Two US nationals jailed over scheme that generated $5 million for the North Korean regime 2026-04-16 at 13:07 By Sinisa Markovic Two US nationals have been sentenced for their role in a scheme that placed North Korean IT workers inside American companies under false identities. Over several years, the operation used stolen identities from at […]
OpenAI updates Agents SDK, adds sandbox for safer code execution 2026-04-16 at 12:11 By Anamarija Pogorelec OpenAI’s updated Agents SDK helps developers build agents that inspect files, run commands, edit code, and handle tasks within controlled sandbox environments. The update provides standardized infrastructure for OpenAI models, a model-native harness that lets agents work with files
OpenAI updates Agents SDK, adds sandbox for safer code execution Read More »
Anthropic tests user trust with ID and selfie checks for Claude 2026-04-16 at 11:16 By Sinisa Markovic Anthropic announced identity verification for Claude using government ID and selfie checks, becoming the first major AI chatbot to do so, a move that may prove unpopular with users. Having built its reputation around privacy in the AI
Anthropic tests user trust with ID and selfie checks for Claude Read More »
GitHub lays out copyright liability changes and upcoming DMCA review for developers 2026-04-16 at 10:31 By Mirko Zorz A U.S. Supreme Court ruling issued in March has settled a question that has circulated among platform operators and developers for years: whether a service provider can be held liable for copyright infringement committed by its users
GitHub lays out copyright liability changes and upcoming DMCA review for developers Read More »
EU cybersecurity standards are at risk if supplier ban passes 2026-04-16 at 10:16 By Mirko Zorz Today, the European standards body ETSI sent a formal position paper to the European Commission, calling for changes to the proposed Cybersecurity Act 2 (CSA2), the EU’s planned revision to its existing cybersecurity certification framework. The paper focuses on
EU cybersecurity standards are at risk if supplier ban passes Read More »
Command integrity breaks in the LLM routing layer 2026-04-16 at 09:02 By Sinisa Markovic Systems that rely on LLM agents often send requests through intermediary routing services before reaching a model. These routers connect to different providers through a single endpoint and manage how requests are handled. This layer can influence what gets executed and
Command integrity breaks in the LLM routing layer Read More »
Product showcase: Ente Auth encrypts, backs up, and syncs 2FA 2026-04-16 at 08:11 By Anamarija Pogorelec Two-factor authentication (2FA) is an essential layer of protection for online accounts, and Ente Auth makes it easier to manage securely across devices. Ente Auth is a free, open-source authenticator app designed to generate and store one-time passcodes for
Product showcase: Ente Auth encrypts, backs up, and syncs 2FA Read More »
European AI spending set to hit $290 billion by 2029 2026-04-16 at 07:47 By Sinisa Markovic European enterprises are committing serious money to AI, and the numbers are accelerating. According to IDC’s Worldwide AI and Generative AI Spending Guide, AI spending across Europe will reach $290 billion by 2029, growing at a compound annual growth
European AI spending set to hit $290 billion by 2029 Read More »
Wi-Fi roaming security practices for access network providers and identity providers 2026-04-16 at 07:47 By Anamarija Pogorelec Public Wi-Fi roaming networks carry authentication credentials across multiple administrative boundaries, and the protocols governing that process vary widely in their security properties. The Wireless Broadband Alliance published a set of guidelines that specifies which authentication, encryption, and
Wi-Fi roaming security practices for access network providers and identity providers Read More »
Windows is getting stronger RDP file protections to fight phishing attacks 2026-04-16 at 01:19 By Sinisa Markovic Microsoft has introduced new Windows protections starting with the April 2026 security update to reduce phishing attacks that abuse Remote Desktop (.rdp) files. With these updates, the Remote Desktop Connection app displays stronger warning dialogs before a connection
Windows is getting stronger RDP file protections to fight phishing attacks Read More »
