News

Meta and PortSwigger drive offensive security further to find what others miss

bug bounty, Meta, News, PortSwigger, vulnerability disclosure /

Meta and PortSwigger drive offensive security further to find what others miss 2026-04-20 at 11:16 By Anamarija Pogorelec Meta Bug Bounty and PortSwigger have formed a partnership to help security researchers sharpen their skills, collaborate more closely, and improve vulnerability discovery. The initiative combines Meta’s bug bounty program with PortSwigger’s Burp Suite, reflecting a shared […]

Meta and PortSwigger drive offensive security further to find what others miss Read More »

EU pushes for stronger cloud sovereignty, awards €180 million to four providers

Cloud, EU, European Commission, News, resilience /

EU pushes for stronger cloud sovereignty, awards €180 million to four providers 2026-04-20 at 10:30 By Sinisa Markovic The European Commission is stepping up efforts to strengthen the EU’s digital sovereignty by awarding a cloud services tender worth up to €180 million over six years. The initiative gives EU institutions and agencies access to sovereign

EU pushes for stronger cloud sovereignty, awards €180 million to four providers Read More »

SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines

DevOps, Don't miss, GitHub, News, open source, software /

SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines 2026-04-20 at 09:14 By Mirko Zorz Boost Security has released SmokedMeat, an open-source framework that runs attack chains against CI/CD infrastructure so engineering and security teams can see what an attacker would do in their specific environment. What the tool does SmokedMeat takes a flagged

SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines Read More »

How to spot a North Korean fake in a job interview

deepfakes, Don't miss, Flare, identity, News, Threat Intelligence, Video /

How to spot a North Korean fake in a job interview 2026-04-20 at 08:17 By Help Net Security North Korean operatives are getting hired at companies by passing job interviews using fake identities and AI tools. In this Help Net Security video, Adrian Cheek, a senior cybercrime researcher at Flare, outlines several ways organizations can

How to spot a North Korean fake in a job interview Read More »

Product showcase: Syncthing for secure, private file synchronization

Encryption, file-sharing, News, open source, Privacy, Product showcase, software /

Product showcase: Syncthing for secure, private file synchronization 2026-04-20 at 07:52 By Anamarija Pogorelec Syncthing is a free and open-source application that synchronizes files directly between your devices. Instead of uploading data to a central server, it uses a peer-to-peer approach, transferring files whenever peers are online. This decentralized model ensures that your data remains

Product showcase: Syncthing for secure, private file synchronization Read More »

Week in review: Acrobat Reader flaw exploited, Claude Mythos offensive capabilities and limits

News, Week in review /

Week in review: Acrobat Reader flaw exploited, Claude Mythos offensive capabilities and limits 2026-04-19 at 11:49 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Bringing governance and visibility to machine and AI identities In this Help Net Security interview, Archit Lohokare, CEO of AppViewX,

Week in review: Acrobat Reader flaw exploited, Claude Mythos offensive capabilities and limits Read More »

Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild

0-day, Don't miss, exploit, Hot stuff, Huntress, Microsoft, Microsoft Defender, News, PoC /

Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild 2026-04-17 at 14:32 By Zeljka Zorz The security researcher who earlier this month published a proof-of-concept (PoC) exploit for a zero-day privilege escalation vulnerability in Microsoft Defender is back with two more. The first, dubbed “RedSun,” is another privilege escalation flaw

Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild Read More »

Mozilla challenges enterprise AI providers with Thunderbolt, open-source AI client under your control

Artificial Intelligence, Mozilla, News, open source /

Mozilla challenges enterprise AI providers with Thunderbolt, open-source AI client under your control 2026-04-17 at 14:32 By Sinisa Markovic For organizations that want to keep company data within their own systems and have more control over how AI is deployed, Mozilla is offering an alternative to externally hosted AI services with Thunderbolt, an open-source AI

Mozilla challenges enterprise AI providers with Thunderbolt, open-source AI client under your control Read More »

Google wipes out 602 million scam ads with Gemini on duty

Artificial Intelligence, cybercrime, Google, malvertising, News, scams /

Google wipes out 602 million scam ads with Gemini on duty 2026-04-17 at 13:59 By Sinisa Markovic Google claims that its security teams work around the clock using its Gemini AI models to detect and stop harmful ads. “Bad actors are using generative AI to create deceptive ads at scale, and Gemini helps us detect

Google wipes out 602 million scam ads with Gemini on duty Read More »

Android 17 Beta 4 arrives with post-quantum cryptography and new memory limits

Android, Google, News, operating system /

Android 17 Beta 4 arrives with post-quantum cryptography and new memory limits 2026-04-17 at 09:24 By Sinisa Markovic Google shipped Android 17 Beta 4 on April 16, marking the last scheduled beta in the Android 17 release cycle. The build targets app compatibility testing and platform stability ahead of the final release, and it carries

Android 17 Beta 4 arrives with post-quantum cryptography and new memory limits Read More »

Apple AirTag tracking can be misled by replayed Bluetooth signals

apple, hardware, location tracking, News, Privacy, tracking /

Apple AirTag tracking can be misled by replayed Bluetooth signals 2026-04-17 at 09:24 By Sinisa Markovic Apple’s AirTag is designed to help users track lost items by relying on a vast network of nearby Apple devices. New research shows that this same system can be manipulated to display locations where an AirTag has never been.

