Shadow AI risks deepen as 31% of users get no employer training 2026-05-01 at 11:49 By Anamarija Pogorelec Between one-fifth and one-third of workers use AI outside the influence and governance of the IT function, according to a global survey of 6,000 full-time employees at enterprise organizations. Researchers found a widening gap between employee AI […]
Shadow AI risks deepen as 31% of users get no employer training Read More »
Open-source privacy proxy masks PII before prompts reach external AI services 2026-05-01 at 11:49 By Sinisa Markovic Enterprise developers routinely send prompts to external large language models that contain customer emails, support transcripts, and other identifying information, often without a sanitization layer between the application and the API. Dataiku has released Kiji Privacy Proxy, an
Open-source privacy proxy masks PII before prompts reach external AI services Read More »
AI traffic is getting bigger, louder, and less predictable 2026-05-01 at 11:49 By Anamarija Pogorelec AI workflows need storage that supports repeated movement across the model lifecycle. Large datasets are ingested, transformed, exported for training, pulled back for evaluation, and refreshed as models evolve. Backblaze’s Q1 2026 Network Stats report says this creates a shift
AI traffic is getting bigger, louder, and less predictable Read More »
New infosec products of the month: April 2026 2026-05-01 at 07:03 By Anamarija Pogorelec Here’s a look at the most interesting products from the past month, featuring releases from Advenica, Aptori, Axonius, Broadcom, GlobalSign, Intruder, IP Fabric, Mallory, Secureframe, Siemens, Sitehop, and Virtue AI. Mallory brings contextual threat intelligence to security operations Mallory is launching
New infosec products of the month: April 2026 Read More »
Incident Response Retainers Are Now Foundational to Cyber Resilience 2026-04-30 at 17:35 By LevelBlue has been named a Representative Service Provider in the Gartner® Market Guide for Cybersecurity Incident Response Retainer Services (CIRR), marking the fifth consecutive time the company has been included in the report. We believe this continued recognition reflects LevelBlue’s ongoing focus
Incident Response Retainers Are Now Foundational to Cyber Resilience Read More »
cPanel zero-day exploited for months before patch release (CVE-2026-41940) 2026-04-30 at 16:45 By Zeljka Zorz A critical authentication bypass vulnerability (CVE-2026-41940) in cPanel, a popular web-based control panel for managing web hosting accounts, is being exploited by attackers in the wild. What’s more, attackers didn’t have to wait for watchTowr security researchers to release technical
cPanel zero-day exploited for months before patch release (CVE-2026-41940) Read More »
Cisco releases open-source toolkit for verifying AI model lineage 2026-04-30 at 16:02 By Mirko Zorz Enterprises pulling models from Hugging Face and other open repositories rarely keep records of how those models are altered after download, leaving organizations with little ability to confirm what they are running in production. The State of AI Security 2026
Cisco releases open-source toolkit for verifying AI model lineage Read More »
Met Police face criticism for using AI to spy on their own officers 2026-04-30 at 15:31 By Sinisa Markovic London police officers have been warned by the Metropolitan Police Federation to watch their backs after the force deployed controversial AI software to investigate misconduct. The staff association, representing more than 30,000 officers in London, reported
Met Police face criticism for using AI to spy on their own officers Read More »
Proxmox Backup Server 4.2 arrives with S3 storage support and parallel sync jobs 2026-04-30 at 15:31 By Anamarija Pogorelec Proxmox Backup Server 4.2 is a maintenance and feature update built on Debian 13.4 “Trixie” that adds S3-compatible object storage as a supported backend and introduces parallel processing for sync jobs. The server ships the new
Proxmox Backup Server 4.2 arrives with S3 storage support and parallel sync jobs Read More »
Researchers develop tool to expose GPS signal spoofing in transit networks 2026-04-30 at 15:31 By Anamarija Pogorelec The Oak Ridge National Laboratory (ORNL) has developed a portable detector that identifies GPS spoofing in real time, including during motion, to help protect transportation systems. Spoofing involves transmitting counterfeit signals that imitate authentic GPS transmissions and produce
Researchers develop tool to expose GPS signal spoofing in transit networks Read More »
Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431) 2026-04-30 at 15:31 By Zeljka Zorz Security researchers at Theori have disclosed a high-severity local privilege escalation (LPE) vulnerability (CVE-2026-31431) in the Linux kernel. The flaw, nicknamed “Copy Fail”, has affected virtually every major Linux distribution shipped since 2017, and a working proof-of-concept (PoC) exploit
Hackers arrested for stealing and reselling 600,000 Roblox accounts 2026-04-30 at 15:31 By Sinisa Markovic Ukrainian police detained three suspects accused of hacking into Roblox accounts and reselling the data on Russian websites, with payments made in cryptocurrency. Police raid (Source: The Prosecutor General’s Office of Ukraine) “Prosecutors of the Lviv region, together with the
Hackers arrested for stealing and reselling 600,000 Roblox accounts Read More »
FIDO Alliance wants to keep AI agents from going rogue on online payments 2026-04-29 at 05:30 By Sinisa Markovic AI agents are beginning to shop, log in, and complete tasks with little direct input. That shift is pushing the security industry to rethink how trust works when actions are carried out on a user’s behalf.
