News

OpenSSL 4.0.0 release cuts deprecated protocols and gains post-quantum support

Encryption, News, open source, OpenSSL, software /

OpenSSL 4.0.0 release cuts deprecated protocols and gains post-quantum support 2026-04-14 at 18:57 By Anamarija Pogorelec OpenSSL 4.0.0 removes several long-deprecated features, adds support for Encrypted Client Hello, and introduces API-level changes that will require code updates for applications built against older versions. SSLv3, SSLv2 client hello, and engines are gone SSLv3 support has been […]

OpenSSL 4.0.0 release cuts deprecated protocols and gains post-quantum support Read More »

Testing reveals Claude Mythos’s offensive capabilities and limits

AI, Anthropic, Artificial Intelligence, Cloud Security Alliance, cybersecurity, Don't miss, enterprise, Hot stuff, News, security testing, SMBs, tips /

Testing reveals Claude Mythos’s offensive capabilities and limits 2026-04-14 at 18:15 By Zeljka Zorz Could Claude Mythos Preview, Anthropic’s latest large language model, be leveraged for fully automated cyber attacks? The UK government’s AI Security Institute (AISI) tested its capability to successfully engage in capture-the-flag (CTF) challenges and multi-step attack scenarios, and found that that

Testing reveals Claude Mythos’s offensive capabilities and limits Read More »

W3LL phishing service sold for $500 dismantled by the FBI

cybercrime, FBI, law enforcement, News, phishing /

W3LL phishing service sold for $500 dismantled by the FBI 2026-04-14 at 18:15 By Sinisa Markovic The W3LL phishing kit, a cybercrime tool used to impersonate legitimate login pages and steal usernames and passwords, has been dismantled by the FBI and Indonesian law enforcement authorities. Officials estimate the operation was tied to more than $20

W3LL phishing service sold for $500 dismantled by the FBI Read More »

DavMail 6.6.0 patches a regex flaw and advances its Microsoft Graph backend

News, open source, software /

DavMail 6.6.0 patches a regex flaw and advances its Microsoft Graph backend 2026-04-14 at 16:21 By Anamarija Pogorelec Organizations that run DavMail to bridge standard mail clients to Microsoft Exchange or Office 365 received an update this week. Version 6.6.0 addresses a code-scanning alert tied to a regex vulnerability, adjusts OAuth redirect handling to match

DavMail 6.6.0 patches a regex flaw and advances its Microsoft Graph backend Read More »

Basic-Fit hack compromises data of up to 1 million members

breach, cybercrime, data breach, EU, News /

Basic-Fit hack compromises data of up to 1 million members 2026-04-14 at 16:21 By Sinisa Markovic Basic-Fit, a European gym chain, disclosed that hackers breached one of its internal systems, exposing members’ personal data in several countries. The company operates more than 2,150 clubs in 12 countries under two brands, with more than 5.8 million

Basic-Fit hack compromises data of up to 1 million members Read More »

Booking.com data breach: Customer reservation data exposed

data breach, data theft, Don't miss, Hot stuff, News, phishing, scams, Talion, travel industry /

Booking.com data breach: Customer reservation data exposed 2026-04-14 at 16:21 By Zeljka Zorz “Unauthorized third parties may have been able to access certain booking information associated with your reservation,” email alerts sent out by Booking.com over the weekend warn. The online travel agency did not say which system(s) were accessed by the unauthorized third parties

Booking.com data breach: Customer reservation data exposed Read More »

Google to penalize sites that hijack the back button

Google, Google Search, News, policy, spam /

Google to penalize sites that hijack the back button 2026-04-14 at 13:32 By Anamarija Pogorelec Google is broadening its spam policies to crack down on “back button hijacking,” a deceptive practice where websites interfere with browser navigation, blocking users from returning to the page they came from. Instead, users are usually redirected to pages they

Google to penalize sites that hijack the back button Read More »

AI adoption is outpacing the safeguards around it

Artificial Intelligence, cybersecurity, Don't miss, Hot stuff, Incident Response, News, report, Risk Management /

AI adoption is outpacing the safeguards around it 2026-04-14 at 12:59 By Anamarija Pogorelec AI is becoming part of professional and private life, reaching mainstream adoption faster than the personal computer or the internet. These systems are tested in reasoning, safety, and real-world tasks, but the reliability of those measurements remains uncertain. The 2026 AI

AI adoption is outpacing the safeguards around it Read More »

Review: The Psychology of Information Security

Compliance, cyber risk, cybersecurity, Don't miss, News, opinion, Review, Reviews, Risk Management /

Review: The Psychology of Information Security 2026-04-14 at 09:15 By Mirko Zorz Security controls fail when they are designed without regard for the people who must use them. That is the central argument of Leron Zinatullin’s second edition, and it is an argument he builds methodically across 17 chapters that draw from organizational psychology, change

Review: The Psychology of Information Security Read More »

Agentic AI memory attacks spread across sessions and users, and most organizations aren’t ready

agentic AI, Artificial Intelligence, Cisco, Claude Code, cybersecurity, Don't miss, Features, Hot stuff, News, opinion /

Agentic AI memory attacks spread across sessions and users, and most organizations aren’t ready 2026-04-14 at 09:15 By Mirko Zorz In this Help Net Security interview, Idan Habler, AI Security Researcher at Cisco, breaks down a threat most security teams haven’t named yet: agentic memory as an attack surface. Habler walks through MemoryTrap, a disclosed

Agentic AI memory attacks spread across sessions and users, and most organizations aren’t ready Read More »

