News

AWS, Wasabi, Cloudflare, and Backblaze go head-to-head in new cloud storage test

AWS, Backblaze, Catchpoint, Cloud, cloud computing, Cloudflare, EU, networking, News, report, storage, USA /

AWS, Wasabi, Cloudflare, and Backblaze go head-to-head in new cloud storage test 2026-04-03 at 01:25 By Anamarija Pogorelec Cloud storage buyers rarely get vendor-provided performance data that includes the vendor’s own weak spots. Backblaze’s Q1 2026 Performance Stats report, attempts to do exactly that, sharing benchmark results for Backblaze B2, AWS S3, Cloudflare R2, and […]

AWS, Wasabi, Cloudflare, and Backblaze go head-to-head in new cloud storage test Read More »

OpenSSH 10.3 patches five security bugs and drops legacy rekeying support

Encryption, News, open source, OpenSSH, software, SSH /

OpenSSH 10.3 patches five security bugs and drops legacy rekeying support 2026-04-02 at 18:58 By Anamarija Pogorelec OpenSSH 10.3 shipped carrying five security fixes alongside feature additions and a set of behavior changes that will break compatibility with older SSH implementations that do not support rekeying. Rekeying compatibility removed SSH clients and servers that lack

OpenSSH 10.3 patches five security bugs and drops legacy rekeying support Read More »

Software supply chain hacks trigger wave of intrusions, data theft

data theft, Don't miss, extortion, Google Cloud, Hot stuff, Malware, Mandiant, News, ownCloud, Palo Alto Networks, supply chain compromise, Tenable, Wiz /

Software supply chain hacks trigger wave of intrusions, data theft 2026-04-02 at 18:58 By Zeljka Zorz After linking the Axios npm supply chain attack to North Korean hackers, Google researchers warned that “hundreds of thousands of stolen secrets could potentially be circulating” as a result of this and the Trivy, KICS, LiteLLM, and Telnyx supply

Software supply chain hacks trigger wave of intrusions, data theft Read More »

DarkSword exploit forces Apple to loosen its patching policy

apple, cybercrime, data theft, iOS, News, security update /

DarkSword exploit forces Apple to loosen its patching policy 2026-04-02 at 14:46 By Sinisa Markovic Apple has extended security updates to a wider range of devices still running iOS 18, aiming to protect users from the DarkSword exploit kit. This is not the first time Apple has backported fixes for older devices based on vulnerability

DarkSword exploit forces Apple to loosen its patching policy Read More »

TrueConf zero-day vulnerability exploited to target government networks

Check Point, cyber espionage, Don't miss, Government, Malware, News, video conferencing /

TrueConf zero-day vulnerability exploited to target government networks 2026-04-02 at 12:02 By Sinisa Markovic Suspected China-nexus attackers have leveraged a zero-day vulnerability (CVE-2026-3502) in the TrueConf client application to distribute malware within government networks in Southeast Asia, Check Point researchers discovered. Malicious client update attack chain (Source: Check Point) Trusted update mechanism turned into attack

TrueConf zero-day vulnerability exploited to target government networks Read More »

Tracking drones with the 5G tower down the street

China, Don't miss, drones, hardware, News, research /

Tracking drones with the 5G tower down the street 2026-04-02 at 08:42 By Anamarija Pogorelec Drone detection in cities is expensive. Dedicated radar installations are cost-prohibitive at scale, cameras have limited range and stop working well at night, and LiDAR systems have the same cost problem as radar. A group of researchers at the University

Tracking drones with the 5G tower down the street Read More »

Trust, friction, and ROI: A CISO’s take on making security work for the business

CISO, Compliance, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Risk Management, security ROI, strategy /

Trust, friction, and ROI: A CISO’s take on making security work for the business 2026-04-02 at 08:42 By Mirko Zorz In this Help Net Security interview, John O’Rourke, CISO at PPG, talks about what it means for security to drive business value. He explains how mature security programs reduce friction in sales cycles and M&A

Trust, friction, and ROI: A CISO’s take on making security work for the business Read More »

Microsoft adds high-volume email sending to Exchange Online

Microsoft, Microsoft Exchange, News /

Microsoft adds high-volume email sending to Exchange Online 2026-04-02 at 07:58 By Anamarija Pogorelec Organizations that rely on Exchange Online for internal communications have long needed a way to send large volumes of automated messages, such as payroll notifications, IT alerts, and security advisories, without running into the sending limits designed for person-to-person email. Microsoft

Microsoft adds high-volume email sending to Exchange Online Read More »

Your customer passed authentication. So why are they sending money to a scammer?

cybercrime, Feedzai, fraud, News, scams, Video /

Your customer passed authentication. So why are they sending money to a scammer? 2026-04-02 at 07:12 By Help Net Security In this Help Net Security video, Lenny Gusel, Head of Fraud Solutions in North America at Feedzai, explains how customer identity and access management has converged with digital fraud detection, and why treating them as

Your customer passed authentication. So why are they sending money to a scammer? Read More »

Cybercriminals take aim at Hasbro, weeks of recovery ahead

breach, cybercrime, data breach, News /

Cybercriminals take aim at Hasbro, weeks of recovery ahead 2026-04-01 at 20:32 By Sinisa Markovic Hasbro, an American toy maker with more than 5,000 employees, confirmed a cyberattack and proactively took certain systems offline. The intrusion was detected on March 28, and the company promptly activated its incident response protocols. The company said the investigation

