News

Microsoft Entra ID will auto-enable passkey profiles, synced passkeys

authentication, Microsoft, Microsoft Entra ID, News, passkeys /

Microsoft Entra ID will auto-enable passkey profiles, synced passkeys 2026-01-26 at 10:52 By Sinisa Markovic Starting March 2026, Microsoft Entra ID will automatically enable passkey profiles and introduce support for synced passkeys. Passkey profiles move into general availability The update brings passkey profiles and synced passkeys into general availability. Administrators gain access to a new […]

Microsoft Entra ID will auto-enable passkey profiles, synced passkeys Read More »

Brakeman: Open-source vulnerability scanner for Ruby on Rails applications

Don't miss, GitHub, News, open source, Ruby, scanner, scanning, software /

Brakeman: Open-source vulnerability scanner for Ruby on Rails applications 2026-01-26 at 08:00 By Anamarija Pogorelec Brakeman is an open-source security scanner used by teams that build applications with Ruby on Rails. The tool focuses on application code and configuration, giving developers and security teams a way to identify common classes of web application risk during

Brakeman: Open-source vulnerability scanner for Ruby on Rails applications Read More »

Incident response lessons learned the hard way

ConnectSecure, cybersecurity, Don't miss, Incident Response, News, strategy, Video /

Incident response lessons learned the hard way 2026-01-26 at 07:36 By Help Net Security In this Help Net Security video, Ryan Seymour, VP, Consulting and Education at ConnectSecure, shares lessons from more than two decades in cybersecurity incident response. He explains why many response failures are set in motion long before an attack begins. The

Incident response lessons learned the hard way Read More »

AWS releases updated PCI PIN compliance report for payment cryptography

AWS, Coalfire, Compliance, News, PCI, PCI DSS /

AWS releases updated PCI PIN compliance report for payment cryptography 2026-01-26 at 07:05 By Anamarija Pogorelec Amazon Web Services has published an updated Payment Card Industry Personal Identification Number (PCI PIN) compliance package for its AWS Payment Cryptography service, confirming a recent third-party audit of the platform. The report package is now accessible through AWS’s

AWS releases updated PCI PIN compliance report for payment cryptography Read More »

Week in review: Fully patched FortiGate firewalls are getting compromised, attackers probe Cisco RCE flaw

News, Week in review /

Week in review: Fully patched FortiGate firewalls are getting compromised, attackers probe Cisco RCE flaw 2026-01-25 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Review: AI Strategy and Security AI Strategy and Security is a guide for organizations planning enterprise AI programs.

Week in review: Fully patched FortiGate firewalls are getting compromised, attackers probe Cisco RCE flaw Read More »

Okta users under attack: Modern phishing kits are turbocharging vishing attacks

attack tools, Don't miss, Google, Hot stuff, Microsoft 365, News, Okta, vishing /

Okta users under attack: Modern phishing kits are turbocharging vishing attacks 2026-01-23 at 15:31 By Zeljka Zorz Threat actors who specialize in vishing (i.e., voice phishing) have started using phishing kits that can intercept targets’ login credentials while also allowing attackers to control the authentication flow in a targeted user’s browser in real-time. At least

Okta users under attack: Modern phishing kits are turbocharging vishing attacks Read More »

1Password targets AI-driven phishing with built-in prevention

1Password, News, phishing /

1Password targets AI-driven phishing with built-in prevention 2026-01-23 at 15:31 By Anamarija Pogorelec To help reduce phishing risk, 1Password added an extra layer of protection and began rolling out a phishing prevention feature designed to stop users before they share passwords with scammers. How 1Password phishing prevention works When a user clicks a link whose

1Password targets AI-driven phishing with built-in prevention Read More »

Raspberry Pi now offers a branded USB flash drive, starts at $30

hardware, News, Raspberry Pi /

Raspberry Pi now offers a branded USB flash drive, starts at $30 2026-01-23 at 12:17 By Sinisa Markovic Raspberry Pi has launched a USB flash drive optimized for use across its lineup of single-board computers. The drive is offered in two capacities, with the 128GB model priced at $30 and the 256GB version at $55.

Raspberry Pi now offers a branded USB flash drive, starts at $30 Read More »

Ring now lets users verify whether videos have been altered

hardware, News, Ring, security cameras /

Ring now lets users verify whether videos have been altered 2026-01-23 at 12:17 By Anamarija Pogorelec To give users peace of mind, Ring has introduced a new content authenticity feature that allows them to verify whether a Ring video has been edited or altered. Ring Verify adds a digital security seal that breaks if the

Ring now lets users verify whether videos have been altered Read More »

One-time SMS links that never expire are exposing personal data for years

data security, Don't miss, Features, Group-IB, News, Palo Alto Networks, Privacy, Proofpoint, research, Sekoia.io /

One-time SMS links that never expire are exposing personal data for years 2026-01-23 at 08:47 By Sinisa Markovic Online services often treat one-time links sent by text message as low-risk conveniences. A new study shows that these links can expose large amounts of personal data for years. Malicious URLs continue to shift from email to

One-time SMS links that never expire are exposing personal data for years Read More »

