News

The AI backdoor your security stack is not built to see

The AI backdoor your security stack is not built to see 2026-05-18 at 09:42 By Sinisa Markovic Enterprises deploying LLMs have spent the past two years building defenses around a reasonable assumption: malicious behavior leaves a trace in the input. Scan for suspicious tokens, filter unusual characters, watch for prompt injection patterns. New research from […]

The AI backdoor your security stack is not built to see Read More »

AI shrinks vulnerability exploitation window to hours

AI shrinks vulnerability exploitation window to hours 2026-05-18 at 09:42 By Anamarija Pogorelec Time has become organizations’ biggest vulnerability because the gap between vulnerability discovery and exploitation has narrowed to hours, according to Synack’s 2026 State of Vulnerabilities Report. Total vulnerabilities by severity (2022-2025) (Source: Synack) AI expands the attack surface Agentic AI systems that

AI shrinks vulnerability exploitation window to hours Read More »

Lyrie: Open-source autonomous pentesting agent

Lyrie: Open-source autonomous pentesting agent 2026-05-18 at 09:42 By Sinisa Markovic Penetration testing has usually required weeks of manual work, specialized tooling, and teams with narrow skill sets. Lyrie, an open-source autonomous security agent built by OTT Cybersecurity, compresses that process into a command line tool and publishes the entire codebase. The project reached version

Lyrie: Open-source autonomous pentesting agent Read More »

Product showcase: McAfee + ChatGPT integration turns doubt into a scam check

Product showcase: McAfee + ChatGPT integration turns doubt into a scam check 2026-05-18 at 08:02 By Anamarija Pogorelec McAfee + ChatGPT integration brings real-time scam detection in conversations and gives users an easier way to verify suspicious content before clicking or responding. It is available to anyone, without requiring a McAfee or ChatGPT subscription. It

Product showcase: McAfee + ChatGPT integration turns doubt into a scam check Read More »

When ransomware hits, confidence doesn’t restore endpoints

When ransomware hits, confidence doesn’t restore endpoints 2026-05-18 at 07:03 By Anamarija Pogorelec Ransomware, supply chain vulnerabilities, insider threats, compliance failures, and software disruptions remain major concerns for security leaders, according to The Ransomware Reality: Zero Days to Recover report by Absolute Security. How CISOs currently ensure endpoint resilience against ransomware (overall, %) (Source: Absolute

When ransomware hits, confidence doesn’t restore endpoints Read More »

Debian 13.5 point release lands with security fixes, bug patches

Debian 13.5 point release lands with security fixes, bug patches 2026-05-18 at 01:03 By Anamarija Pogorelec Debian 13.5 is the fifth point release for the stable distribution “trixie.” The update folds in roughly 100 Debian Security Advisories and corrections for more than 130 source packages, covering everything from the Linux kernel and Apache HTTP Server

Debian 13.5 point release lands with security fixes, bug patches Read More »

Week in review: Cisco patches SD-WAN 0-day, unpatched Microsoft Exchange Server flaw exploited

Week in review: Cisco patches SD-WAN 0-day, unpatched Microsoft Exchange Server flaw exploited 2026-05-17 at 14:40 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Review: Foundations of Cybersecurity, 2nd edition Jason Andress has refreshed his introductory security text for No Starch Press. He writes

Week in review: Cisco patches SD-WAN 0-day, unpatched Microsoft Exchange Server flaw exploited Read More »

Google lets Workspace admins apply one policy across all SAML apps

Google lets Workspace admins apply one policy across all SAML apps 2026-05-15 at 16:07 By Sinisa Markovic Google has updated Context-Aware Access (CAA) in Google Workspace to introduce a default policy assignment for SAML applications. SAML applications are third-party or internal applications that use the Security Assertion Markup Language (SAML) protocol to enable single sign-on

Google lets Workspace admins apply one policy across all SAML apps Read More »

Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182)

Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182) 2026-05-15 at 16:07 By Zeljka Zorz Cisco has patched yet another Catalyst SD-WAN Controller authentication bypass vulnerability (CVE-2026-20182) that has been exploited as a zero-day by “a highly sophisticated cyber threat actor”. About CVE-2026-20182 CVE-2026-20182 – affecting both Cisco Catalyst SD-WAN Controller (the “brain” of the Cisco

Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182) Read More »

Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897)

Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897) 2026-05-15 at 14:32 By Zeljka Zorz A critical cross-site scripting (XSS) vulnerability (CVE-2026-42897) in Microsoft Exchange Server is being exploited by attackers, Microsoft warned on Thursday. A permanent fix is still in the works. In the meantime, Microsoft provided temporary mitigations. About CVE-2026-42897 CVE-2026-42897 affects on-premises versions of

Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897) Read More »

