News

Android 17 tweaks location privacy with one-time access

Android 17 tweaks location privacy with one-time access 2026-03-30 at 14:26 By Anamarija Pogorelec Google introduced a suite of location privacy features in Android 17 Beta 3 to give users more control and provide developers with tools for data minimization and product safety. Location button overview Android 17 introduces a new UI element called the […]

Android 17 tweaks location privacy with one-time access Read More »

Second data breach at European Commission this year leaves questions over resilience

Second data breach at European Commission this year leaves questions over resilience 2026-03-30 at 14:26 By Sinisa Markovic The European Commission confirmed that a cyberattack impacted cloud infrastructure hosting its web presence on the Europa.eu platform. Authorities said the cyberattack was discovered on 24 March, and early findings from the ongoing investigation suggest data were

Second data breach at European Commission this year leaves questions over resilience Read More »

SystemRescue 13 updates its kernel to Linux 6.18 LTS, adds new recovery tools

SystemRescue 13 updates its kernel to Linux 6.18 LTS, adds new recovery tools 2026-03-30 at 10:37 By Anamarija Pogorelec Bootable Linux recovery environments occupy a specific niche in the systems administration and incident response toolkit. SystemRescue, an Arch-based live distribution built for repairing unbootable systems and recovering data from damaged drives, has shipped version 13.00

SystemRescue 13 updates its kernel to Linux 6.18 LTS, adds new recovery tools Read More »

Why risk alone doesn’t get you to yes

Why risk alone doesn’t get you to yes 2026-03-30 at 09:29 By Help Net Security I have been in security rooms for years, from military operations centers to corporate boardrooms. In all those years I can tell you that the hardest mission that most security leaders will face is not identifying a threat, but getting

Why risk alone doesn’t get you to yes Read More »

ShipSec Studio brings open-source workflow orchestration to security operations

ShipSec Studio brings open-source workflow orchestration to security operations 2026-03-30 at 08:04 By Anamarija Pogorelec Security teams have long relied on a mix of shell scripts, cron jobs, and loosely connected tools to chain reconnaissance and vulnerability scanning work together. ShipSec Studio, an open-source security workflow automation platform from ShipSec AI, aims to replace that

ShipSec Studio brings open-source workflow orchestration to security operations Read More »

Don’t count on government guidance after a smart home breach

Don’t count on government guidance after a smart home breach 2026-03-30 at 07:30 By Sinisa Markovic People are filling their homes with internet-connected cameras, speakers, locks, and routers. When one of those devices is compromised, the next steps are often unclear. Researchers reviewing government cybersecurity advice in 11 countries found that most guidance focuses on

Don’t count on government guidance after a smart home breach Read More »

Breaking out: Can AI agents escape their sandboxes?

Breaking out: Can AI agents escape their sandboxes? 2026-03-30 at 07:30 By Anamarija Pogorelec Container sandboxes are part of routine AI agent testing and deployment. Agents use them to run code, edit files, and interact with system resources without direct access to the host. The SandboxEscapeBench benchmark, developed by researchers at the University of Oxford

Breaking out: Can AI agents escape their sandboxes? Read More »

Week in review: NIST updates DNS security guidance, compromised LiteLLM PyPI packages

Week in review: NIST updates DNS security guidance, compromised LiteLLM PyPI packages 2026-03-29 at 18:17 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: NIST updates its DNS security guidance for the first time in over a decade DNS infrastructure underpins nearly every network connection

Week in review: NIST updates DNS security guidance, compromised LiteLLM PyPI packages Read More »

Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521)

Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521) 2026-03-28 at 11:30 By Zeljka Zorz A critical unauthenticated remote code execution vulnerability (CVE-2025-53521) in F5’s BIG-IP Access Policy Manager (APM) solution is under active exploitation, the US Cybersecurity and Infrastructure Security Agency warned on Friday. CISA added the flaw to its Known Exploited Vulnerabilities

Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521) Read More »

AI frenzy feeds credential chaos, secrets leak through code, tools, and infrastructure

AI frenzy feeds credential chaos, secrets leak through code, tools, and infrastructure 2026-03-27 at 20:33 By Anamarija Pogorelec Code keeps moving through pipelines, and credentials continue to surface alongside it. GitGuardian’s State of Secrets Sprawl 2026 puts the count at 28.65 million new hardcoded secrets in public GitHub commits in 2025, extending a multi-year rise

AI frenzy feeds credential chaos, secrets leak through code, tools, and infrastructure Read More »

