Passwords, MFA, and why neither is enough 2026-03-13 at 07:37 By Help Net Security Passwords weren’t enough, so we added MFA. Now MFA isn’t enough either. In this Help Net Security video, Karlo Zatylny, CTO/CISO at Portnox, walks through why each layer of identity security has failed and what comes next. SMS codes can be […]
Passwords, MFA, and why neither is enough Read More »
New infosec products of the week: March 13, 2026 2026-03-13 at 07:37 By Anamarija Pogorelec Here’s a look at the most interesting products from the past week, featuring releases from Binary Defense, Mend.io, OPSWAT, Singulr AI, SOC Prime, Terra Security, and Vicarius. Singulr AI’s Agent Pulse delivers enforceable runtime governance and visibility for AI agents
New infosec products of the week: March 13, 2026 Read More »
€1 million online fraud scheme uncovered, three suspects arrested 2026-03-12 at 17:37 By Sinisa Markovic A criminal group suspected of running an online fraud scheme in Germany, which defrauded victims of around €1 million, has been dismantled through judicial cooperation coordinated by Eurojust. On 10 March, German and French authorities arrested three suspects in a
€1 million online fraud scheme uncovered, three suspects arrested Read More »
ENISA advisory examines package manager security risks 2026-03-12 at 15:24 By Anamarija Pogorelec Developers install external libraries with a single command, and that step can introduce more code than expected into a project environment. Dependency resolution inside package managers extends software supply chains across large collections of external components. ENISA’s Technical Advisory for Secure Use
ENISA advisory examines package manager security risks Read More »
WhatsApp is giving parents peace of mind over their kids’ privacy 2026-03-12 at 15:08 By Sinisa Markovic WhatsApp has introduced parent-managed accounts designed for pre-teens, giving parents and guardians new controls over contacts, group participation, and how the app is used. These accounts are limited to messaging and calling and do not include access to
WhatsApp is giving parents peace of mind over their kids’ privacy Read More »
Stop fixing OT security with IT thinking 2026-03-12 at 08:35 By Mirko Zorz In this Help Net Security interview, Ejona Preçi, Group CISO at Lindal Group, discusses the specific cybersecurity challenges in manufacturing environments. The conversation covers why standard IT security practices break down on shop floors, where PLCs and decade-old firmware were never designed
Stop fixing OT security with IT thinking Read More »
Does Anthropic deserve the trust of the cybersecurity community? 2026-03-12 at 08:35 By Help Net Security The cybersecurity industry runs on trust. The belief that when a vendor says they will behave a certain way, they will, that critical CVEs are in fact critical, or when companies say they’re GDPR compliant, they really are. But
Does Anthropic deserve the trust of the cybersecurity community? Read More »
Agentic attack chains advance as infostealers flood criminal markets 2026-03-12 at 08:35 By Mirko Zorz Cybercriminals spent much of 2025 automating their operations, shifting from one-off attacks to systems that can run entire intrusion cycles with minimal human input. Data collected from criminal forums, illicit marketplaces, and underground chat services shows a threat environment where
Agentic attack chains advance as infostealers flood criminal markets Read More »
Wireless vulnerabilities are doubling every few years 2026-03-12 at 07:00 By Anamarija Pogorelec Wireless vulnerabilities are being disclosed at a rate that has no precedent in the fifteen-year history of systematic tracking. In 2025, researchers published 937 new wireless-related CVEs, an average of 2.5 per day, according to a threat report from Bastille Networks based
Wireless vulnerabilities are doubling every few years Read More »
ShinyHunters claims new campaign targeting Salesforce Experience Cloud sites 2026-03-11 at 20:28 By Zeljka Zorz Salesforce customers have, once again, been targeted by the ShinyHunters group – or, at least, it’s what the group claims. Attackers modified and abused benign tool On Saturday, Saleforce confirmed that its security team has identified an attack campaign by
ShinyHunters claims new campaign targeting Salesforce Experience Cloud sites Read More »
