Fraudsters integrate ChatGPT into global scam campaigns 2026-02-26 at 19:37 By Anamarija Pogorelec AI models are being folded into fraud and influence operations that follow long standing tactics. A February 2026 update to OpenAI’s Disrupting Malicious Uses of Our Models report details how ChatGPT and related API access were used in romance scams, fake legal […]
Fraudsters integrate ChatGPT into global scam campaigns Read More »
Scattered Lapsus$ Hunters seeks women for vishing attacks 2026-02-26 at 14:55 By Zeljka Zorz The Scattered Lapsus$ Hunters (SLH) hacking collective has launched a recruitment push aimed specifically at women, offering cash payments for participating in voice-phishing (vishing) attacks. A few days ago, threat intelligence firm Dataminr detected posts on a public Telegram channel advertising
Scattered Lapsus$ Hunters seeks women for vishing attacks Read More »
Samsung’s Galaxy S26 turns privacy into a visible and invisible feature 2026-02-26 at 12:27 By Sinisa Markovic The Samsung Galaxy S26 series is out, offering plenty of security features that protect personal data while providing users with transparency and control over how their information is used. The feature that grabbed the spotlight is the built-in
Samsung’s Galaxy S26 turns privacy into a visible and invisible feature Read More »
Wireshark 4.6.4 resolves dissector flaws, plugin compatibility issue 2026-02-26 at 10:49 By Anamarija Pogorelec Packet inspection remains a routine activity across enterprise networks, incident response workflows, and malware investigations. Continuous use places long-term stability and parsing accuracy at the center of daily operations. Wireshark version 4.6.4 addresses two vulnerabilities affecting protocol dissectors and resolves a
Wireshark 4.6.4 resolves dissector flaws, plugin compatibility issue Read More »
The $19.5 million insider risk problem 2026-02-26 at 09:09 By Mirko Zorz Routine employee activity across corporate systems carries an average annual cost of $19.5 million per organization. That figure comes from the 2026 Cost of Insider Risks Global Report, conducted by the Ponemon Institute and based on data from 354 organizations that experienced one
The $19.5 million insider risk problem Read More »
Open-source security debt grows across commercial software 2026-02-26 at 08:36 By Mirko Zorz Open source code sits inside nearly every commercial application, and development teams continue to add new dependencies. Black Duck’s 2026 Open Source Security and Risk Analysis Report data shows that nearly all audited codebases contain open source components, with average component counts
Open-source security debt grows across commercial software Read More »
Review: Digital Forensics, Investigation, and Response, 5th Edition 2026-02-26 at 08:01 By Mirko Zorz Digital Forensics, Investigation, and Response, 5th Edition presents a structured survey of the digital forensics discipline. The book spans foundational principles, platform specific analysis, specialized branches, and incident response integration. About the author Chuck Easttom has many years of practical experience
Review: Digital Forensics, Investigation, and Response, 5th Edition Read More »
AI-driven DAST reduces manual setup and surfaces exploitable vulnerabilities 2026-02-26 at 07:35 By Mirko Zorz In this Help Net Security interview, Joni Klippert, CEO at StackHawk, discusses what defines DAST coverage in 2026 and why scan completion does not equal security. She explains how AI-driven DAST testing automates attack surface discovery, supports business-logic testing in
AI-driven DAST reduces manual setup and surfaces exploitable vulnerabilities Read More »
Hottest cybersecurity open-source tools of the month: February 2026 2026-02-26 at 07:07 By Anamarija Pogorelec This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Pompelmi: Open-source secure file upload scanning for Node.js Software teams building services in JavaScript are adding more layers of defense to handle
Hottest cybersecurity open-source tools of the month: February 2026 Read More »
Threat actor leveraged Cisco SD-WAN zero-day since 2023 (CVE-2026-20127) 2026-02-25 at 19:04 By Zeljka Zorz A “highly sophisticated” cyber threat actor has been exploiting a zero-day authentication bypass vulnerability (CVE-2026-20127) in Cisco Catalyst SD-WAN Controller (formerly vSmart), Cisco has announced today. The vulnerability was reported by Australian Signals Directorate’s Australian Cyber Security Centre, who said
Threat actor leveraged Cisco SD-WAN zero-day since 2023 (CVE-2026-20127) Read More »
Fake Zoom meeting leads to silent install of surveillance software 2026-02-25 at 18:16 By Zeljka Zorz Malwarebytes researchers have uncovered a fake (but convincing) Zoom meeting page that downloads surveillance software on Windows computers and tricks users into running it. According to Microsoft MVP Steven Lim, the page has claimed nearly 1,500 victims in 12
Fake Zoom meeting leads to silent install of surveillance software Read More »
Anthropic’s Remote Control feature brings Claude Code to mobile devices 2026-02-25 at 14:39 By Sinisa Markovic Anthropic has introduced a new Claude Code feature called Remote Control, allowing developers to continue a local coding session from a phone, tablet, or any web browser. The feature is rolling out as a research preview to Max users.
