News

Zero trust, zero buzzwords: Here’s what it means

Zero trust, zero buzzwords: Here’s what it means 2026-03-11 at 09:21 By Help Net Security In this Help Net Security video, Murat Balaban, CEO of Zenarmor, breaks down zero trust and zero trust network access (ZTNA) without the buzzwords. The video covers why this approach matters, including the risk of lateral movement after a breach […]

Zero trust, zero buzzwords: Here’s what it means Read More »

Cloud-audit: Fast, open-source AWS security scanner

Cloud-audit: Fast, open-source AWS security scanner 2026-03-11 at 09:21 By Mirko Zorz Running AWS security audits without a dedicated security team typically means choosing between enterprise platforms with per-check billing and generic open-source scanners that produce findings with no remediation guidance. Cloud-audit, a Python CLI tool published on GitHub by Mariusz Gebala, takes a narrower

Cloud-audit: Fast, open-source AWS security scanner Read More »

Software vulnerabilities push credential abuse aside in cloud intrusions

Software vulnerabilities push credential abuse aside in cloud intrusions 2026-03-11 at 07:17 By Sinisa Markovic Cloud intrusions are unfolding on shorter timelines, with attackers leaning more on unpatched software and compromised identities. H2 2025 distribution of initial access vectors exploited in Google Cloud (Source: Google) Google Cloud’s Cloud Threat Horizons Report H1 2026 reflects incident

Software vulnerabilities push credential abuse aside in cloud intrusions Read More »

Messenger can warn you about sketchy links without knowing what you clicked

Messenger can warn you about sketchy links without knowing what you clicked 2026-03-10 at 16:53 By Anamarija Pogorelec Meta’s Advanced browsing protection (ABP) helps Messenger identify and warn users about potentially harmful websites they open from a chat. Malicious sites can try to steal passwords, collect personal information, or install malware. Advanced browsing protection (Source:

Messenger can warn you about sketchy links without knowing what you clicked Read More »

HR, recruiters targeted in year-long malware campaign

HR, recruiters targeted in year-long malware campaign 2026-03-10 at 15:39 By Zeljka Zorz An attack campaign targeting HR departments and job recruiters has been stealthily compromising systems, Aryaka researchers have discovered. By avoiding analysis environments and leveraging a specialized module designed to kill antivirus and endpoint detection software, the Russian-speaking attacker(s) behind this campaign have

HR, recruiters targeted in year-long malware campaign Read More »

Microsoft flips Windows Autopatch to default hotpatch security updates

Microsoft flips Windows Autopatch to default hotpatch security updates 2026-03-10 at 15:32 By Sinisa Markovic Microsoft is changing the default behavior in Windows Autopatch so that hotpatch security updates are enabled automatically for eligible devices managed through Microsoft Intune or the Microsoft Graph API starting with the May 2026 Windows security update. Windows Autopatch is

Microsoft flips Windows Autopatch to default hotpatch security updates Read More »

Teen crew caught selling DDoS attack tools

Teen crew caught selling DDoS attack tools 2026-03-10 at 15:07 By Sinisa Markovic Seven minors who distributed online programs designed to facilitate DDoS attacks have been identified by Poland’s Central Bureau for Combating Cybercrime (CBZC). They were between 12 and 16 at the time of the crime. CBZC officer during a cybercrime investigation (Source: Poland’s

Teen crew caught selling DDoS attack tools Read More »

Phishing campaign spoofs local officials to steal permit fees

Phishing campaign spoofs local officials to steal permit fees 2026-03-10 at 13:01 By Sinisa Markovic The FBI is warning about a phishing scheme in which cybercriminals impersonate city and county officials to solicit fraudulent payments for planning and zoning permits. Criminals mine publicly available permit data to find likely targets and make their outreach appear

Phishing campaign spoofs local officials to steal permit fees Read More »

This spy tool has been quietly stealing data for years

This spy tool has been quietly stealing data for years 2026-03-10 at 13:00 By Help Net Security ESET researchers have traced the resurgence of Sednit through a modern toolkit built around two complementary implants, BeardShell and Covenant, each relying on a separate cloud provider to ensure operational resilience. This dual-implant architecture has enabled sustained surveillance

This spy tool has been quietly stealing data for years Read More »

