News

New ClamAV security patch closes seven scanner bugs dating back two decades

New ClamAV security patch closes seven scanner bugs dating back two decades 2026-07-06 at 01:30 By Sinisa Markovic Open source antivirus scanning sits inside mail gateways, file upload checks, and endpoint tooling at organizations of every size. Much of that work runs through ClamAV, the scanning engine maintained by Cisco’s Talos group. The project released […]

New ClamAV security patch closes seven scanner bugs dating back two decades Read More »

Week in review: SimpleHelp vulnerability exploited, Oracle EBS Payments flaw under attack

Week in review: SimpleHelp vulnerability exploited, Oracle EBS Payments flaw under attack 2026-07-05 at 08:10 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Companies keep bolting AI onto their products, and the security bill is coming due Companies keep bolting AI and LLM features

Week in review: SimpleHelp vulnerability exploited, Oracle EBS Payments flaw under attack Read More »

In Other News: Canadian Hacker Jailed, Open Source Zero-Days, Two Sentenced for ATM Jackpotting

In Other News: Canadian Hacker Jailed, Open Source Zero-Days, Two Sentenced for ATM Jackpotting 2026-07-03 at 18:10 By SecurityWeek News Noteworthy stories that might have slipped under the radar: Anonymous-linked Canadian hacker jailed, researcher drops zero-days in open source projects, Venezuelans sentenced in the US over ATM jackpotting. The post In Other News: Canadian Hacker

In Other News: Canadian Hacker Jailed, Open Source Zero-Days, Two Sentenced for ATM Jackpotting Read More »

Non-interactive SSH attacks dominate after login

Non-interactive SSH attacks dominate after login 2026-07-03 at 08:30 By Sinisa Markovic Anyone who runs a server with SSH exposed to the internet sees the same pattern in the logs. A steady stream of automated scanners tries to log in, hour after hour, from addresses all over the world. The common picture of what comes

Non-interactive SSH attacks dominate after login Read More »

Geopolitical cyber threats are turning HR into a security front line

Geopolitical cyber threats are turning HR into a security front line 2026-07-03 at 08:00 By Help Net Security In this Help Net Security video, Roman Sannikov, Global Research Coordinator at iCOUNTER, explains why geopolitics belongs in every security team’s threat model. With open and simmering conflicts around the world, attacks can come from actors that

Geopolitical cyber threats are turning HR into a security front line Read More »

Organizations struggle to prioritize known cyber risks

Organizations struggle to prioritize known cyber risks 2026-07-03 at 07:30 By Anamarija Pogorelec Organizations collect more cyber risk data than ever, with many still struggling to build a unified view of their exposure. The latest State of Threat Management report from Filigran found that security teams continue to work across disconnected tools, leaving important context

Organizations struggle to prioritize known cyber risks Read More »

New infosec products of the week: July 3, 2026

New infosec products of the week: July 3, 2026 2026-07-03 at 07:00 By Anamarija Pogorelec Here’s a look at the most interesting products from the past week, featuring releases from Digi International, iboss, Jamf, and Netzilo. Digi International’s DANI automates network diagnostics and device management Digi International has announced the launch of DANI, the Digi

New infosec products of the week: July 3, 2026 Read More »

Scattered Spider suspect extradited over $8 million ransom scheme

Scattered Spider suspect extradited over $8 million ransom scheme 2026-07-02 at 16:43 By Anamarija Pogorelec A suspected Scattered Spider member has been extradited to the United States to face charges linked to cyberattacks against U.S. companies, including the breach of a luxury jewelry retailer that led to an $8 million cryptocurrency ransom demand after attackers

Scattered Spider suspect extradited over $8 million ransom scheme Read More »

Cloudflare changes AI crawler access rules

Cloudflare changes AI crawler access rules 2026-07-02 at 15:21 By Anamarija Pogorelec Cloudflare introduced new controls that let website owners manage AI traffic across three categories: Search, Agent, and Training. The feature is available to all Cloudflare customers, including those on the Free plan, and gives website owners more control over how different types of

Cloudflare changes AI crawler access rules Read More »

