News

Reddit declares war on bad bot activity

Reddit declares war on bad bot activity 2026-03-26 at 13:32 By Anamarija Pogorelec Reddit is introducing changes to support interactions between people. The company is taking a bottom-up approach to help users understand when they are engaging with another person unless an account is labeled otherwise. Reddit plans to verify that users are human without […]

Reddit declares war on bad bot activity Read More »

AI SOC vendors are selling a future that production deployments haven’t reached yet

AI SOC vendors are selling a future that production deployments haven’t reached yet 2026-03-26 at 12:32 By Mirko Zorz Vendors selling AI-powered security operations platforms have built their pitches around a consistent set of promises: autonomous threat investigation, dramatic reductions in analyst workload, and an accelerating path toward humanless operations. Practitioners buying and deploying those

AI SOC vendors are selling a future that production deployments haven’t reached yet Read More »

Your facilities run on fragile supply chains and nobody wants to admit it

Your facilities run on fragile supply chains and nobody wants to admit it 2026-03-26 at 12:32 By Mirko Zorz In this Help Net Security interview, Christa Dodoo, Global Chair at IFMA, discusses how facility managers are managing supply chain risk in critical building systems. She explains how sourcing, localized redundancy, and flexible infrastructure design are

Your facilities run on fragile supply chains and nobody wants to admit it Read More »

A nearly undetectable LLM attack needs only a handful of poisoned samples

A nearly undetectable LLM attack needs only a handful of poisoned samples 2026-03-26 at 12:32 By Mirko Zorz Prompt engineering has become a standard part of how large language models are deployed in production, and it introduces an attack surface most organizations have not yet addressed. Researchers have developed and tested a prompt-based backdoor attack

A nearly undetectable LLM attack needs only a handful of poisoned samples Read More »

Google races to secure encryption before quantum threats arrive

Google races to secure encryption before quantum threats arrive 2026-03-26 at 12:07 By Sinisa Markovic Google is preparing for the quantum era, a turning point in digital security, with a 2029 timeline for post-quantum cryptography (PQC) migration. Security professionals warn that current encryption could be broken by large-scale quantum computers in the coming years. This

Google races to secure encryption before quantum threats arrive Read More »

Who owns AI agent access? At most companies, nobody knows

Who owns AI agent access? At most companies, nobody knows 2026-03-26 at 07:12 By Anamarija Pogorelec AI agents are operating across production enterprise environments at scale, and the identity infrastructure managing their access has not kept up with their deployment. A January 2026 survey of 228 IT and security professionals, conducted by the Cloud Security

Who owns AI agent access? At most companies, nobody knows Read More »

Botnet operator behind $14 million in ransomware extortion payments gets 24 months behind bars

Botnet operator behind $14 million in ransomware extortion payments gets 24 months behind bars 2026-03-25 at 17:13 By Sinisa Markovic A Russian national has been sentenced to 24 months in prison after admitting he managed a botnet used to launch ransomware attacks against dozens of U.S. companies. The judge also imposed a $100,000 fine and

Botnet operator behind $14 million in ransomware extortion payments gets 24 months behind bars Read More »

Gemini picks up criminal activity buried in dark web noise

Gemini picks up criminal activity buried in dark web noise 2026-03-25 at 15:07 By Sinisa Markovic To help teams make faster and more accurate decisions on emerging threats, Google has introduced a dark web intelligence capability in Google Threat Intelligence. Powered by Gemini, the feature analyzes millions of dark web events each day and surfaces

Gemini picks up criminal activity buried in dark web noise Read More »

LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks

LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks 2026-03-25 at 14:01 By Zeljka Zorz A slew of supply chain attacks against popular open source tools and packages appears to have been orchestrated by TeamPCP, a cybercriminal group that rose to prominence in late 2025. The latest victim of the group is BerryAI’s popular

LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks Read More »

Microsoft hands Entra ID users new option for MFA

Microsoft hands Entra ID users new option for MFA 2026-03-25 at 12:46 By Anamarija Pogorelec Organizations rely on MFA to enforce identity checks before granting access to systems and services. Microsoft has made external MFA generally available in Microsoft Entra ID, expanding support for third-party identity providers. Configure external MFA in Microsoft Entra ID (Source:

Microsoft hands Entra ID users new option for MFA Read More »

Anthropic cuts action approval loop, lets Claude Code make the call

Anthropic cuts action approval loop, lets Claude Code make the call 2026-03-25 at 11:06 By Sinisa Markovic Auto mode is a new permissions feature in the Claude Code system that allows the AI to make approval decisions on a user’s behalf while safeguards review actions before execution. The feature is available on Team plans and

