News

AI-generated code risks reach security, legal, and compliance teams

AI-generated code risks reach security, legal, and compliance teams 2026-07-01 at 08:00 By Mirko Zorz Most engineering organizations write code with AI, and a good number of them keep that code away from customers. A Flux survey of engineering leaders and practitioners found that nearly half run AI-generated code in production. Almost every company in […]

AI-generated code risks reach security, legal, and compliance teams Read More »

Microsoft wants to stop unwanted bots from entering Teams meetings

Microsoft wants to stop unwanted bots from entering Teams meetings 2026-07-01 at 07:30 By Anamarija Pogorelec A new Microsoft Teams admin policy, Manage external bots and their access to meetings, gives organizations greater visibility and control over external bots in meetings. The policy identifies bots and applies safeguards before they are admitted. Microsoft will begin

Microsoft wants to stop unwanted bots from entering Teams meetings Read More »

Getting boards to fund ERM means speaking their currency

Getting boards to fund ERM means speaking their currency 2026-07-01 at 07:00 By Help Net Security In this Help Net Security video, Greg Young, VP Cybersecurity and Corporate Development at TrendAI, explains how to build Enterprise Risk Management that a board will pay for. Drawing on nearly four decades in cybersecurity, including time as a

Getting boards to fund ERM means speaking their currency Read More »

Proton’s pitch for Lumo 2.0: Frontier AI without the data grab

Proton’s pitch for Lumo 2.0: Frontier AI without the data grab 2026-07-01 at 01:15 By Anamarija Pogorelec Proton has unveiled Lumo 2.0, a major upgrade to its zero-access encrypted AI assistant. Built on a new architecture, the release brings the assistant closer to frontier AI models with new AI models, multimodal capabilities, Memory, improved web

Proton’s pitch for Lumo 2.0: Frontier AI without the data grab Read More »

Oracle E-Business Suite Payments flaw under attack (CVE-2026-46817)

Oracle E-Business Suite Payments flaw under attack (CVE-2026-46817) 2026-06-30 at 16:58 By Zeljka Zorz Exploitation attempts targeting a critical vulnerability (CVE-2026-46817) in Oracle Payments, the payment-processing module within Oracle’s E-Business Suite (EBS), have been spotted over the weekend, threat intelligence company Defused warned on Monday. The detected exploitation attempts (Source: Defused) “On 27 June 2026

Oracle E-Business Suite Payments flaw under attack (CVE-2026-46817) Read More »

SimpleHelp vulnerability exploited to deliver mighty Djinn Stealer (CVE-2026-48558)

SimpleHelp vulnerability exploited to deliver mighty Djinn Stealer (CVE-2026-48558) 2026-06-30 at 13:25 By Zeljka Zorz Attackers are exploiting CVE-2026-48558, a recently patched authentication bypass vulnerability in SimpleHelp RMM, to drop the novel Djinn Stealer malware on victim computers. The malware is capable of targeting Windows, macOS, and Linux systems, and “collects credentials associated with cloud

SimpleHelp vulnerability exploited to deliver mighty Djinn Stealer (CVE-2026-48558) Read More »

Kali Linux 2026.2 trims VM boot times, refreshes its desktops

Kali Linux 2026.2 trims VM boot times, refreshes its desktops 2026-06-30 at 11:16 By Sinisa Markovic Penetration testers who run Kali Linux inside virtual machines boot their systems faster after the 2026.2 release. The change comes from a decision about graphics firmware, the code that drives NVIDIA, AMD, and Intel GPUs. That firmware has grown

Kali Linux 2026.2 trims VM boot times, refreshes its desktops Read More »

OpenClaw for iOS: The viral open-source AI agent comes to iPhone and iPad

OpenClaw for iOS: The viral open-source AI agent comes to iPhone and iPad 2026-06-30 at 10:45 By Anamarija Pogorelec OpenClaw, a self-hosted personal AI assistant that connects to existing chat apps, is now available on iPhone, iPad and Apple Watch. The release brings chat, real-time voice conversations, approvals, device capabilities, and private automations to iOS.

OpenClaw for iOS: The viral open-source AI agent comes to iPhone and iPad Read More »

AirDrop and Quick Share vulnerabilities affect protocols on five billion devices as fixes begin

AirDrop and Quick Share vulnerabilities affect protocols on five billion devices as fixes begin 2026-06-30 at 09:15 By Mirko Zorz Phones and laptops ship with a feature that sends files to nearby devices over the air, with no cables, accounts, or prior pairing. Apple calls its version AirDrop. Google and Samsung call theirs Quick Share.

