News

Cisco warns of SD-WAN Manager exploitation, fixes 48 firewall vulnerabilities

Cisco, Don't miss, firewall, Hot stuff, News, SD-WAN, vulnerability /

Cisco warns of SD-WAN Manager exploitation, fixes 48 firewall vulnerabilities 2026-03-05 at 15:59 By Zeljka Zorz Cisco has confirmed that two Catalyst SD-WAN Manager vulnerabilities (CVE-2026-20128 and CVE-2026-20122) patched in late February 2025 are being exploited by attackers. The exploited vulnerabilities (CVE-2026-20128, CVE-2026-20122) CVE-2026-20128 is a bug in the Data Collection Agent (DCA) feature of […]

Cisco warns of SD-WAN Manager exploitation, fixes 48 firewall vulnerabilities Read More »

That attractive online ad might be a malware trap

ad, Malware, News, report, scams, The Media Trust, threats /

That attractive online ad might be a malware trap 2026-03-05 at 14:46 By Anamarija Pogorelec Malware increasingly travels through the infrastructure that delivers online advertising. The Media Trust’s Global Report on Digital Trust, Ad Integrity, and the Protection of People describes a digital ad ecosystem where scam campaigns, malicious redirects, and malware delivery appear alongside

That attractive online ad might be a malware trap Read More »

FreeScout vulnerability enables unauthenticated, zero-click RCE via email (CVE-2026-28289)

CVE, Don't miss, exploit, FreeScout, Hot stuff, News, open source, Ox Security, PoC, security update, vulnerability /

FreeScout vulnerability enables unauthenticated, zero-click RCE via email (CVE-2026-28289) 2026-03-05 at 14:27 By Zeljka Zorz A newly discovered vulnerability (CVE-2026-28289) in the open-source help desk platform FreeScout could allow attackers to take over vulnerable servers by sending a specially crafted email to a FreeScout mailbox. CVE-2026-28289 exploitation FreeScout is a free, open-source help desk and

FreeScout vulnerability enables unauthenticated, zero-click RCE via email (CVE-2026-28289) Read More »

Google changes Play Store policies after settling Epic Games dispute

Android, DevOps, Google, News /

Google changes Play Store policies after settling Epic Games dispute 2026-03-05 at 14:27 By Sinisa Markovic Google is making changes to the Play Store after settling its legal fight with Epic Games, focusing on three areas: more billing options, lower fees with new programs for developers, and a program for registered app stores. The rollout

Google changes Play Store policies after settling Epic Games dispute Read More »

LeakBase cybercrime forum with 142,000 users taken down in global operation

credentials, cybercrime, Europol, law enforcement, News /

LeakBase cybercrime forum with 142,000 users taken down in global operation 2026-03-05 at 11:09 By Anamarija Pogorelec LeakBase, an open-web cybercrime forum facilitating the trade of leaked databases and “stealer logs” containing stolen credentials, has been taken down in an international law enforcement operation coordinated by Europol and involving authorities from 14 countries. Police in

LeakBase cybercrime forum with 142,000 users taken down in global operation Read More »

Authorities pull plug on Tycoon 2FA phishing-as-a-service platform

cybercrime, Europol, law enforcement, Microsoft, News, phishing /

Authorities pull plug on Tycoon 2FA phishing-as-a-service platform 2026-03-05 at 10:51 By Sinisa Markovic Tycoon 2FA, a phishing-as-a-service platform that allowed cybercriminals to bypass MFA and break into online accounts, has been disrupted by law enforcement agencies and cybersecurity partners. Takedown of the Tycoon 2FA phishing-as-a-service platform (Source: Europol) Active since August 2023, Tycoon 2FA

Authorities pull plug on Tycoon 2FA phishing-as-a-service platform Read More »

As AI agents start making purchases, security teams must rethink risk

agentic AI, Chargebacks911, Don't miss, enterprise, Features, fraud, Hot stuff, News, Privacy, procurement, risk /

