News

Attackers obtained encrypted password vaults from some Dashlane user accounts

Attackers obtained encrypted password vaults from some Dashlane user accounts 2026-06-05 at 14:34 By Sinisa Markovic Dashlane has disclosed new details about a brute-force attack that let a threat actor access some customer accounts and copy encrypted vaults. Dashlane said it found no evidence that the attackers compromised its internal systems. The company first acknowledged […]

Attackers obtained encrypted password vaults from some Dashlane user accounts Read More »

AI is helping low-skill hackers pull off advanced cyberattacks

AI is helping low-skill hackers pull off advanced cyberattacks 2026-06-05 at 11:34 By Sinisa Markovic Anthropic has published an analysis of cyber-related misuse of its AI systems, examining 832 accounts that were banned for malicious cyber activity between March 2025 and March 2026. The company mapped the observed behavior to the MITRE ATT&CK framework, which

AI is helping low-skill hackers pull off advanced cyberattacks Read More »

Photos: Infosecurity Europe 2026

Photos: Infosecurity Europe 2026 2026-06-05 at 10:16 By Help Net Security Infosecurity Europe 2026 is a cybersecurity event that took place from June 2 to 4 in London. Help Net Security was on-site and here’s a closer look at the conference. The featured vendors are: Microsoft, JupiterOne, Menlo Security, Cato Networks, Falkin, Vivida, Pen Test

Photos: Infosecurity Europe 2026 Read More »

June 2026 Patch Tuesday forecast: Where are the CVEs?

June 2026 Patch Tuesday forecast: Where are the CVEs? 2026-06-05 at 10:16 By Help Net Security My forecast from last month was only partly right. After the Anthropic Mythos announcements and the deluge of newly discovered vulnerabilities from vendors like Mozilla, Microsoft’s updates were standard fare, 65 CVEs reported in Windows 11 and 58 in

June 2026 Patch Tuesday forecast: Where are the CVEs? Read More »

AgentGG: Open-source agentic SAST scanner

AgentGG: Open-source agentic SAST scanner 2026-06-05 at 09:24 By Mirko Zorz Static analysis tools have spent years matching source code against known-bad patterns and handing engineers long lists of candidate issues to triage by hand. AgentGG approaches the same job with AI agents that read the code, follow imports, walk the call graph, and confirm

AgentGG: Open-source agentic SAST scanner Read More »

Thieves can pull off keyless car theft in under a minute and here’s how to stop them

Thieves can pull off keyless car theft in under a minute and here’s how to stop them 2026-06-05 at 09:24 By Mirko Zorz A keyless car can be stolen in under a minute. Two people, a pair of cheap radio amplifiers, and a fob sitting on a hallway table inside the house. That is enough.

Thieves can pull off keyless car theft in under a minute and here’s how to stop them Read More »

AI agent governance gets harder when agents outnumber your people

AI agent governance gets harder when agents outnumber your people 2026-06-05 at 09:24 By Help Net Security In this Help Net Security video, Amit Gautam, CTO at Abluva, explains the security risks that autonomous AI agents bring into enterprise environments. He opens with a real case: a reconciliation agent at a financial services firm had

AI agent governance gets harder when agents outnumber your people Read More »

New infosec products of the week: June 5, 2026

New infosec products of the week: June 5, 2026 2026-06-05 at 09:24 By Anamarija Pogorelec Here’s a look at the most interesting products from the past week, featuring releases from Asimily, depthfirst, Diligent, Hyland, MazeBolt, and Noma. Asimily turns device risk into automated network policy Asimily has launched Segmentation Orchestration, enabling connected-device risk intelligence to

New infosec products of the week: June 5, 2026 Read More »

Most pros have seen AI hallucinations in IT operations

Most pros have seen AI hallucinations in IT operations 2026-06-05 at 09:24 By Anamarija Pogorelec Autonomous AI is taking action inside enterprise IT environments. Software is restarting services, isolating risky devices, and applying patches without waiting for a human to approve the step. The capability is spreading at the same time IT professionals are reporting

Most pros have seen AI hallucinations in IT operations Read More »

ClickFix Is Now Hiring: From Job Platform Impersonation to Python-Based RAT Delivery

ClickFix Is Now Hiring: From Job Platform Impersonation to Python-Based RAT Delivery 2026-06-04 at 23:11 By King Orande and Cris Tomboc The LevelBlue OpsIntel CTI team examined the latest version of the ClickFix campaign, which emerged in early May 2026. The campaign employs a multi-stage phishing delivery chain that impersonates trusted employment and professional networking platforms,

ClickFix Is Now Hiring: From Job Platform Impersonation to Python-Based RAT Delivery Read More »