Anthropic’s Remote Control feature brings Claude Code to mobile devices Read More »
SolarWinds Serv-U hit by four critical RCE-level vulnerabilities 2026-02-25 at 13:55 By Zeljka Zorz SolarWinds has fixed four critical vulnerabilities in its popular Serv-U file transfer solution, which is used by businesses and organizations of all sizes. If exploited, the flaws may allow attackers to create a system admin user and/or execute code as a
SolarWinds Serv-U hit by four critical RCE-level vulnerabilities Read More »
Reddit fined $19.5 million for failing to protect children’s personal data 2026-02-25 at 13:38 By Anamarija Pogorelec The UK’s Information Commissioner’s Office (ICO) has fined Reddit $19.5 million after finding that the company failed to use children’s personal information lawfully, exposing them to inappropriate and harmful content. The investigation found that Reddit did not apply
Reddit fined $19.5 million for failing to protect children’s personal data Read More »
Ex-L3Harris executive sentenced to 87 months for selling stolen cyber-exploit trade secrets 2026-02-25 at 12:15 By Sinisa Markovic Peter Williams, a former executive of Trenchant, L3Harris’ cyber division, has been sentenced to 87 months in prison by a federal judge in Washington, D.C., after pleading guilty to stealing and selling sensitive cyber-exploit trade secrets to
CISA flags exploited FileZen command injection bug, patch now! (CVE-2026-25108) 2026-02-25 at 12:14 By Zeljka Zorz CISA has added CVE-2026-25108, an OS command injection vulnerability in Soliton Systems’ FileZen secure file transfer solution, to its Known Exploited Vulnerabilities (KEV) catalog. The vendor has confirmed active exploitation, stating it has received multiple reports of damage caused
CISA flags exploited FileZen command injection bug, patch now! (CVE-2026-25108) Read More »
Cyber valuations climb as capital concentrates, AI security expands 2026-02-25 at 08:59 By Sinisa Markovic Venture funding in cybersecurity continued to concentrate in large private rounds at the end of 2025, driving valuations higher across stages. Data from DataTribe shows total capital invested approached $150 billion for the year, with a disproportionate share flowing into
Cyber valuations climb as capital concentrates, AI security expands Read More »
Microsoft adds domain libraries and Copilot integration to the quantum development kit 2026-02-25 at 08:05 By Anamarija Pogorelec The Microsoft Quantum Development Kit (QDK) is an open-source toolkit that runs on laptops and in common development environments. It includes code, simulators, libraries, and workflows that work with Visual Studio Code and GitHub Copilot. Integration with
Microsoft adds domain libraries and Copilot integration to the quantum development kit Read More »
Airline brands become launchpads for phishing, crypto fraud 2026-02-25 at 08:05 By Sinisa Markovic Airline brands sit at the center of peak travel booking cycles, loyalty programs, and high value transactions. Criminal groups continue to register thousands of lookalike domains tied to these brands, targeting travelers, employees, and business partners. Recent threat intelligence from BforeAI’s
Airline brands become launchpads for phishing, crypto fraud Read More »
Edge systems take the brunt of internet-wide exploitation attempts 2026-02-25 at 07:18 By Anamarija Pogorelec Internet-facing VPNs, routers, and remote access services absorbed sustained exploitation attempts throughout the second half of 2025, with nearly 3 billion malicious sessions recorded over 162 days. The concentration on edge infrastructure aligns with how attackers pursue initial access across
Edge systems take the brunt of internet-wide exploitation attempts Read More »