As AI agents start making purchases, security teams must rethink risk 2026-03-05 at 08:17 By Zeljka Zorz In this Help Net Security interview, Donald Kossmann, CTO at fintech company Chargebacks911, talks about the emerging security, fraud, and governance risks of “agentic commerce,” where AI agents can autonomously make purchasing decisions on behalf of users or

As AI agents start making purchases, security teams must rethink risk Read More »

Workers reviewing Meta Ray-Ban footage encounter users’ intimate moments

data security, Meta, News, Privacy /

Workers reviewing Meta Ray-Ban footage encounter users’ intimate moments 2026-03-05 at 08:17 By Sinisa Markovic Bank details and intimate moments captured without people realizing they are being recorded are the new privacy nightmare behind the latest tech fashion hit, Meta Ray-Ban smart glasses. A joint investigation by Svenska Dagbladet and Göteborgs-Posten found that footage and

Workers reviewing Meta Ray-Ban footage encounter users’ intimate moments Read More »

Engineering trust: A security blueprint for autonomous AI agents

agentic AI, Artificial Intelligence, cybersecurity, Don't miss, framework, Google, Hot stuff, LLMs, News, opinion /

Engineering trust: A security blueprint for autonomous AI agents 2026-03-05 at 07:06 By Help Net Security AI agents have evolved from just chatbots, answering questions to executing actions using various integrated tools, often autonomously, and as such the traditional security models have become less efficient. I have seen that firsthand as a security lead for

Engineering trust: A security blueprint for autonomous AI agents Read More »

LevelBlue Named a Finalist for the 2026 SC Media Awards for Best Managed Security Service

Managed Security Services, News, Spotlights /

LevelBlue Named a Finalist for the 2026 SC Media Awards for Best Managed Security Service 2026-03-04 at 19:55 By LevelBlue is excited to announce that SC Media has selected us as a finalist for the 2026 SC Media Awards under the Best Managed Security Service category. This article is an excerpt from LevelBlue Blog View

LevelBlue Named a Finalist for the 2026 SC Media Awards for Best Managed Security Service Read More »

Google speeds up Chrome updates with new security-focused release cycle

Chrome, Google, News, update /

Google speeds up Chrome updates with new security-focused release cycle 2026-03-04 at 16:08 By Sinisa Markovic The Chrome browser is moving to a two-week release cycle, a change intended to give developers and users faster access to new features, performance improvements and bug fixes. The new schedule begins with the stable release of Chrome 153

Google speeds up Chrome updates with new security-focused release cycle Read More »

The vulnerability that turns your AI agent against you

agentic AI, Comet, News, Perplexity, vulnerability, Zenity /

The vulnerability that turns your AI agent against you 2026-03-04 at 16:08 By Help Net Security Zenity Labs disclosed PleaseFix, a family of critical vulnerabilities affecting agentic browsers, including Perplexity Comet, that allow attackers to hijack AI agents, access local files, and steal credentials within authenticated user sessions. The vulnerabilities can be triggered through malicious

The vulnerability that turns your AI agent against you Read More »

Webinar: The True State of Security 2026

Don't miss, News, Storyblok, Whitepapers and webinars /

Webinar: The True State of Security 2026 2026-03-04 at 16:00 By Help Net Security AI has become the most popular scapegoat in security. While the risk is real, the obsession is costly. Most security failures don’t start with AI. They start with people, access, and security workflows that don’t scale. This webinar aims to reframe

Webinar: The True State of Security 2026 Read More »

Over 1,200 IceWarp servers still vulnerable to unauthenticated RCE flaw (CVE-2025-14500)

CVE, Don't miss, enterprise, Hot stuff, IceWarp, News, security update, Shadowserver, SMBs, vulnerability /

Over 1,200 IceWarp servers still vulnerable to unauthenticated RCE flaw (CVE-2025-14500) 2026-03-04 at 15:57 By Zeljka Zorz A critical RCE vulnerability (CVE-2025-14500) in IceWarp, an EU-made business communication and collaboration platform, may be exploited by attackers to gain unauthorized access to exposed unpatched servers. According to the Shadowserver Foundation, there are currently over 1,200 internet-facing

