News

The security questions around Chinese AI coding models in U.S. software

The security questions around Chinese AI coding models in U.S. software 2026-06-09 at 08:46 By Anamarija Pogorelec Software developers across the United States are using AI models built in China to write, debug, and review code, drawn by prices below those of American alternatives. These models carry risks for the security of American software, according […]

The security questions around Chinese AI coding models in U.S. software Read More »

Malware ships with bugs that defenders could use against it

Malware ships with bugs that defenders could use against it 2026-06-09 at 08:46 By Anamarija Pogorelec Static analysis tools have spent years scanning legitimate software for security bugs before it goes out the door. The same scanners work on malware, and malware carries a steady supply of its own bugs. Researchers ran four of these

Malware ships with bugs that defenders could use against it Read More »

Treating AI agents like service accounts for federated query security

Treating AI agents like service accounts for federated query security 2026-06-09 at 08:46 By Mirko Zorz In this interview with Help Net Security, Paras Malhotra, CISO at Starburst, explains how the company handles data governance across federated query environments. Topics include layering Starburst’s access controls above native source permissions, tiering vendor risk across more than

Treating AI agents like service accounts for federated query security Read More »

Cybersecurity jobs available right now: June 9, 2026

Cybersecurity jobs available right now: June 9, 2026 2026-06-09 at 08:46 By Anamarija Pogorelec Application Security Architect INTENSITY Global Group | Israel | Hybrid – View job details As an Application Security Architect, you will design secure application architectures, perform threat modeling and security assessments, define security standards and controls, integrate security into the SDLC

Cybersecurity jobs available right now: June 9, 2026 Read More »

Meta claims NSO Group still targets WhatsApp users despite court order

Meta claims NSO Group still targets WhatsApp users despite court order 2026-06-08 at 23:44 By Sinisa Markovic Meta claims it disrupted spear-phishing attempts linked to NSO Group and is asking a US federal court to hold the spyware vendor in contempt for allegedly violating an injunction that bars it from targeting WhatsApp and its users.

Meta claims NSO Group still targets WhatsApp users despite court order Read More »

Microsoft changes how Defender for Endpoint EDR updates are delivered on Windows

Microsoft changes how Defender for Endpoint EDR updates are delivered on Windows 2026-06-08 at 20:33 By Sinisa Markovic Microsoft will distribute Defender for Endpoint EDR updates through Microsoft Update, enabling EDR security improvements to be released independently of monthly Windows operating system updates. The rollout started for Windows 10 devices in late May 2026 and

Microsoft changes how Defender for Endpoint EDR updates are delivered on Windows Read More »

Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)

Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751) 2026-06-08 at 16:16 By Zeljka Zorz A Qilin ransomware affiliate is believed to be exploiting CVE-2026-50751, an authentication bypass vulnerability in Check Point VPN Remote Access and Mobile Access, the company announced on Monday. About CVE-2026-50751 Check Point Remote Access VPN enables and secures connections between

Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751) Read More »

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318) 2026-06-08 at 14:07 By Zeljka Zorz A vulnerability (CVE-2026-28318) that can be exploited to crash SolarWinds Serv-U file transfer servers is being leveraged by attackers in the wild, the US Cybersecurity and Infrastructure Security Agency (CISA) confirmed on Friday. The agency has ordered US federal civilian

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318) Read More »

OpenAI is locking down parts of ChatGPT to reduce data theft risks

OpenAI is locking down parts of ChatGPT to reduce data theft risks 2026-06-08 at 13:09 By Anamarija Pogorelec OpenAI has started rolling out Lockdown Mode for ChatGPT, an optional security setting that restricts access to external resources and several product capabilities. It is available for personal accounts, including Free, Go, Plus, and Pro plans, as

OpenAI is locking down parts of ChatGPT to reduce data theft risks Read More »

When attacks spread too far: Lessons from real cyber attack case studies

When attacks spread too far: Lessons from real cyber attack case studies 2026-06-08 at 13:09 By Help Net Security In this Help Net Security video, Michael Adjei, Director, Systems Engineering at Illumio, explains three real world cyber attacks and what went wrong during detection. Adjei walks through a collaboration tool scam that copied Microsoft Teams,