FIDO Alliance wants to keep AI agents from going rogue on online payments Read More »
ShinyHunters claims it stole 1.4 million records from Udemy 2026-04-28 at 22:35 By Sinisa Markovic The ShinyHunters group claims it has breached the Udemy, one of the world’s largest online learning platforms. According to Have I Been Pwned, the leaked dataset contained 1.4 million unique email addresses of customers and instructors, along with names, physical
ShinyHunters claims it stole 1.4 million records from Udemy Read More »
Police arrest 10 suspected members of Black Axe cybercrime gang 2026-04-28 at 22:35 By Sinisa Markovic A coordinated police operation in Switzerland has targeted suspected members of the Black Axe criminal network. On 28 April 2026, authorities carried out house searches across several Swiss cantons, leading to 10 arrests, including the Black Axe ‘Regional Head’
Police arrest 10 suspected members of Black Axe cybercrime gang Read More »
Alleged Chinese hacker extradited to US over cyberattacks targeting COVID-19 research 2026-04-28 at 22:35 By Sinisa Markovic Chinese national Xu Zewei was extradited from Italy to the United States to face charges tied to an alleged cyber espionage campaign that breached thousands of computers worldwide. Xu is charged alongside Zhang Yu, who remains at large.
Alleged Chinese hacker extradited to US over cyberattacks targeting COVID-19 research Read More »
LevelBlue Recognized at Intelligent Insurer’s Cyber Insurance Awards US 2026 2026-04-28 at 18:06 By LevelBlue is proud to be named at the Intelligent Insurer Cyber Insurance Awards US 2026, earning Cyber Security Consulting Services Provider of the Year and being recognized as Highly Commended for the Cyber Security Solution Provider of the Year. This article
LevelBlue Recognized at Intelligent Insurer’s Cyber Insurance Awards US 2026 Read More »
Your IAM was built for humans, AI agents don’t care 2026-04-27 at 11:18 By Help Net Security Identity and access management was built for a simpler world. One where the hardest problem was a human logging in, and where “Who are you?” was sufficient to decide what someone could do. That model served enterprises well
Your IAM was built for humans, AI agents don’t care Read More »
The AI criminal mastermind is already hiring on gig platforms 2026-04-27 at 10:30 By Mirko Zorz Labor-hire platforms let anyone with a credit card post a task and pay a stranger to complete it. The RentAHuman platform extends that model to AI agents through a Model Context Protocol server, allowing an agent to post gigs
The AI criminal mastermind is already hiring on gig platforms Read More »
25 open-source cybersecurity tools that don’t care about your budget 2026-04-27 at 10:30 By Anamarija Pogorelec Regardless of the operating system you use, managing secrets, apps, cloud, compliance, and security operations can be overwhelming. The free, open-source tools presented in this article can help you detect threats, increase visibility, enforce controls, and investigate and respond
25 open-source cybersecurity tools that don’t care about your budget Read More »