Webinar: The IT Leader’s Guide to AI Governance 2026-04-15 at 16:07 By Help Net Security Generative AI is moving from experimentation to everyday enterprise use, often faster than governance models were designed to support. As adoption accelerates, organizations are navigating the evolving landscape with new questions around security, data privacy, compliance, and control, all while
Webinar: The IT Leader’s Guide to AI Governance Read More »
Raspberry Pi OS 6.2 disables passwordless sudo by default 2026-04-15 at 14:29 By Anamarija Pogorelec Raspberry Pi OS 6.2, based on the Trixie version, introduces small changes, bug fixes, and disables passwordless sudo by default for new installations. Screenshot of password prompt (Source: Raspberry Pi) “We continually review the security of Raspberry Pi OS to
Raspberry Pi OS 6.2 disables passwordless sudo by default Read More »
What changed in nginx 1.30.0 and what it means for your upstream config 2026-04-15 at 14:29 By Anamarija Pogorelec nginx 1.30.0 brings together features accumulated across the 1.29.x mainline series. The release covers a broad range of changes, from protocol support additions to security-relevant fixes and new configuration options. Keepalive to upstreams is now on
What changed in nginx 1.30.0 and what it means for your upstream config Read More »
OpenAI expands its cyber defense program with GPT-5.4-Cyber for vetted researchers 2026-04-15 at 10:02 By Sinisa Markovic Defending critical software has long depended on the ability to find and fix vulnerabilities faster than attackers can exploit them. OpenAI is expanding a program designed to give professional defenders prioritized access to AI tools built for that
OpenAI expands its cyber defense program with GPT-5.4-Cyber for vetted researchers Read More »
Coordinated vulnerability disclosure is now an EU obligation, but cultural change takes time 2026-04-15 at 10:02 By Mirko Zorz In this Help Net Security interview, Nuno Rodrigues Carvalho, Head of Sector for Incident and Vulnerability Services at ENISA, discusses the recent CVE funding scare and what it exposed about the fragility of global vulnerability disclosure
The exploit gap is closing, and your patch cycle wasn’t built for this 2026-04-15 at 10:02 By Mirko Zorz The Cloud Security Alliance has published a briefing on what it calls a turning point in the threat landscape: the time between a vulnerability being discovered and a working exploit is shrinking fast. The briefing centers
The exploit gap is closing, and your patch cycle wasn’t built for this Read More »
Legitify: Open-source scanner for security misconfigurations on GitHub and GitLab 2026-04-15 at 08:18 By Anamarija Pogorelec Misconfigured source code management platforms remain a common entry point in software supply chain attacks, and organizations often lack visibility into which settings put them at risk. Legitify, an open-source tool from Legit Security, addresses that gap by scanning
Legitify: Open-source scanner for security misconfigurations on GitHub and GitLab Read More »
Product showcase: Stop secrets from leaking through AI coding tools with GitGuardian 2026-04-15 at 07:32 By Help Net Security AI coding assistants are quickly becoming part of everyday development. Tools like Cursor, Claude Code, and GitHub Copilot can now do more than suggest code. They can read files, run shell commands, and call external tools
Product showcase: Stop secrets from leaking through AI coding tools with GitGuardian Read More »
Network segmentation projects fail in predictable patterns 2026-04-15 at 07:25 By Mirko Zorz Most enterprise networks have segmentation on the roadmap. Many have had it there for years. A survey of 400 U.S.-based network security practitioners who lived through failed segmentation projects finds that failure clusters into four distinct patterns, and the type of failure
Network segmentation projects fail in predictable patterns Read More »
Microsoft ends desktop detour for sensitivity labels in Office web apps 2026-04-15 at 01:42 By Sinisa Markovic Microsoft is rolling out an update to Office for the web that removes a long-standing limitation around document protection, adding new control to browser-based apps. Specifying users in the Permissions dialog (Source: Microsoft) Users can now apply sensitivity
Microsoft ends desktop detour for sensitivity labels in Office web apps Read More »