Apple AirTag tracking can be misled by replayed Bluetooth signals Read More »

Social media bans might steer kids into riskier corners of the internet

data, News, Privacy, regulation, social media, Zimperium /

Social media bans might steer kids into riskier corners of the internet 2026-04-17 at 08:10 By Sinisa Markovic Governments are moving to block children under 16 from social media in the name of safety. But once these measures move from policy to practice, they raise a harder question: what happens when protecting kids requires collecting

Social media bans might steer kids into riskier corners of the internet Read More »

New infosec products of the week: April 17, 2026

Axonius, Broadcom, News, Siemens /

New infosec products of the week: April 17, 2026 2026-04-17 at 07:42 By Anamarija Pogorelec Here’s a look at the most interesting products from the past week, featuring releases from Axonius, Broadcom, Siemens, and Sitehop. Axonius updates Asset Cloud with AI, exposure management, and asset trust standard Axonius has expanded its Asset Cloud with AI-powered

New infosec products of the week: April 17, 2026 Read More »

Workplace stress in 2026 is still worse than before the pandemic

burnout, Don't miss, News, report, research /

Workplace stress in 2026 is still worse than before the pandemic 2026-04-17 at 07:42 By Mirko Zorz Roughly 40% of employees worldwide said they experienced a lot of stress during the previous day, according to Gallup’s State of the Global Workplace 2026 report, a figure that has remained above pre-pandemic levels for several years. Daily

Workplace stress in 2026 is still worse than before the pandemic Read More »

NIST admits defeat on NVD backlog, will enrich only highest-risk CVEs going forward

CVE, Don't miss, ENISA, Hot stuff, News, NIST, vulnerability assessment, vulnerability management /

NIST admits defeat on NVD backlog, will enrich only highest-risk CVEs going forward 2026-04-16 at 19:48 By Zeljka Zorz NIST is overhauling how it manages the National Vulnerability Database (NVD) and switching to a risk-based model that prioritizes “enrichment” of only the most critical CVE-numbered security vulnerabilities. “This change is driven by a surge in

NIST admits defeat on NVD backlog, will enrich only highest-risk CVEs going forward Read More »

Fortinet fixes critical FortiSandbox vulnerabilities (CVE-2026-39813, CVE-2026-39808)

Fortinet, Hot stuff, News, sandbox, security update, vulnerability /

Fortinet fixes critical FortiSandbox vulnerabilities (CVE-2026-39813, CVE-2026-39808) 2026-04-16 at 18:37 By Zeljka Zorz Two vulnerabilities (CVE-2026-39813, CVE-2026-39808) in FortiSandbox could be leveraged by unauthenticated attackers to bypass authentication and execute unauthorized code or commands on vulnerable systems. Both vulnerabilities can be triggered with a specially crafted HTTP request, putting unpatched FortiSandbox deployments at risk. About

Fortinet fixes critical FortiSandbox vulnerabilities (CVE-2026-39813, CVE-2026-39808) Read More »

Anthropic releases Claude Opus 4.7 with automated cybersecurity safeguards

agentic AI, Anthropic, Artificial Intelligence, cybersecurity, Don't miss, News /

Anthropic releases Claude Opus 4.7 with automated cybersecurity safeguards 2026-04-16 at 18:06 By Sinisa Markovic Software teams building agentic AI workflows have been pushing frontier models toward longer, unsupervised task runs. Claude Opus 4.7, now generally available from Anthropic, is aimed squarely at that demand, with particular gains in software engineering, multimodal processing, and the

Anthropic releases Claude Opus 4.7 with automated cybersecurity safeguards Read More »

Google Play is changing how Android apps access your contacts and location

Android, Google, Google Play, News, policy, Privacy /

Google Play is changing how Android apps access your contacts and location 2026-04-16 at 15:03 By Anamarija Pogorelec Google’s new set of Google Play policy updates and account transfer feature strengthen user privacy and protect businesses from fraud. Google is also expanding features for managing new contact and location policy changes to support a smoother,

Google Play is changing how Android apps access your contacts and location Read More »

Cargo theft malware actor spent a month inside a decoy network before researchers pulled the plug

cybercrime, cybersecurity, Data exfiltration, Don't miss, fraud, Malware, News, PowerShell, Proofpoint, Pulseway, SimpleHelp, social engineering /

Cargo theft malware actor spent a month inside a decoy network before researchers pulled the plug 2026-04-16 at 13:34 By Mirko Zorz Proofpoint researchers executed a malicious payload from a threat actor known to target trucking and logistics companies in late February 2026, doing so inside a decoy environment. The environment stayed compromised for more

Cargo theft malware actor spent a month inside a decoy network before researchers pulled the plug Read More »

Tails 7.6.2 patches vulnerability that could expose saved files

anonymity, Hot stuff, News, Privacy, security update, Tails, vulnerability /

Tails 7.6.2 patches vulnerability that could expose saved files 2026-04-16 at 13:34 By Anamarija Pogorelec The Tails Project released Tails v7.6.2, an emergency release of the popular open source secure portable operating system. What is Tails? Tails, which is based on Debian GNU/Linux, is aimed at users who want to preserve their online privacy and

Tails 7.6.2 patches vulnerability that could expose saved files Read More »

Scroll to Top