Cybercriminals take aim at Hasbro, weeks of recovery ahead Read More »

North Korean hackers linked to Axios npm supply chain compromise

Arctic Wolf Networks, backdoor, cybercrime, Don't miss, Google Cloud, Hot stuff, Mandiant, News, North Korea, supply chain attacks, supply chain compromise /

North Korean hackers linked to Axios npm supply chain compromise 2026-04-01 at 18:56 By Zeljka Zorz The software supply chain attack that resulted in the compromise of npm packages of Axios, an extremely popular HTTP client library, is believed to be the work of financially-motivated North Korean attackers. Links to UNC1069 On March 31, 2026,

North Korean hackers linked to Axios npm supply chain compromise Read More »

CIS Benchmarks March 2026 Update

Center for Internet Security, News, Whitepapers and webinars /

CIS Benchmarks March 2026 Update 2026-04-01 at 16:08 By Anamarija Pogorelec The following CIS Benchmarks and CIS Build Kits have been updated or recently released. The Center for Internet Security has highlighted the major updates below. Each Benchmark and Build Kit includes a changelog that references all changes. Updated CIS Benchmarks overview CIS Microsoft Windows

CIS Benchmarks March 2026 Update Read More »

Google fixes Chrome zero-day with in-the-wild exploit (CVE-2026-5281)

0-day, Chrome, Don't miss, Hot stuff, Microsoft Edge, News, Vivaldi /

Google fixes Chrome zero-day with in-the-wild exploit (CVE-2026-5281) 2026-04-01 at 14:31 By Zeljka Zorz Google has fixed 21 vulnerabilities affecting its popular Chrome browser, among them a zero-day (CVE-2026-5281) with an in-the-wild exploit. About CVE-2026-5281 As per usual, information about the fixed zero-day is limited, and there’s no details about the exploit (or how/if it’s

Google fixes Chrome zero-day with in-the-wild exploit (CVE-2026-5281) Read More »

Mimecast makes enterprise email security deployable in minutes

CISO, cybersecurity, Don't miss, email security, Features, Hot stuff, Mimecast, News, opinion, RSAC 2026 /

Mimecast makes enterprise email security deployable in minutes 2026-04-01 at 10:34 By Mirko Zorz Most organizations running Microsoft 365 rely on native email controls as their primary line of defense. According to Mimecast research, 38% of organizations depend exclusively on those native controls for collaboration security, and 64% say those controls are insufficient against the

Mimecast makes enterprise email security deployable in minutes Read More »

Financial groups lay out a plan to fight AI identity attacks

Artificial Intelligence, authentication, deepfakes, Don't miss, financial industry, generative AI, Government, LLMs, News, report, USA /

Financial groups lay out a plan to fight AI identity attacks 2026-04-01 at 10:34 By Mirko Zorz Generative AI tools have brought the cost of deepfake production low enough that criminals and state-sponsored actors now use them routinely against financial institutions. A joint paper from the American Bankers Association, the Better Identity Coalition, and the

Financial groups lay out a plan to fight AI identity attacks Read More »

Malware detectors trained on one dataset often stumble on another

cybersecurity, ENISA, machine learning, malware detection, News, research /

Malware detectors trained on one dataset often stumble on another 2026-04-01 at 07:05 By Anamarija Pogorelec Machine learning models built to catch malware on Windows systems are typically evaluated on data that closely resembles their training set. In practice, the malware arriving on enterprise endpoints looks different, comes from different sources, and in many cases

Malware detectors trained on one dataset often stumble on another Read More »

Crypto industry may be running out of time to prepare for quantum attacks

Crypto, Cryptocurrency, cybersecurity, Google, News, quantum computing /

Crypto industry may be running out of time to prepare for quantum attacks 2026-03-31 at 22:44 By Sinisa Markovic Google’s latest research suggests the cryptocurrency industry may have less time than expected to prepare for quantum computing. In a whitepaper, Google examines risks to elliptic curve cryptography, the system securing most blockchain networks. The researchers

Crypto industry may be running out of time to prepare for quantum attacks Read More »

Amazon sends AI agents into pen testing and DevOps

agentic AI, Artificial Intelligence, AWS, cybersecurity, DevSecOps, News /

Amazon sends AI agents into pen testing and DevOps 2026-03-31 at 20:31 By Sinisa Markovic Amazon’s latest AI capabilities bring on-demand penetration testing through the AWS Security Agent, alongside the AWS DevOps Agent. “These agents are changing the way we secure and operate software. AWS Security Agent compresses penetration testing timelines from 2-6 weeks to

Amazon sends AI agents into pen testing and DevOps Read More »

Hacker stripped more than $50 million from Uranium crypto exchange, spent it on trading cards

Cryptocurrency, cybercrime, law enforcement, News, scams, US DoJ, USA /

Hacker stripped more than $50 million from Uranium crypto exchange, spent it on trading cards 2026-03-31 at 17:42 By Sinisa Markovic US prosecutors have charged a Maryland man in connection with two hacks of the Uranium Finance cryptocurrency exchange that led to losses exceeding $50 million. Jonathan Spalletta, also known as “Cthulhon” and “Jspalletta,” is

Hacker stripped more than $50 million from Uranium crypto exchange, spent it on trading cards Read More »

Scroll to Top