Cybersecurity jobs available right now: March 10, 2026

Cybersecurity jobs available right now: March 10, 2026 2026-03-10 at 08:33 By Anamarija Pogorelec Associate Director Application Security BioNTech | Germany | On-site – View job details As an Associate Director Application Security, you will lead application security strategy, standardize security processes, and drive vulnerability management across development environments. You will enable secure-by-design practices through

Cybersecurity jobs available right now: March 10, 2026 Read More »

Bug bounties are broken, and the best security pros are moving on

Bug bounties are broken, and the best security pros are moving on 2026-03-10 at 08:33 By Anamarija Pogorelec Penetration testing engagements are organized as scheduled contracts with defined scope, set testing windows, and direct communication channels with client teams. Cobalt’s 2026 Pentester Profile Report describes growing preference for penetration testing as a service (PTaaS) and

Bug bounties are broken, and the best security pros are moving on Read More »

Airbus CSO on supply chain blind spots, space threats, and the limits of AI red-teaming

Airbus CSO on supply chain blind spots, space threats, and the limits of AI red-teaming 2026-03-10 at 08:30 By Mirko Zorz Pascal Andrei, CSO at Airbus, knows that the aerospace and defense sector is facing a threat environment that is evolving faster than most organizations can track. From sub-tier suppliers quietly becoming entry points for

Airbus CSO on supply chain blind spots, space threats, and the limits of AI red-teaming Read More »

The people behind cyber extortion are often in their forties

The people behind cyber extortion are often in their forties 2026-03-10 at 08:00 By Anamarija Pogorelec Many cybercrime investigations end with arrests or indictments that reveal little about the people behind the operations. When authorities do disclose demographic details, the pattern that emerges does not match the common assumption that cyber offenders are mostly very

The people behind cyber extortion are often in their forties Read More »

Russian hackers crack into officials’ Signal and WhatsApp accounts

Russian hackers crack into officials’ Signal and WhatsApp accounts 2026-03-09 at 17:02 By Sinisa Markovic Russian state hackers are trying to break into Signal and WhatsApp accounts used by diplomats, military staff, and government officials worldwide, Dutch intelligence agencies warned. They believe journalists and other people who attract attention from Moscow may also be affected.

Russian hackers crack into officials’ Signal and WhatsApp accounts Read More »

No more soft play, President Trump warns in new cyber strategy

No more soft play, President Trump warns in new cyber strategy 2026-03-09 at 15:37 By Sinisa Markovic The White House released “President Trump’s Cyber Strategy for America,” a policy framework outlining the administration’s priorities for maintaining U.S. leadership in cyberspace. The seven-page cyber strategy commits to a coordinated, government-wide response to cyber threats that extends

No more soft play, President Trump warns in new cyber strategy Read More »

OpenWrt 25.12.0 ships with new package manager, built-in upgrade tool, support for 2200+ devices

OpenWrt 25.12.0 ships with new package manager, built-in upgrade tool, support for 2200+ devices 2026-03-09 at 13:50 By Anamarija Pogorelec OpenWrt 25.12.0 is now available for download. The release incorporates over 4,700 commits since branching from OpenWrt 24.10. Package manager changes One of the most significant structural changes in 25.12.0 is the replacement of the

OpenWrt 25.12.0 ships with new package manager, built-in upgrade tool, support for 2200+ devices Read More »

More AI tools, more burnout! New research explains why

More AI tools, more burnout! New research explains why 2026-03-09 at 12:58 By Anamarija Pogorelec Workflows built around multiple AI agents and constant tool switching are adding cognitive strain across large enterprises. A recent Harvard Business Review analysis describes this pattern as “AI brain fry,” a form of mental fatigue tied to intensive use and

More AI tools, more burnout! New research explains why Read More »

Fake Claude Code install pages highlight rise of “InstallFix” attacks

Fake Claude Code install pages highlight rise of “InstallFix” attacks 2026-03-09 at 12:58 By Zeljka Zorz Users looking for Anthropic’s Claude Code agentic AI coding tool are being tricked via fake Claude Code install pages into running malware, Push Security researchers have warned. The attackers behind this scheme are faithfully cloning Anthropic’s installation page, hosting

Fake Claude Code install pages highlight rise of “InstallFix” attacks Read More »

Scroll to Top