prompt injection still drives most agentic AI security failures in production

Prompt injection still drives most agentic AI security failures in production 2026-06-11 at 08:43 By Anamarija Pogorelec A backdoor sat on PyPI for three hours in March 2026. Nearly 47,000 downloads occurred during the window. The compromised package, LiteLLM, serves as the language-model gateway for CrewAI, DSPy, Microsoft GraphRAG, and dozens of other AI agent

Prompt injection still drives most agentic AI security failures in production Read More »

Organizations can’t see much of their mobile AI activity

Organizations can’t see much of their mobile AI activity 2026-06-11 at 08:43 By Anamarija Pogorelec Organizations have limited visibility into AI activity on mobile devices despite security leaders expressing confidence in their AI governance, according to Lookout’s “Solving for the Mobile AI Blind Spot: Executive Confidence Meets Technical Reality” report. Mobile AI visibility gaps Enterprises

Organizations can’t see much of their mobile AI activity Read More »

Identity theft is turning into a chain reaction for victims

Identity theft is turning into a chain reaction for victims 2026-06-10 at 18:17 By Sinisa Markovic For a growing number of victims, identity theft no longer ends with a fraudulent charge or a compromised account. More than one in four people who contacted the Identity Theft Resource Center during the reporting period were dealing with

Identity theft is turning into a chain reaction for victims Read More »

Scroll to Top