The endpoint recovery gap many teams discover during an incident

The endpoint recovery gap many teams discover during an incident 2026-07-02 at 09:00 By Mirko Zorz In this interview with Help Net Security, IGEL CTO Matthias Haas explains why backups alone do not equal recovery. He makes the case that endpoint recovery is often overlooked, leaving organizations exposed when thousands of devices go down at

The endpoint recovery gap many teams discover during an incident Read More »

Catching ransomware on the wire before it locks the file server

Catching ransomware on the wire before it locks the file server 2026-07-02 at 08:00 By Sinisa Markovic Corporate networks keep sensitive files off individual workstations and store them on shared servers that staff reach through mapped network drives. That arrangement hands ransomware operators a target worth chasing. A single compromised laptop can begin encrypting files

Catching ransomware on the wire before it locks the file server Read More »

What the AI patch gap means for enterprise security

What the AI patch gap means for enterprise security 2026-07-02 at 07:30 By Sinisa Markovic Open-source maintainers are receiving more vulnerability reports than they can act on, and a rising share now comes from an AI system working at machine speed. Over roughly two months this spring, Anthropic’s Claude Mythos Preview combed through more than

What the AI patch gap means for enterprise security Read More »

GitHub’s new tool helps prevent costly open-source license violations

GitHub’s new tool helps prevent costly open-source license violations 2026-07-02 at 07:00 By Anamarija Pogorelec GitHub’s Open Source Program Office (OSPO) uses the new GitHub License Compliance feature, now in public preview, to manage thousands of open-source dependencies and identify dependencies whose licenses require review. The feature is available to GitHub Advanced Security customers and

GitHub’s new tool helps prevent costly open-source license violations Read More »

The ARToken phishing panel targets Microsoft 365 accounts

The ARToken phishing panel targets Microsoft 365 accounts 2026-07-01 at 13:00 By Sinisa Markovic Accounts-payable staff at U.S. companies keep receiving invoice emails that look like they come from vendors they already work with. One landed at a life-sciences company in April 2026, addressed to the person who handles payments and written in the voice

The ARToken phishing panel targets Microsoft 365 accounts Read More »

Claude Sonnet 5 includes safeguards against dangerous cyber use

Claude Sonnet 5 includes safeguards against dangerous cyber use 2026-07-01 at 11:45 By Anamarija Pogorelec Anthropic has introduced Claude Sonnet 5, the latest version of its general-purpose AI model, with improved reasoning, coding, tool use, and knowledge work capabilities. The model can make plans, use tools such as browsers and terminals, and complete tasks autonomously.

Claude Sonnet 5 includes safeguards against dangerous cyber use Read More »

What a financial planner taught me about cybersecurity

What a financial planner taught me about cybersecurity 2026-07-01 at 09:30 By Help Net Security When I spoke at a recent cybersecurity awareness event for financial planners and tax advisors, the audience really engaged with the subject. As happens at conferences the world over, people often come up to speakers to ask follow-up questions, or

What a financial planner taught me about cybersecurity Read More »

Nika: Open-source code analysis tool

Nika: Open-source code analysis tool 2026-07-01 at 09:00 By Mirko Zorz Many serious security bugs in web applications sit across several files at once. Request data enters through a controller, moves through data objects and service layers, and turns dangerous only when it reaches a sensitive operation such as a database query or a file

Nika: Open-source code analysis tool Read More »

This supercomputer encrypts your data even while it’s running it

This supercomputer encrypts your data even while it’s running it 2026-07-01 at 08:30 By Sinisa Markovic Most people who handle sensitive data already encrypt it in two places. They lock it down when it sits on a hard drive, and they lock it down when it moves across a network. There has always been a

This supercomputer encrypts your data even while it’s running it Read More »

AI-generated code risks reach security, legal, and compliance teams

AI-generated code risks reach security, legal, and compliance teams 2026-07-01 at 08:00 By Mirko Zorz Most engineering organizations write code with AI, and a good number of them keep that code away from customers. A Flux survey of engineering leaders and practitioners found that nearly half run AI-generated code in production. Almost every company in

AI-generated code risks reach security, legal, and compliance teams Read More »

Scroll to Top