News

A new framework helps banks sort urgent post-quantum crypto work from the rest

CISO, Encryption, EU, Europe, Europol, finance, financial industry, News, Post-Quantum, quantum computing, Risk Management, strategy, tips /

A new framework helps banks sort urgent post-quantum crypto work from the rest 2026-01-22 at 04:57 By Sinisa Markovic Financial institutions now have a concrete method for deciding where post-quantum cryptography belongs on their security roadmaps. New research coordinated by Europol sets out a scoring framework that helps banks rank systems and business use cases […]

A new framework helps banks sort urgent post-quantum crypto work from the rest Read More »

macOS Tahoe improves privacy and communication safety

apple, cybersecurity, macOS, News, Privacy /

macOS Tahoe improves privacy and communication safety 2026-01-22 at 03:41 By Anamarija Pogorelec macOS Tahoe privacy and security features focus on screening unwanted contact, limiting tracking, and keeping more decisions on the device. Most updates run quietly in the background and require little setup. Built-in filtering for calls and messages Apple reduced exposure to social

macOS Tahoe improves privacy and communication safety Read More »

Microsoft updates the security baseline for Microsoft 365 Apps for enterprise

Microsoft, Microsoft 365, News, security update /

Microsoft updates the security baseline for Microsoft 365 Apps for enterprise 2026-01-22 at 01:13 By Anamarija Pogorelec Microsoft has published version 2512 of its security baseline for Microsoft 365 Apps for enterprise. The baseline documents recommended policy settings for Office applications used in enterprise environments and maps those settings to current management tools. What the

Microsoft updates the security baseline for Microsoft 365 Apps for enterprise Read More »

Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718?

Arctic Wolf Networks, Don't miss, firewall, Fortinet, FortiOS, Hot stuff, Huntress, News, privileged accounts, SSO, vulnerability /

Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718? 2026-01-21 at 22:22 By Zeljka Zorz CVE-2025-59718, a critical authentication bypass flaw that attackers exploited in December 2025 to compromise FortiGate appliances, appears to persist in newer, purportedly fixed releases of the underlying FortiOS. According to Fortinet, CVE-2025-59718 had been fixed in FortiOS versions 7.6.4 or

Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718? Read More »

RCE flaw in Cisco enterprise communications products probed by attackers (CVE-2026-20045)

Cisco, communication, Don't miss, enterprise, Hot stuff, News, security update, vulnerability /

RCE flaw in Cisco enterprise communications products probed by attackers (CVE-2026-20045) 2026-01-21 at 20:57 By Zeljka Zorz Cisco has fixed a critical remote code execution vulnerability (CVE-2026-20045) in some of its unified communications solutions that’s being targeted by attackers in the wild, the company announced on Wednesday via a security advisory. About CVE-2026-20045 CVE-2026-20045 is

RCE flaw in Cisco enterprise communications products probed by attackers (CVE-2026-20045) Read More »

EU tightens cybersecurity rules for tech supply chains

cyber resilience, ENISA, EU, Europe, European Commission, framework, Government, News /

EU tightens cybersecurity rules for tech supply chains 2026-01-21 at 17:24 By Anamarija Pogorelec The European Commission has proposed a new cybersecurity package aimed at strengthening the EU’s cyber resilience, including a revised EU Cybersecurity Act designed to secure ICT supply chains and ensure products reaching EU citizens are secure by design through a streamlined

EU tightens cybersecurity rules for tech supply chains Read More »

Rust package registry adds security tools and metrics to crates.io

GitLab, News, OpenSSF, rust, security update /

Rust package registry adds security tools and metrics to crates.io 2026-01-21 at 15:23 By Anamarija Pogorelec The Rust project updated crates.io to include a Security tab on individual crate pages. The tab shows security advisories drawn from the RustSec database and lists which versions of a crate may have known issues. This change gives developers

Rust package registry adds security tools and metrics to crates.io Read More »

OpenAI adds age prediction to ChatGPT to strengthen teen safety

ChatGPT, Data Protection, News, OpenAI /

OpenAI adds age prediction to ChatGPT to strengthen teen safety 2026-01-21 at 15:05 By Sinisa Markovic OpenAI is rolling out age prediction on ChatGPT consumer plans to help determine whether an account likely belongs to someone under 18. Age prediction builds on protections already in place. ChatGPT relies on an age prediction model that evaluates

OpenAI adds age prediction to ChatGPT to strengthen teen safety Read More »

RansomHub claims alleged breach of Apple partner Luxshare

apple, data breach, Don't miss, extortion, Hot stuff, Intel, News, NVIDIA, Qualcomm, Samsung /

RansomHub claims alleged breach of Apple partner Luxshare 2026-01-21 at 14:34 By Zeljka Zorz Chinese electronic manufacturer and Apple partner Luxshare Precision Industry has allegedly been breached by affiliates of the RansomHub ransomware-as-a-service outfit. Luxshare is one of the primary assemblers of Apple’s wireless earbuds, iPhones, and Vision Pro devices, as well as a producer

RansomHub claims alleged breach of Apple partner Luxshare Read More »

Linux users targeted by crypto thieves via hijacked apps on Snap Store

Canonical, Cryptocurrency, digital wallet, Don't miss, Hot stuff, Linux, Malware, malware detection, News, Snap Store, software protection /

Linux users targeted by crypto thieves via hijacked apps on Snap Store 2026-01-21 at 12:17 By Zeljka Zorz Cryptocurrency thieves have found a new way to turn trusted software packages for Linux on the Snap Store into crypto-stealing malware, Ubuntu contributor and former Canonical developer Alan Pope warned. SnapScope web app identifies malicious snaps (Source:

Linux users targeted by crypto thieves via hijacked apps on Snap Store Read More »

Pro-Russian hacktivist campaigns continue against UK organizations

cyberattacks, cybersecurity, DDoS, Don't miss, Europe, Hacktivism, National Cyber Security Centre, News, Orange Cyberdefense, Russian Federation, UK /

Pro-Russian hacktivist campaigns continue against UK organizations 2026-01-21 at 12:00 By Sinisa Markovic The UK’s National Cyber Security Centre reports ongoing cyber operations by Russian-aligned hacktivist groups targeting organizations in the UK and abroad. NoName057(16) remains active In December 2025, the NCSC co signed an advisory warning that pro-Russian hacktivist groups were conducting cyber operations

Pro-Russian hacktivist campaigns continue against UK organizations Read More »

Cybercriminals speak the language young people trust

cybercrime, cybersecurity, Don't miss, News /

Cybercriminals speak the language young people trust 2026-01-21 at 08:30 By Sinisa Markovic Criminal groups actively recruit, train, and retain people in structured ways. They move fast, pay in crypto, and place no weight on age. Young people are dealing with a new kind of addiction. It isn’t drugs, alcohol, or gambling. It’s screens. Constant

Cybercriminals speak the language young people trust Read More »

Bandit: Open-source tool designed to find security issues in Python code

code analysis, cybersecurity, DevSecOps, Don't miss, GitHub, News, open source, Python, scanning, software /

Bandit: Open-source tool designed to find security issues in Python code 2026-01-21 at 08:04 By Sinisa Markovic Bandit is an open-source tool that scans Python source code for security issues that show up in everyday development. Many security teams and developers use it as a quick way to spot risky coding patterns early in the

Bandit: Open-source tool designed to find security issues in Python code Read More »

The 2026 State of Pentesting: Why delivery and follow-through matter more than ever

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, penetration testing, PlexTrac, remediation, vulnerability management /

The 2026 State of Pentesting: Why delivery and follow-through matter more than ever 2026-01-21 at 07:34 By Help Net Security Penetration testing has evolved significantly over the past several years. While uncovering exploitable vulnerabilities remains the core goal, the real differentiator today is how findings are handled after the testing concludes. The method of reporting,

The 2026 State of Pentesting: Why delivery and follow-through matter more than ever Read More »

Security leaders push for continuous controls as audits stay manual

Artificial Intelligence, automation, Compliance, cybersecurity, framework, monitoring, News, RegScale, report /

Security leaders push for continuous controls as audits stay manual 2026-01-21 at 07:03 By Anamarija Pogorelec Security teams say they want real-time insight into controls, but still rely on periodic checks that trail daily operations. New RegScale research shows how wide that gap remains and where organizations are directing time, staff, and budget to manage

Security leaders push for continuous controls as audits stay manual Read More »

Initial access broker pleads guilty to selling access to 50 corporate networks

CloudSEK, court, cybercrime, cybercriminals, Don't miss, FBI, Hot stuff, initial access broker, News /

Initial access broker pleads guilty to selling access to 50 corporate networks 2026-01-20 at 15:43 By Zeljka Zorz A 40-year-old Jordanian man has admitted to selling unauthorized access to computer networks of at least 50 companies, the US Attorney’s Office of the District of New Jersey has announced. Feras Khalil Ahmad Albashiti has pleaded guilty

Initial access broker pleads guilty to selling access to 50 corporate networks Read More »

Let’s Encrypt rolls out 6-day and IP-based certificates

News /

Let’s Encrypt rolls out 6-day and IP-based certificates 2026-01-20 at 12:25 By Anamarija Pogorelec Let’s Encrypt says its short-lived TLS certificates with a 6-day lifetime are now generally available. Each certificate is valid for 160 hours from the time it is issued. To request one, operators must select the “shortlived” profile in their ACME client.

Let’s Encrypt rolls out 6-day and IP-based certificates Read More »

Confusion and fear send people to Reddit for cybersecurity advice

Don't miss, Europol, Features, Google, Hot stuff, Incogni, Malwarebytes, News, Privacy, research, scams /

Confusion and fear send people to Reddit for cybersecurity advice 2026-01-20 at 09:00 By Sinisa Markovic A strange charge appears on a bank account. An email claims a package is on the way. A social media account stops accepting a password that worked yesterday. When these moments hit, many people do the same thing. They

Confusion and fear send people to Reddit for cybersecurity advice Read More »

Product showcase: PrivacyHawk for iOS helps users track and remove personal data from data brokers

cybersecurity, Don't miss, iOS, iPhone, News, Privacy, Product showcase, software /

Product showcase: PrivacyHawk for iOS helps users track and remove personal data from data brokers 2026-01-20 at 08:06 By Anamarija Pogorelec Every interaction online, from signing up for a newsletter to making a purchase, leaves a trace. These traces are collected by data brokers and resold to advertisers, analytics firms, or, in some cases, criminals

Product showcase: PrivacyHawk for iOS helps users track and remove personal data from data brokers Read More »

Privacy teams feel the strain as AI, breaches, and budgets collide

Artificial Intelligence, boardroom, Compliance, cybersecurity, ISACA, News, Privacy, report /

Privacy teams feel the strain as AI, breaches, and budgets collide 2026-01-20 at 07:31 By Anamarija Pogorelec Privacy programs are under strain as organizations manage breach risk, new technology, and limited resources. A global study from ISACA shows that AI is gaining ground in privacy work, with use shaped by governance, funding, and how consistently

Privacy teams feel the strain as AI, breaches, and budgets collide Read More »

Scroll to Top