Download: 2026 SANS Identity Threats & Defenses Survey 2026-03-31 at 16:05 By Help Net Security New research from the 2026 SANS Identity Threats & Defenses Survey shows that 55% of organizations experienced an identity-related compromise last year, while 26% reported MFA fatigue as a factor in identity attacks. Download the report to learn: Why identity […]
Download: 2026 SANS Identity Threats & Defenses Survey Read More »
Windows 11 gets a rebuilt console engine with regex search, Sixel images and a 10x speed boost 2026-03-31 at 16:05 By Anamarija Pogorelec Microsoft released Windows 11 Insider Preview Build 29558.1000 to the Canary Channel, part of the optional 29500 build series. The build carries a set of changes focused on the Windows Console, a
Apple counters ClickFix attacks with macOS Terminal warning 2026-03-31 at 16:05 By Sinisa Markovic Apple has added a new security feature in macOS Tahoe 26.4 that warns users before they enter commands in Terminal that could cause harm. The goal is to stop ClickFix attacks, a social engineering trick that gets users to run malicious
Apple counters ClickFix attacks with macOS Terminal warning Read More »
Android developers just got a new verification layer 2026-03-31 at 15:43 By Anamarija Pogorelec To help prevent malicious actors from spreading harmful apps while hiding behind anonymity, Google is rolling out developer verification to all Android developers. The company is also introducing app registration, which links apps to verified developer identities. Developers can still choose
Android developers just got a new verification layer Read More »
Axios npm packages backdoored in supply chain attack 2026-03-31 at 15:43 By Zeljka Zorz An unknown attacker has compromised the GitHub and npm accounts of the main developer of Axios, a widely used HTTP client library, and published npm packages backdoored with a malicious dependency that triggered the installation of droppers and remote access trojans.
Axios npm packages backdoored in supply chain attack Read More »
Rspamd 4.0.0 ships memory savings, a new scan protocol, and a required migration step 2026-03-31 at 15:43 By Sinisa Markovic The open-source spam filtering platform Rspamd released version 4.0.0, delivering infrastructure changes across its scan protocol, memory model, hash storage, and configuration system. Several of the changes are breaking, and at least one requires a
Rspamd 4.0.0 ships memory savings, a new scan protocol, and a required migration step Read More »
Intel puts its data center performance knowledge on GitHub 2026-03-31 at 15:43 By Anamarija Pogorelec Intel engineers have published a centralized repository of data center performance knowledge on GitHub, giving practitioners direct access to tuning guides, configuration recommendations, and optimization recipes that previously required hunting across forums and scattered documentation. The repository, called Optimization Zone,
Intel puts its data center performance knowledge on GitHub Read More »
Google Drive now detects ransomware and helps restore affected files 2026-03-31 at 12:46 By Anamarija Pogorelec To help organizations minimize the impact of malware attacks on personal computers, Google launched ransomware detection and file restoration in beta in September 2025. These features are now generally available. End user alert in Drive for desktop when ransomware
Google Drive now detects ransomware and helps restore affected files Read More »
Why I’m done calling humans the weakest link 2026-03-31 at 11:22 By Help Net Security Cybersecurity has long suffered from a people problem, but not in the way we often hear about. As industry that is based on enabling communication across the globe via the internet and many types of devices, many of us practitioners
Why I’m done calling humans the weakest link Read More »
The art of making technical risk make sense to executives 2026-03-31 at 11:21 By Help Net Security In this Help Net Security video, Jay Miller, CISO at Paessler, explains how security leaders can communicate technical risk to executives and board members in terms they understand. The focus is on business impact: financial loss, compliance fines,
The art of making technical risk make sense to executives Read More »
Cybersecurity jobs available right now: March 31, 2026 2026-03-31 at 07:37 By Anamarija Pogorelec Android Malware Research Director Alice | Israel | On-site – View job details As an Android Malware Research Director, you will establish operational processes, workflows, and quality standards for the team, while integrating the function into existing infrastructure. You will act
Cybersecurity jobs available right now: March 31, 2026 Read More »
Hottest cybersecurity open-source tools of the month: March 2026 2026-03-31 at 07:37 By Anamarija Pogorelec Presented here is a curated selection of noteworthy open-source cybersecurity solutions that have drawn recognition for their ability to enhance security postures across diverse settings. BlacksmithAI: Open-source AI-powered penetration testing framework BlacksmithAI is an open-source penetration testing framework that uses
Hottest cybersecurity open-source tools of the month: March 2026 Read More »
RSAC 2026 is back, and the certificate automation gap is impossible to ignore 2026-03-30 at 20:14 By Help Net Security RSAC 2026 Conference marked a return to form, more vibrant and better attended than any show I can recall over the past decade. The audience was distinctly international, with strong representation from North America, Europe
RSAC 2026 is back, and the certificate automation gap is impossible to ignore Read More »
TeamPCP’s attack spree slows, but threat escalates with ransomware pivot 2026-03-30 at 18:52 By Zeljka Zorz TeamPCP’s destructive run of supply chain breaches has stopped, for now: it has been three days since the group published malicious versions of Telnyx’s SDK on PyPI, and there haven’t been reports of new open-source project compromises. Partnership with
TeamPCP’s attack spree slows, but threat escalates with ransomware pivot Read More »
Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643) 2026-03-30 at 15:37 By Zeljka Zorz A critical SQL injection vulnerability (CVE-2026-21643) in Fortinet FortiClient Endpoint Management Server (EMS), a management server for FortiClient endpoint agents on various platforms, is under active exploitation. The warning comes from Defused Cyber, which helps organizations deploy honeypots/fake assets, and
Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643) Read More »
Android 17 tweaks location privacy with one-time access 2026-03-30 at 14:26 By Anamarija Pogorelec Google introduced a suite of location privacy features in Android 17 Beta 3 to give users more control and provide developers with tools for data minimization and product safety. Location button overview Android 17 introduces a new UI element called the
Android 17 tweaks location privacy with one-time access Read More »
Second data breach at European Commission this year leaves questions over resilience 2026-03-30 at 14:26 By Sinisa Markovic The European Commission confirmed that a cyberattack impacted cloud infrastructure hosting its web presence on the Europa.eu platform. Authorities said the cyberattack was discovered on 24 March, and early findings from the ongoing investigation suggest data were
Second data breach at European Commission this year leaves questions over resilience Read More »
SystemRescue 13 updates its kernel to Linux 6.18 LTS, adds new recovery tools 2026-03-30 at 10:37 By Anamarija Pogorelec Bootable Linux recovery environments occupy a specific niche in the systems administration and incident response toolkit. SystemRescue, an Arch-based live distribution built for repairing unbootable systems and recovering data from damaged drives, has shipped version 13.00
SystemRescue 13 updates its kernel to Linux 6.18 LTS, adds new recovery tools Read More »
Why risk alone doesn’t get you to yes 2026-03-30 at 09:29 By Help Net Security I have been in security rooms for years, from military operations centers to corporate boardrooms. In all those years I can tell you that the hardest mission that most security leaders will face is not identifying a threat, but getting
Why risk alone doesn’t get you to yes Read More »
ShipSec Studio brings open-source workflow orchestration to security operations 2026-03-30 at 08:04 By Anamarija Pogorelec Security teams have long relied on a mix of shell scripts, cron jobs, and loosely connected tools to chain reconnaissance and vulnerability scanning work together. ShipSec Studio, an open-source security workflow automation platform from ShipSec AI, aims to replace that
ShipSec Studio brings open-source workflow orchestration to security operations Read More »