29 million leaked secrets in 2025: Why AI agents credentials are out of control

Artificial Intelligence, authentication, credentials, cybersecurity, Don't miss, Expert analysis, Expert corner, GitGuardian, Hot stuff, News, opinion /

29 million leaked secrets in 2025: Why AI agents credentials are out of control 2026-04-14 at 08:11 By Help Net Security AI agents need credentials to work. They authenticate with LLM platforms, connect to databases, call SaaS APIs, access cloud resources, and orchestrate across dozens of external services. Every integration point requires an identity. Most

29 million leaked secrets in 2025: Why AI agents credentials are out of control Read More »

Zero trust at year two: What nobody planned for

CISO, cybersecurity, News, Oleria, strategy, tips, Video, zero trust /

Zero trust at year two: What nobody planned for 2026-04-14 at 08:11 By Help Net Security In this Help Net Security video, Jim Alkove, CEO of Oleria, walks through where zero trust programs typically stand one to two years in. Most organizations have made gains in endpoint security and network segmentation, but identity remains the

Zero trust at year two: What nobody planned for Read More »

Cybersecurity jobs available right now: April 14, 2026

cybersecurity jobs, News /

Cybersecurity jobs available right now: April 14, 2026 2026-04-14 at 07:03 By Anamarija Pogorelec Cyber Security Engineer/Application Security Specialist Tecnots | India | On-site – View job details As a Cyber Security Engineer/Application Security Specialist, you will integrate security into the SDLC, perform application security reviews, and support secure APIs, authentication, and data protection. You

Cybersecurity jobs available right now: April 14, 2026 Read More »

Hackers hijacked CPUID downloads, served STX RAT to victims

data theft, Don't miss, Hot stuff, Kaspersky, Malware, News, Remote Access Trojan, Windows /

Hackers hijacked CPUID downloads, served STX RAT to victims 2026-04-13 at 16:08 By Zeljka Zorz If you tried to download software from CPUID’s website late last week, you might have downloaded malware instead. “Investigations are still ongoing, but it appears that a secondary feature (basically a side API) was compromised for approximately six hours between

Hackers hijacked CPUID downloads, served STX RAT to victims Read More »

Rockstar Games receives “pay or leak” warning after cyberattack

data breach, Data leak, News, online gaming /

Rockstar Games receives “pay or leak” warning after cyberattack 2026-04-13 at 15:44 By Anamarija Pogorelec Rockstar Games, the developer behind titles such as Grand Theft Auto and Red Dead Redemption, has confirmed a cyberattack claimed by hacking group ShinyHunters, which says it accessed the company’s Snowflake environment and obtained data. The attackers exploited Anodot, a

Rockstar Games receives “pay or leak” warning after cyberattack Read More »

$12 million frozen, 20,000 victims identified in crypto scam crackdown

Cryptocurrency, cybercrime, fraud, National Crime Agency, News /

$12 million frozen, 20,000 victims identified in crypto scam crackdown 2026-04-13 at 15:44 By Sinisa Markovic More than $12 million has been frozen, and over 20,000 victims have been identified in an international law enforcement operation targeting cryptocurrency and investment scammers. Authorities also uncovered more than $45 million in suspected cryptocurrency fraud losses worldwide. One

$12 million frozen, 20,000 victims identified in crypto scam crackdown Read More »

Google makes it harder to exploit Pixel 10 modem firmware

cybersecurity, firmware, Google, mobile devices, News /

Google makes it harder to exploit Pixel 10 modem firmware 2026-04-13 at 15:44 By Sinisa Markovic Google is working to improve the security of Pixel phones by focusing on the cellular baseband modem, a part of the device that handles communication with mobile networks and processes external data. In the Pixel 9, the company introduced

Google makes it harder to exploit Pixel 10 modem firmware Read More »

Adobe issues emergency fix for Acrobat Reader flaw exploited in the wild (CVE-2026-34621)

0-day, Adobe, Adobe Reader, Don't miss, Expmon, Hot stuff, News, PDF /

Adobe issues emergency fix for Acrobat Reader flaw exploited in the wild (CVE-2026-34621) 2026-04-13 at 13:22 By Zeljka Zorz Adobe has pushed out an emergency security update for Adobe Acrobat Reader, patching a zero-day vulnerability (CVE-2026-34621) exploited in the wild since November 2025. About CVE-2026-34621 CVE-2026-34621 is a critical prototype pollution vulnerability – a type

Adobe issues emergency fix for Acrobat Reader flaw exploited in the wild (CVE-2026-34621) Read More »

Seized VerifTools servers expose 915,655 fake IDs, 8 arrested

cybercrime, cybersecurity, EU, fraud, identity, law enforcement, News /

Seized VerifTools servers expose 915,655 fake IDs, 8 arrested 2026-04-13 at 13:22 By Anamarija Pogorelec On April 7 and 8, Dutch police arrested eight suspects in a nationwide operation targeting users of the VerifTools platform as part of an identity fraud investigation. The suspects, all men aged 20 to 34, are accused of identity fraud,

Seized VerifTools servers expose 915,655 fake IDs, 8 arrested Read More »

ZeroID: Open-source identity platform for autonomous AI agents

agentic AI, Artificial Intelligence, Don't miss, GitHub, Highflame, Hot stuff, News, open source, software /

ZeroID: Open-source identity platform for autonomous AI agents 2026-04-13 at 09:02 By Mirko Zorz ZeroID is an open-source identity platform that implements an identity and credentialing layer specifically for autonomous agents and multi-agent systems. The attribution problem The core issue ZeroID targets is attribution in agentic workflows. When an orchestrator agent spawns sub-agents to carry

ZeroID: Open-source identity platform for autonomous AI agents Read More »

Scroll to Top