OAuth marketplace apps keep access after publishers vanish

OAuth marketplace apps keep access after publishers vanish 2026-06-04 at 16:06 By Mirko Zorz Installing an app from the Google Workspace Marketplace or GitHub Marketplace can grant a third party access to company email, files, calendars, code repositories, CI workflows, organization settings, and secrets. Marketplace presence gives these apps the appearance of approval. The OAuth

OAuth marketplace apps keep access after publishers vanish Read More »

The modern-day business can learn a lot about risk from this year’s mega events

The modern-day business can learn a lot about risk from this year’s mega events 2026-06-04 at 13:17 By Help Net Security Every year brings its share of global events, but 2026 is proving to be a banner year for mega-scale entertainment. The year got off to a roaring start with the Winter Olympics, and now

The modern-day business can learn a lot about risk from this year’s mega events Read More »

Spotless compliance evidence can still hide a broken control

Spotless compliance evidence can still hide a broken control 2026-06-04 at 09:26 By Mirko Zorz In this interview with Help Net Security, Marc Rubbinaccio, Head of Cybersecurity and Compliance at Secureframe, explains where security teams go wrong when preparing for CMMC and FedRAMP 20x. The conversation covers how organizations check the 110 requirements but miss

Spotless compliance evidence can still hide a broken control Read More »

Attackers already know the secrets are on your developers’ machines. Do you?

Attackers already know the secrets are on your developers’ machines. Do you? 2026-06-04 at 09:26 By Help Net Security In a recent GitGuardian analysis, an average of 150 secrets were found on a sample of developer endpoints. Private keys accounted for 38% of unique secrets, while cloud, identity provider, and secret management credentials (AWS IAM,

Attackers already know the secrets are on your developers’ machines. Do you? Read More »

From critical to controlled: Cutting vulnerabilities in a live manufacturing environment

From critical to controlled: Cutting vulnerabilities in a live manufacturing environment 2026-06-04 at 09:26 By Help Net Security A vulnerability scanner flags a critical CVSS 10 vulnerability on an industrial asset. The report lands in the boss’ inbox and now he wants to know why we’re sitting on a critical vulnerability. In a normal IT

From critical to controlled: Cutting vulnerabilities in a live manufacturing environment Read More »

Product showcase: Trend Micro Mobile Security detects scams in messages, QR codes, and websites

Product showcase: Trend Micro Mobile Security detects scams in messages, QR codes, and websites 2026-06-04 at 09:26 By Anamarija Pogorelec Trend Micro Mobile Security for iOS protects devices from potentially harmful websites while browsing, blocks ads and personal information trackers, helps users avoid unsafe Wi-Fi networks, and monitors data usage. The app is available for

Product showcase: Trend Micro Mobile Security detects scams in messages, QR codes, and websites Read More »

ETSI sets security requirements for AI data centers and cloud platforms

ETSI sets security requirements for AI data centers and cloud platforms 2026-06-04 at 09:26 By Anamarija Pogorelec ETSI has published TS 104 033, a technical specification that defines security requirements for AI computing platforms. The specification establishes a security framework for platforms used to host AI applications in data center and edge computing environments, covering

ETSI sets security requirements for AI data centers and cloud platforms Read More »

Simplify security management with CIS SecureSuite Platform

Simplify security management with CIS SecureSuite Platform 2026-06-03 at 20:20 By Help Net Security New operating systems prioritize usability, a reality which threat actors use to exploit security gaps. Every misconfiguration creates an opportunity for compromise, and lean teams struggle in their security management efforts to harden hundreds or thousands of endpoints. CIS SecureSuite Membership

Simplify security management with CIS SecureSuite Platform Read More »

Microsoft responds to security challenges facing code, AI agents, and models

Microsoft responds to security challenges facing code, AI agents, and models 2026-06-03 at 20:20 By Sinisa Markovic Microsoft has introduced a series of security tools and capabilities focused on AI-driven vulnerability discovery, AI agents, and AI models. The updates include a multi-agent vulnerability discovery system, new controls for managing and securing AI agents, data protection

Microsoft responds to security challenges facing code, AI agents, and models Read More »

Autonomous AI-driven worm can reason its way through corporate networks

Autonomous AI-driven worm can reason its way through corporate networks 2026-06-03 at 20:20 By Zeljka Zorz Researchers at the University of Toronto, the Vector Institute, and the University of Cambridge have built and tested a proof-of-concept AI-driven worm that does not operate on a fixed list of exploits. Instead, it analyzes each target it encounters,

Autonomous AI-driven worm can reason its way through corporate networks Read More »

Scroll to Top