Over 1,200 IceWarp servers still vulnerable to unauthenticated RCE flaw (CVE-2025-14500) Read More »

Immutable Linux distribution Nitrux 6.0.0 adds GPU passthrough, boot-level recovery, C++ update system

Linux, News, open source, operating system /

Immutable Linux distribution Nitrux 6.0.0 adds GPU passthrough, boot-level recovery, C++ update system 2026-03-04 at 09:38 By Anamarija Pogorelec Nitrux 6.0.0, released March 3, 2026, packages several components that security practitioners running Linux workstations will find worth examining: a new hypervisor orchestrator with IOMMU-enforced isolation, a rewritten update system with cryptographic verification, and a recovery

Immutable Linux distribution Nitrux 6.0.0 adds GPU passthrough, boot-level recovery, C++ update system Read More »

Cybersecurity professionals are burning out on extra hours every week

burnout, CISO, cybersecurity, Don't miss, News, security ROI, Seemplicity, skill development /

Cybersecurity professionals are burning out on extra hours every week 2026-03-04 at 08:30 By Mirko Zorz Cybersecurity professionals in the U.S. are working an average of 10.8 extra hours per week beyond their contracted schedules, according to survey data collected from 300 cybersecurity and IT leaders by Sapio Research. That figure effectively adds a sixth

Cybersecurity professionals are burning out on extra hours every week Read More »

mquire: Open-source Linux memory forensics tool

computer forensics, cybersecurity, Don't miss, Incident Response, Linux, News, open source, rootkits, software, Trail of Bits /

mquire: Open-source Linux memory forensics tool 2026-03-04 at 08:22 By Anamarija Pogorelec Linux memory forensics has long depended on debug symbols tied to specific kernel versions. These symbols are not installed on production systems by default, and sourcing them from external repositories creates a recurring problem: repositories go stale, kernel builds diverge, and analysts working

mquire: Open-source Linux memory forensics tool Read More »

Why workforce identity is still a vulnerability, and what to do about it

1Kosmos, auditing, authentication, cybersecurity, Don't miss, Hot stuff, identity management, identity verification, News, opinion /

Why workforce identity is still a vulnerability, and what to do about it 2026-03-04 at 07:43 By Help Net Security Most organizations believe they have workforce identity under control. New hires are verified. Accounts are provisioned. Multi-factor authentication is enforced. Audits are passed. Then a breach happens, often through an account that was “properly secured.”

Why workforce identity is still a vulnerability, and what to do about it Read More »

Cybersecurity is now the price of admission for industrial AI

Artificial Intelligence, Cisco, critical infrastructure, cybersecurity, Don't miss, ICS/SCADA, News, report /

Cybersecurity is now the price of admission for industrial AI 2026-03-04 at 07:17 By Mirko Zorz Industrial organizations are accelerating AI deployment across manufacturing, utilities, and transportation and running straight into a security problem. Cisco’s 2026 State of Industrial AI Report, based on responses from more than 1,000 decision-makers across 19 countries, finds that cybersecurity

Cybersecurity is now the price of admission for industrial AI Read More »

Coruna: Spy-grade iOS exploit kit powering financial crime

CVE, cyber espionage, cybercrime, Don't miss, exploit kit, Google, Hot stuff, iOS, Mandiant, News, surveillance, vulnerability /

Coruna: Spy-grade iOS exploit kit powering financial crime 2026-03-03 at 21:02 By Zeljka Zorz A powerful iOS exploit kit has circulated among multiple threat actors over the past year, moving from a commercial surveillance operation to state-linked espionage campaigns and, ultimately, ended into the hands of financially motivated hackers, according to new research from Google’s

Coruna: Spy-grade iOS exploit kit powering financial crime Read More »

Scroll to Top