AirDrop and Quick Share vulnerabilities affect protocols on five billion devices as fixes begin Read More »

Product showcase: Scam calls, phishing, and data breaches? Meet AVG Mobile Security

Product showcase: Scam calls, phishing, and data breaches? Meet AVG Mobile Security 2026-06-30 at 08:45 By Anamarija Pogorelec AVG Mobile Security for iOS helps protect users against online threats with features including Web Guard, VPN, Scam Guardian Pro, Hack Alerts, and Photo Vault. It also identifies suspicious calls and scam text messages and helps keep

Product showcase: Scam calls, phishing, and data breaches? Meet AVG Mobile Security Read More »

Vulnerability reports are arriving faster than GitHub can review them

Vulnerability reports are arriving faster than GitHub can review them 2026-06-30 at 08:25 By Anamarija Pogorelec Across the open source world, people are reporting software flaws in record numbers, and the systems built to verify those reports are straining under the weight. The GitHub Advisory Database, which feeds automated security alerts to millions of projects,

Vulnerability reports are arriving faster than GitHub can review them Read More »

Hottest cybersecurity open-source tools of the month: June 2026

Hottest cybersecurity open-source tools of the month: June 2026 2026-06-30 at 08:00 By Anamarija Pogorelec Presented here is a curated selection of noteworthy open-source cybersecurity solutions that have drawn recognition for their ability to enhance security postures across diverse settings. OWASP Agent Memory Guard: Stop AI agents from being weaponized through their own memory AI

Hottest cybersecurity open-source tools of the month: June 2026 Read More »

JSP webshells being dropped on unpatched PTC Windchill instances

JSP webshells being dropped on unpatched PTC Windchill instances 2026-06-29 at 19:18 By Zeljka Zorz The US Cybersecurity and Infrastructure Security Agency (CISA) added a vulnerability (CVE-2026-12569) in Windchill and FlexPLM, two product lifecycle management software platforms developed by PTC, to its Known Exploited Vulnerabilities (KEV) catalog. Entries in the KEV catalog don’t contain links

JSP webshells being dropped on unpatched PTC Windchill instances Read More »

Mozilla warns of indirect prompt injection risk in AI coding agents

Mozilla warns of indirect prompt injection risk in AI coding agents 2026-06-29 at 13:48 By Zeljka Zorz A malicious GitHub repository can silently compromise a developer’s machine without containing a single line of malicious code, security researchers at Mozilla’s Zero Day Investigative Network (0DIN) warned. The attack The proof-of-concept attack targets AI-powered coding agents such

Mozilla warns of indirect prompt injection risk in AI coding agents Read More »

DarkMoon: Open-source AI pentesting platform

DarkMoon: Open-source AI pentesting platform 2026-06-29 at 08:30 By Mirko Zorz Penetration testing has long run on expert time, with specialists spending days probing a network or web application by hand. Manual engagements stretch across weeks, expert consultants run into thousands of dollars a day, and results vary with the tester. Automation promises to narrow

DarkMoon: Open-source AI pentesting platform Read More »

Sycophantic chatbots and the harms that build over many chats

Sycophantic chatbots and the harms that build over many chats 2026-06-29 at 08:00 By Sinisa Markovic People use AI chatbots for company, advice, and emotional support, and these systems answer in ways meant to hold their attention. Researchers describe the resulting risks as affective safety, a class of harm that exists because humans are emotional

Sycophantic chatbots and the harms that build over many chats Read More »

Companies keep bolting AI onto their products, and the security bill is coming due

Companies keep bolting AI onto their products, and the security bill is coming due 2026-06-29 at 07:30 By Mirko Zorz Companies keep bolting AI and LLM features onto their products, and the security results are starting to show a pattern. The vulnerabilities those features create get rated high risk far more often than anything else,

Companies keep bolting AI onto their products, and the security bill is coming due Read More »

Most teams accept higher risk for faster AI database work

Most teams accept higher risk for faster AI database work 2026-06-29 at 07:00 By Anamarija Pogorelec Database professionals are using AI for everyday work like writing queries, building schemas, and reviewing code, and a growing share rely on autonomous tools that act on the database itself. The use of AI in database management has almost

Most teams accept higher risk for faster AI database work Read More »

Week in review: Fortibleed campaign’s impact on orgs, Cisco Unified CM flaw exploited

Week in review: Fortibleed campaign’s impact on orgs, Cisco Unified CM flaw exploited 2026-06-28 at 11:00 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Encrypted DNS still tells an eavesdropper where to look Encrypted DNS runs across much of the Internet. DNS over TLS,

Week in review: Fortibleed campaign’s impact on orgs, Cisco Unified CM flaw exploited Read More »

Scroll to Top