LLMs are automating the human part of romance scams 2025-12-29 at 09:03 By Sinisa Markovic Romance scams succeed because they feel human. New research shows that feeling no longer requires a person on the other side of the chat. The three stages of a romance-baiting scam Romance scams depend on scripted conversation Romance baiting scams […]
LLMs are automating the human part of romance scams Read More »
Superagent: Open-source framework for guardrails around agentic AI 2025-12-29 at 09:03 By Sinisa Markovic Superagent is an open-source framework for building, running, and controlling AI agents with safety built into the workflow. The project focuses on giving developers and security teams tools to manage what agents can do, what they can access, and how they
Superagent: Open-source framework for guardrails around agentic AI Read More »
CISOs are managing risk in survival mode 2025-12-29 at 08:08 By Anamarija Pogorelec CISOs carry expanding responsibility as cybersecurity budgets rise, AI adoption spreads, and board expectations grow. Risk management now depends on faster decisions, stronger coordination, and better communication across leadership teams. This article shows how CISOs are responding to growing pressure, ongoing threats,
CISOs are managing risk in survival mode Read More »
Automation forces a reset in security strategy 2025-12-29 at 08:08 By Anamarija Pogorelec Enterprise security teams are working under the assumption that disruption is constant. A global study by Trellix shows that resilience has moved from a long term goal to a structural requirement for CISOs. Infrastructure design, operational integration, and the use of AI
Automation forces a reset in security strategy Read More »
Security chaos engineering matters when nothing is broken 2025-12-29 at 08:00 By Help Net Security In this Help Net Security video, Brian Blakley, CISO at Bellini Capital, explains why security chaos engineering matters beyond theory. He shares lessons from real organizations where systems did not fail outright, but uncertainty slowed the business. Login delays, certificate
Security chaos engineering matters when nothing is broken Read More »
Week in review: WatchGuard Firebox firewalls attacked, infosec enthusiasts targeted with fake PoCs 2025-12-28 at 11:41 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Building cyber talent through competition, residency, and real-world immersion In this Help Net Security interview, Chrisma Jackson, Director of Cybersecurity
LLMs can assist with vulnerability scoring, but context still matters 2025-12-26 at 08:26 By Sinisa Markovic Every new vulnerability disclosure adds another decision point for already stretched security teams. A recent study explores whether LLMs can take on part of that burden by scoring vulnerabilities at scale. While the results show promise in specific areas,
LLMs can assist with vulnerability scoring, but context still matters Read More »
From AI to cyber risk, why IT leaders are anxious heading into 2026 2025-12-26 at 07:35 By Sinisa Markovic Cybersecurity threats are shaping IT planning for 2026, with AI maturity and regulation emerging as another major source of disruption, according to a global survey from Veeam. Veeam surveyed 250 senior IT and business decision-makers worldwide
From AI to cyber risk, why IT leaders are anxious heading into 2026 Read More »
The next big IT security battle is all about privileged access 2025-12-26 at 07:01 By Help Net Security Leostream predicts changes in Identity and Access Management (IAM) and Privileged Access Management (PAM) in 2026 driven by new realities of cybersecurity, hybridization, AI, and more. Passwordless moves from pilot to production In 2026, passwordless authentication will
The next big IT security battle is all about privileged access Read More »
Five identity-driven shifts reshaping enterprise security in 2026 2025-12-24 at 11:18 By Help Net Security 2026 marks the tipping point when artificial intelligence begins to fundamentally reshape cyber risk. After several years of widespread adoption, AI moves beyond influencing how we work and starts transforming the enterprise itself. AI is now embedded at every layer
Five identity-driven shifts reshaping enterprise security in 2026 Read More »
What if your face could say “don’t record me”? Researchers think it’s possible 2025-12-24 at 10:01 By Sinisa Markovic Phones, smart glasses, and other camera-equipped devices capture scenes that include people who never agreed to be recorded. A newly published study examines what it would take for bystanders to signal their privacy choices directly to
What if your face could say “don’t record me”? Researchers think it’s possible Read More »
Conjur: Open-source secrets management and application identity 2025-12-24 at 08:34 By Sinisa Markovic Conjur is an open-source secrets management project designed for environments built around containers, automation, and dynamic infrastructure. It focuses on controlling access to credentials such as database passwords, API keys, and tokens that applications need at runtime. The project is maintained in
Conjur: Open-source secrets management and application identity Read More »
Governance maturity defines enterprise AI confidence 2025-12-24 at 08:17 By Anamarija Pogorelec AI security has reached a point where enthusiasm alone no longer carries organizations forward. New Cloud Security Alliance research shows that governance has become the main factor separating teams that feel prepared from those that do not. Governance separates confidence from uncertainty Governance
Governance maturity defines enterprise AI confidence Read More »
Counterfeit defenses built on paper have blind spots 2025-12-24 at 08:17 By Anamarija Pogorelec Counterfeit protection often leans on the idea that physical materials have quirks no attacker can copy. A new study challenges that comfort by showing how systems built on paper surface fingerprints can be disrupted or bypassed. The research comes from teams
Counterfeit defenses built on paper have blind spots Read More »
Elementary OS 8.1 rolls out with a stronger focus on system security 2025-12-24 at 08:17 By Anamarija Pogorelec Elementary OS 8.1 is now available for download and shipping on select hardware from retailers such as Star Labs, Slimbook, and Laptop with Linux. The update arrives after more than a year of refinements based on community
Elementary OS 8.1 rolls out with a stronger focus on system security Read More »
What happens to enterprise data when GenAI shows up everywhere 2025-12-24 at 08:17 By Anamarija Pogorelec Generative AI is spreading across enterprise workflows, shaping how employees create, share, and move information between systems. Security teams are working to understand where data ends up, who can access it, and how its use reshapes security assumptions. This
What happens to enterprise data when GenAI shows up everywhere Read More »
Budding infosec pros and aspiring cyber crooks targeted with fake PoC exploits 2025-12-23 at 14:47 By Zeljka Zorz Malware peddlers are targeting infosec enthusiasts, budding security professionals, and aspiring hackers with the Webrat malware, masquerading the threat as proof-of-concept (PoC) exploits for known vulnerabilities. Delivering the malware The recently uncovered Webrat can steal data from
Budding infosec pros and aspiring cyber crooks targeted with fake PoC exploits Read More »
Formal proofs expose long standing cracks in DNSSEC 2025-12-23 at 09:41 By Sinisa Markovic DNSSEC is meant to stop attackers from tampering with DNS answers. It signs records so resolvers can verify that data is authentic and unchanged. Many security teams assume that if DNSSEC validation passes, the answer can be trusted. New academic research
Formal proofs expose long standing cracks in DNSSEC Read More »
Weak enforcement keeps PCI DSS compliance low 2025-12-23 at 09:41 By Sinisa Markovic Payment card breaches continue to surface across industries, even after years of investment in security standards. A new study links this pattern to enforcement, showing that PCI DSS compliance trails behind HIPAA, GDPR, and the EU’s NIS2 Directive. A compliance gap that
Weak enforcement keeps PCI DSS compliance low Read More »
Cloud security is stuck in slow motion 2025-12-23 at 08:23 By Anamarija Pogorelec Cloud environments are moving faster than the systems meant to protect them. A new Palo Alto Networks study shows security teams struggling to keep up with development cycles, growing cloud sprawl, and attacker tactics that now compress breaches into minutes instead of
Cloud security is stuck in slow motion Read More »