Anthropic cuts action approval loop, lets Claude Code make the call Read More »

Google’s TurboQuant cuts AI memory use without losing accuracy

Google’s TurboQuant cuts AI memory use without losing accuracy 2026-03-25 at 10:24 By Anamarija Pogorelec Large language models carry a persistent scaling problem. As context windows grow, the memory required to store key-value (KV) caches expands proportionally, consuming GPU memory and slowing inference. A team at Google Research has developed three compression algorithms: TurboQuant, PolarQuant,

Google’s TurboQuant cuts AI memory use without losing accuracy Read More »

You don’t have to choose between BAS or automated pentesting, you shouldn’t

You don’t have to choose between BAS or automated pentesting, you shouldn’t 2026-03-25 at 08:07 By Help Net Security There’s a debate making the rounds in security circles that sounds reasonable on the surface but falls apart under operational scrutiny: Which is better, breach and attack simulation (BAS) or automated penetration testing (APT)? Security vendors

You don’t have to choose between BAS or automated pentesting, you shouldn’t Read More »

Why your phishing simulations aren’t building a security culture

Why your phishing simulations aren’t building a security culture 2026-03-25 at 08:07 By Help Net Security Security culture isn’t built by phishing simulations. In this Help Net Security video, Dan Potter, VP of Cyber Resilience at Immersive, argues that annual training videos and quarterly phishing tests happen in calm, controlled settings that tell us nothing

Why your phishing simulations aren’t building a security culture Read More »

Your security stack looks fine from the dashboard and that’s the problem

Your security stack looks fine from the dashboard and that’s the problem 2026-03-25 at 08:07 By Anamarija Pogorelec One in five enterprise endpoints is operating outside a protected and enforceable state on any given day, according to device telemetry collected across tens of millions of corporate PCs. That figure, drawn from Absolute Security’s 2026 Resilience

Your security stack looks fine from the dashboard and that’s the problem Read More »

Kali Linux 2026.1 ships BackTrack mode, eight new tools, and a kernel upgrade to 6.18

Kali Linux 2026.1 ships BackTrack mode, eight new tools, and a kernel upgrade to 6.18 2026-03-25 at 08:07 By Anamarija Pogorelec Penetration testers running Kali Linux have a new release to work with. Version 2026.1 delivers the annual theme refresh, a new BackTrack-inspired mode in kali-undercover, eight tools added to the network repositories, a kernel

Kali Linux 2026.1 ships BackTrack mode, eight new tools, and a kernel upgrade to 6.18 Read More »

LevelBlue and SentinelOne: Advancing Integrated, Intelligence‑Driven Security Operations

LevelBlue and SentinelOne: Advancing Integrated, Intelligence‑Driven Security Operations 2026-03-24 at 19:53 By Bob McCullen Today, I’m excited to share news that represents a major step forward in how LevelBlue helps organizations strengthen their resilience and modernize their security operations. LevelBlue and SentinelOne have entered into a strategic global partnership to deliver integrated, intelligence‑driven security operations

LevelBlue and SentinelOne: Advancing Integrated, Intelligence‑Driven Security Operations Read More »

Russian initial access broker helped ransomware gangs extort millions, sentenced to 81 months

Russian initial access broker helped ransomware gangs extort millions, sentenced to 81 months 2026-03-24 at 19:53 By Sinisa Markovic A Russian citizen, Aleksei Volkov, was sentenced to 81 months in prison for helping ransomware groups carry out attacks causing over $9 million in actual losses and over $24 million in intended losses, after being arrested

Russian initial access broker helped ransomware gangs extort millions, sentenced to 81 months Read More »

Uncle Sam closes the door on all new foreign-made routers

Uncle Sam closes the door on all new foreign-made routers 2026-03-24 at 17:04 By Sinisa Markovic The US Federal Communications Commission (FCC) has imposed a ban on all new routers manufactured overseas being imported into and sold within the United States. The post Uncle Sam closes the door on all new foreign-made routers appeared first

Uncle Sam closes the door on all new foreign-made routers Read More »

The AI safety conversation is focused on the wrong layer

The AI safety conversation is focused on the wrong layer 2026-03-24 at 16:30 By Mirko Zorz Organizations have spent years accumulating fragmented identity systems: too many roles, too many credentials, too many disconnected tools. For a workforce of humans, that fragmentation was manageable. Humans log in, log out, and make decisions slowly enough that gaps

The AI safety conversation is focused on the wrong layer Read More »

Scroll to Top