When attacks spread too far: Lessons from real cyber attack case studies Read More »

DockSec: Open-source AI-powered Docker security scanner

DockSec: Open-source AI-powered Docker security scanner 2026-06-08 at 13:09 By Mirko Zorz DockSec is an OWASP Incubator Project that combines three container security scanners with a language-model layer for explanation and remediation. Created by Advait Patel, the Python tool runs Trivy, Hadolint, and Docker Scout against a developer’s Dockerfile and image, correlates the findings, returns

DockSec: Open-source AI-powered Docker security scanner Read More »

Samsung just made Galaxy phones more secure in One UI 9 beta

Samsung just made Galaxy phones more secure in One UI 9 beta 2026-06-08 at 12:13 By Anamarija Pogorelec Samsung’s One UI 9 beta integrates Lockdown mode into the power menu. This is the screen that contains Power off, Restart, and emergency options. Opening it initiates Lockdown mode, disabling biometric authentication. “We tried it out on

Samsung just made Galaxy phones more secure in One UI 9 beta Read More »

Google Colab CLI opens runtimes to Claude Code and Codex

Google Colab CLI opens runtimes to Claude Code and Codex 2026-06-08 at 08:00 By Anamarija Pogorelec Google released the Google Colab Command-Line Interface, a tool that connects local terminals to remote Colab runtimes. The CLI provides an execution platform for developers and AI agents, letting users provision compute, run local Python scripts on remote runtimes,

Google Colab CLI opens runtimes to Claude Code and Codex Read More »

Cybercriminals create 19,000 FIFA-themed domains ahead of 2026 World Cup

Cybercriminals create 19,000 FIFA-themed domains ahead of 2026 World Cup 2026-06-08 at 07:30 By Sinisa Markovic Fans looking for tickets, accommodation and match broadcasts are already encountering scams tied to the 2026 FIFA World Cup. The 2026 FIFA World Cup will bring millions of visitors and an estimated 6 billion spectators to a tournament spread

Cybercriminals create 19,000 FIFA-themed domains ahead of 2026 World Cup Read More »

GitHub Copilot app launches as desktop home for AI coding agents

GitHub Copilot app launches as desktop home for AI coding agents 2026-06-08 at 07:15 By Sinisa Markovic GitHub introduced the Copilot app, a desktop application built for working with AI coding agents, at Microsoft Build 2026. The release expands GitHub’s Copilot product line beyond editor integrations and command-line tools into a dedicated workspace for directing

GitHub Copilot app launches as desktop home for AI coding agents Read More »

52% of direct-to-IP threats are missing from intelligence feeds

52% of direct-to-IP threats are missing from intelligence feeds 2026-06-08 at 07:00 By Anamarija Pogorelec Security tools are good at inspecting websites, domains, URLs, and files, so attackers are moving lower in the stack and communicating directly with IP addresses, where visibility is limited. According to Palo Alto Networks’ report, this creates a visibility gap

52% of direct-to-IP threats are missing from intelligence feeds Read More »

Week in review: Cisco SD-WAN 0-day exploited, Patch Tuesday forecast

Week in review: Cisco SD-WAN 0-day exploited, Patch Tuesday forecast 2026-06-07 at 12:52 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: OWASP Agent Memory Guard: Stop AI agents from being weaponized through their own memory Agent Memory Guard is an open-source runtime defense layer

Week in review: Cisco SD-WAN 0-day exploited, Patch Tuesday forecast Read More »

Let’s Encrypt works toward post-quantum certificates at web scale

Let’s Encrypt works toward post-quantum certificates at web scale 2026-06-05 at 15:49 By Anamarija Pogorelec Let’s Encrypt plans to pursue a post-quantum-safe Web PKI through Merkle Tree Certificates (MTCs), a new approach that adds post-quantum authentication to the web without sacrificing the speed and reliability that have made TLS universal. The project is targeting late

Let’s Encrypt works toward post-quantum certificates at web scale Read More »

Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245)

Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245) 2026-06-05 at 15:49 By Zeljka Zorz A 0-day privilege escalation vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager that has yet to be patched by Cisco is being leveraged by attackers. “To exploit this vulnerability, an attacker must have netadmin privileges on an affected system. This would require

Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245) Read More »

Scroll to Top