Thieves unlock stolen iPhones using cheap tools sold on Telegram

Thieves unlock stolen iPhones using cheap tools sold on Telegram 2026-05-15 at 14:32 By Sinisa Markovic Helping a friend recover a stolen phone, Infoblox researchers uncovered a thriving Telegram-based underground marketplace selling unlocking tools and phishing infrastructure used to monetize stolen iPhones. Activation Lock can remotely disable a stolen iPhone and prevent normal resale, with

Thieves unlock stolen iPhones using cheap tools sold on Telegram Read More »

Rocky Linux launches opt-in security repository for urgent fixes

Rocky Linux launches opt-in security repository for urgent fixes 2026-05-15 at 14:32 By Sinisa Markovic Rocky Linux has introduced a Security Repository that allows the distribution to ship urgent security fixes ahead of upstream Enterprise Linux when public exploit code exists and upstream patches are unavailable. “The repository is disabled by default. That’s intentional. The

Rocky Linux launches opt-in security repository for urgent fixes Read More »

Deepfake detection is losing ground to generative models

Deepfake detection is losing ground to generative models 2026-05-15 at 09:04 By Sinisa Markovic Deepfake detection has been built around a single question for close to a decade. Given a video or audio clip, is it real or synthetic? Commercial detectors analyze pixels, frequencies, and biometric signals to answer that question, and the best of

Deepfake detection is losing ground to generative models Read More »

Zombie linkages are keeping expired domains trusted for years

Zombie linkages are keeping expired domains trusted for years 2026-05-15 at 08:24 By Sinisa Markovic Domains expire, get transferred, and return to the market every day. The systems connected to those domains can continue trusting the original owner long after control has changed. Researchers at USC and the University of Twente examined this problem in

Zombie linkages are keeping expired domains trusted for years Read More »

The AI oversight paradox: Is the investment worth the cost of watching it?

The AI oversight paradox: Is the investment worth the cost of watching it? 2026-05-15 at 07:30 By Anamarija Pogorelec Unlike in 2025, when AI adoption and testing drove business strategies, organizations in 2026 want proven ROI before committing budgets, according to a report by Globalization Partners. How global executives characterize their organization’s approach to AI

The AI oversight paradox: Is the investment worth the cost of watching it? Read More »

New infosec products of the week: May 15, 2026

New infosec products of the week: May 15, 2026 2026-05-15 at 07:00 By Anamarija Pogorelec Here’s a look at the most interesting products from the past week Alation, Apricorn, Versa Networks, and TrustCloud. The questionnaire-based TPRM model is broken, and TrustCloud has a fix TrustCloud announced a new version of TrustLens, its third party risk

New infosec products of the week: May 15, 2026 Read More »

Microsoft turns Copilot Studio into an AI agent control center

Microsoft turns Copilot Studio into an AI agent control center 2026-05-14 at 18:25 By Anamarija Pogorelec The Microsoft Copilot Studio April 2026 updates improve visibility and governance for admins and expand workflow capabilities for managing agents. Copilot surfaces agent status in the authoring experience, giving admins insight into each agent’s security and protection posture. Customers

Microsoft turns Copilot Studio into an AI agent control center Read More »

Microsoft’s WinUI agent plugin trims token use by over 70% during development

Microsoft’s WinUI agent plugin trims token use by over 70% during development 2026-05-14 at 18:25 By Sinisa Markovic Microsoft published a plugin on May 13 that lets GitHub Copilot CLI and Claude Code drive the full WinUI 3 development cycle, from project scaffolding through signed MSIX packaging. The WinUI agent plugin ships one agent, eight

Microsoft’s WinUI agent plugin trims token use by over 70% during development Read More »

Fragnesia: New Linux kernel LPE bug was spawned by Dirty Frag patch (CVE-2026-46300)

Fragnesia: New Linux kernel LPE bug was spawned by Dirty Frag patch (CVE-2026-46300) 2026-05-14 at 17:34 By Zeljka Zorz Researchers have found and disclosed yet another local privilege escalation (LPE) vulnerability in the Linux kernel: CVE-2026-46300, aka “Fragnesia”. The flaw is in the same class of vulnerabilities as the recently disclosed Dirty Frag bug(s). Like

Fragnesia: New Linux kernel LPE bug was spawned by Dirty Frag patch (CVE-2026-46300) Read More »

AI cyber capability is speeding past earlier projections

AI cyber capability is speeding past earlier projections 2026-05-14 at 12:48 By Sinisa Markovic AI cyber capability is improving faster than expected, with newer models surpassing earlier projections, according to the UK government’s AI Security Institute (AISI). AISI measures AI cyber capability using “time horizon benchmarks”, which estimate how long AI systems can complete cybersecurity

AI cyber capability is speeding past earlier projections Read More »

Scroll to Top