More employees get AI tools, fewer rely on them at work

agentic AI, Artificial Intelligence, Deloitte, Don't miss, Kovant, News, report /

More employees get AI tools, fewer rely on them at work 2026-01-23 at 08:03 By Mirko Zorz People across many organizations now have access to AI tools, and usage keeps spreading. Some groups rely on AI during regular work, others treat it as an occasional helper. That gap between access and routine use sits at

More employees get AI tools, fewer rely on them at work Read More »

Agentic AI edges closer to everyday production use

agentic AI, Artificial Intelligence, Dynatrace, News, report /

Agentic AI edges closer to everyday production use 2026-01-23 at 07:31 By Anamarija Pogorelec Many security and operations teams now spend less time asking whether agentic AI belongs in production and more time working out how to run it safely at scale. A new Dynatrace research report looks at how large organizations are moving agentic

Agentic AI edges closer to everyday production use Read More »

Microsoft introduces winapp, an open-source CLI for building Windows apps

GitHub, Microsoft, News, open source, software, Windows /

Microsoft introduces winapp, an open-source CLI for building Windows apps 2026-01-23 at 07:24 By Anamarija Pogorelec Microsoft has released winapp, a new command line interface aimed at simplifying the process of building Windows applications. The open-source tool targets developers who rely on terminal based workflows and want a consistent way to create, configure, and manage

Microsoft introduces winapp, an open-source CLI for building Windows apps Read More »

New infosec products of the week: January 23, 2026

cside, News, Obsidian Security, Rubrik, SEON, Vectra AI /

New infosec products of the week: January 23, 2026 2026-01-23 at 07:04 By Anamarija Pogorelec Here’s a look at the most interesting products from the past week, featuring releases from cside, Obsidian Security, Rubrik, SEON, and Vectra AI. cside targets hidden website privacy violations with Privacy Watch cside announced the launch of Privacy Watch. The

New infosec products of the week: January 23, 2026 Read More »

Energy sector orgs targeted with AiTM phishing campaign

Don't miss, energy sector, Hot stuff, Microsoft, MITM, News, phishing, SharePoint /

Energy sector orgs targeted with AiTM phishing campaign 2026-01-22 at 15:19 By Zeljka Zorz Organizations in the energy sector are being targeted with phishing emails aimed at compromising enterprise accounts, Microsoft warns. The attack campaign The attacks started with phishing emails with “NEW PROPOSAL – NDA” in the subject line, coming from a compromised email

Energy sector orgs targeted with AiTM phishing campaign Read More »

Tesla, Sony, and Alpine systems compromised on day one of Pwn2Own Automotive 2026

hacking contest, News, Pwn2Own, Trend Micro, vulnerability disclosure /

Tesla, Sony, and Alpine systems compromised on day one of Pwn2Own Automotive 2026 2026-01-22 at 13:11 By Sinisa Markovic Security researchers uncovered 37 previously unknown vulnerabilities on the opening day of Pwn2Own Automotive 2026, earning a combined $516,500 in prize money, according to results released by Trend Micro’s Zero Day Initiative. The Master of Pwn

Tesla, Sony, and Alpine systems compromised on day one of Pwn2Own Automotive 2026 Read More »

OpenWrt One gains support for running Debian

Debian, hardware, Linux, News, open source, OpenWRT /

OpenWrt One gains support for running Debian 2026-01-22 at 12:59 By Anamarija Pogorelec Debian now runs on the OpenWrt One hardware platform following recent engineering work by Collabora. OpenWrt One is a developer focused router designed to support embedded Linux work on standardized hardware. The platform serves as a reference device for the OpenWrt community

OpenWrt One gains support for running Debian Read More »

Exposed training apps are showing up in active cloud attacks

cloud security, cybersecurity, Don't miss, misconfiguration, News, Pentera, report /

Exposed training apps are showing up in active cloud attacks 2026-01-22 at 09:06 By Sinisa Markovic Security teams often spin up vulnerable applications for demos, training, or internal testing. A recent Pentera research report documents how those environments are being left exposed on the public internet and actively exploited. The research focuses on intentionally vulnerable

Exposed training apps are showing up in active cloud attacks Read More »

Unbounded AI use can break your systems

access control, Artificial Intelligence, code, cybersecurity, Don't miss, DryRun Security, LLMs, News, Video /

Unbounded AI use can break your systems 2026-01-22 at 08:01 By Help Net Security In this Help Net Security video, James Wickett, CEO of DryRun Security, explains cyber risks many teams underestimate as they add AI to products. He focuses on how fast LLM features are pushed into live applications without limits or guardrails. The

Unbounded AI use can break your systems Read More »

The internet’s oldest trust mechanism is still one of its weakest links

Artificial Intelligence, authentication, CSC, cybersecurity, DNS, News, report, security controls /

The internet’s oldest trust mechanism is still one of its weakest links 2026-01-22 at 07:23 By Anamarija Pogorelec Attackers continue to rely on domain names as an entry point into enterprise systems. A CSC domain security study finds that large organizations leave this part of their attack surface underprotected, even as attacks become more frequent.

The internet’s oldest trust mechanism is still one of its weakest links Read More »

Scroll to Top