TeamPCP strikes again: Backdoored Telnyx PyPI package delivers malware

TeamPCP strikes again: Backdoored Telnyx PyPI package delivers malware 2026-03-27 at 15:46 By Zeljka Zorz TeamPCP continues is supply chain compromise rampage, with telnyx on PyPI being the latest maliciously modified package. What happened? Telnyx is a widely used software development kit (SDK) for the Telnyx AI Voice Agent service. According to Endor Labs researchers,

TeamPCP strikes again: Backdoored Telnyx PyPI package delivers malware Read More »

CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation

CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation 2026-03-27 at 12:43 By Zeljka Zorz The US Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2026-33017, a recently disclosed code injection vulnerability in Langflow, an open-source framework for building AI agents and

CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation Read More »

Ajax data breach exposed season tickets, supporter bans open to tampering

Ajax data breach exposed season tickets, supporter bans open to tampering 2026-03-27 at 12:15 By Sinisa Markovic AFC Ajax, the Dutch football club from Amsterdam, disclosed that an unknown hacker gained access to parts of its IT systems and obtained the email addresses of a few hundred people. The hack exploited vulnerabilities in Ajax’s app

Ajax data breach exposed season tickets, supporter bans open to tampering Read More »

Make OpenAI’s models misbehave and earn a reward

Make OpenAI’s models misbehave and earn a reward 2026-03-27 at 03:57 By Anamarija Pogorelec OpenAI’s public Safety Bug Bounty program focuses on AI abuse and safety risks across its products. The goal is to support safe and secure systems and reduce the risk of misuse that could lead to harm. This program complements the Security

Make OpenAI’s models misbehave and earn a reward Read More »

Top product launches at RSAC 2026

Top product launches at RSAC 2026 2026-03-27 at 03:57 By Mirko Zorz RSAC 2026 showcased a wave of innovation, with vendors unveiling technologies poised to redefine cybersecurity. From AI-powered defense to breakthroughs in identity protection, this year’s conference delivered a glimpse into the future. Here are the most interesting products that caught our attention, and

Top product launches at RSAC 2026 Read More »

Tails 7.6 ships automatic Tor bridge retrieval and a new password manager

Tails 7.6 ships automatic Tor bridge retrieval and a new password manager 2026-03-27 at 01:05 By Anamarija Pogorelec Tails 7.6 is out, and for users operating on networks that block Tor, the most consequential addition is built-in bridge retrieval. The Tor Connection assistant can now detect when a direct connection to Tor is restricted and

Tails 7.6 ships automatic Tor bridge retrieval and a new password manager Read More »

Second RedLine infostealer operator ends up in US custody

Second RedLine infostealer operator ends up in US custody 2026-03-26 at 16:23 By Sinisa Markovic Hambardzum Minasyan, an Armenian man extradited to the United States, is accused of conspiring with others to develop and operate the RedLine infostealer malware used to steal sensitive data, including login credentials, from victims’ computers. Minasyan is charged with conspiracy

Second RedLine infostealer operator ends up in US custody Read More »

GitHub jumps on the bandwagon and will use your data to train AI

GitHub jumps on the bandwagon and will use your data to train AI 2026-03-26 at 15:52 By Anamarija Pogorelec GitHub updated how it uses data to improve AI-powered coding assistance. Starting April 24, interaction data from Copilot Free, Pro, and Pro+ users may be used to train and improve GitHub’s models unless users opt out.

GitHub jumps on the bandwagon and will use your data to train AI Read More »

Researchers release tool to detect stealthy BPFDoor implants in critical infrastructure networks

Researchers release tool to detect stealthy BPFDoor implants in critical infrastructure networks 2026-03-26 at 15:52 By Zeljka Zorz Telecommunications providers around the world have been dealing with the burrowing efforts of the China-linked APTs for many years now. To help them identify hard-to-detect implants used by the China-based group dubbed Red Menshen, Rapid7 researchers have

Researchers release tool to detect stealthy BPFDoor implants in critical infrastructure networks Read More »

Mission to smuggle $170 million worth of AI tech to China collapsed for three men

Mission to smuggle $170 million worth of AI tech to China collapsed for three men 2026-03-26 at 15:52 By Sinisa Markovic Three individuals, Stanley Yi Zheng, Matthew Kelly, and Tommy Shad English, have been charged with conspiracy to commit smuggling and export control violations after allegedly attempting to procure millions of dollars’ worth of restricted

Mission to smuggle $170 million worth of AI tech to China collapsed for three men Read More »

Scroll to Top