Researchers uncover AI-powered vishing platform 2026-03-11 at 20:28 By Zeljka Zorz A vishing-as-a-service platform that helps scammers carry out so-called “press 1” scams is misusing text-to-speech (TTS) capabilities provided by AI voice technology company ElevenLabs, Mirage Security researchers claim. How “press 1” vishing scams work For “press 1” scams, fraudsters spoof phone numbers of trusted
Researchers uncover AI-powered vishing platform Read More »
Meta turns to AI to sniff out scams on Facebook, Messenger and WhatsApp 2026-03-11 at 18:31 By Anamarija Pogorelec Meta’s new tools on Facebook, Messenger, and WhatsApp protect users from scams. They use advanced AI systems to analyze text, images, and surrounding context and identify sophisticated scam patterns. Facebook alerts for suspicious friend requests (Source:
Meta turns to AI to sniff out scams on Facebook, Messenger and WhatsApp Read More »
Anthropic forms institute to study long-term AI risks facing society 2026-03-11 at 18:31 By Sinisa Markovic Anthropic has established the Anthropic Institute, a research unit focused on studying the societal effects of AI and informing policy responses to risks from more advanced systems. “In the five years since Anthropic began, AI progress has moved incredibly
Anthropic forms institute to study long-term AI risks facing society Read More »
Microsoft patches 80+ vulnerabilities, six flagged as “more likely” to be exploited 2026-03-11 at 12:31 By Zeljka Zorz On March 2026 Patch Tuesday, Microsoft addressed 80+ vulnerabilities affecting its software and cloud services. Of these, two were publicly disclosed, but not actively exploited. Privilege escalation vulnerabilities abound The two publicly disclosed flaws are CVE-2026-21262, a
Microsoft patches 80+ vulnerabilities, six flagged as “more likely” to be exploited Read More »
YouTube draws a line on deepfakes involving politicians and journalists 2026-03-11 at 12:00 By Sinisa Markovic With deepfakes becoming more common, YouTube has expanded access to its AI-driven likeness detection system to a pilot group of government officials, journalists and political candidates. The step follows an earlier rollout of the tool to creators in the
YouTube draws a line on deepfakes involving politicians and journalists Read More »
Cloud-audit: Fast, open-source AWS security scanner 2026-03-11 at 09:21 By Mirko Zorz Running AWS security audits without a dedicated security team typically means choosing between enterprise platforms with per-check billing and generic open-source scanners that produce findings with no remediation guidance. Cloud-audit, a Python CLI tool published on GitHub by Mariusz Gebala, takes a narrower
Cloud-audit: Fast, open-source AWS security scanner Read More »
Zero trust, zero buzzwords: Here’s what it means 2026-03-11 at 09:21 By Help Net Security In this Help Net Security video, Murat Balaban, CEO of Zenarmor, breaks down zero trust and zero trust network access (ZTNA) without the buzzwords. The video covers why this approach matters, including the risk of lateral movement after a breach
Zero trust, zero buzzwords: Here’s what it means Read More »
Software vulnerabilities push credential abuse aside in cloud intrusions 2026-03-11 at 07:17 By Sinisa Markovic Cloud intrusions are unfolding on shorter timelines, with attackers leaning more on unpatched software and compromised identities. H2 2025 distribution of initial access vectors exploited in Google Cloud (Source: Google) Google Cloud’s Cloud Threat Horizons Report H1 2026 reflects incident
Software vulnerabilities push credential abuse aside in cloud intrusions Read More »
Messenger can warn you about sketchy links without knowing what you clicked 2026-03-10 at 16:53 By Anamarija Pogorelec Meta’s Advanced browsing protection (ABP) helps Messenger identify and warn users about potentially harmful websites they open from a chat. Malicious sites can try to steal passwords, collect personal information, or install malware. Advanced browsing protection (Source:
Messenger can warn you about sketchy links without knowing what you clicked Read More »
HR, recruiters targeted in year-long malware campaign 2026-03-10 at 15:39 By Zeljka Zorz An attack campaign targeting HR departments and job recruiters has been stealthily compromising systems, Aryaka researchers have discovered. By avoiding analysis environments and leveraging a specialized module designed to kill antivirus and endpoint detection software, the Russian-speaking attacker(s) behind this campaign have
HR, recruiters targeted in year-long malware campaign Read More »