News

Product showcase: McAfee + ChatGPT integration turns doubt into a scam check

ChatGPT, McAfee, News, OpenAI, Product showcase, scams /

Product showcase: McAfee + ChatGPT integration turns doubt into a scam check 2026-05-18 at 08:02 By Anamarija Pogorelec McAfee + ChatGPT integration brings real-time scam detection in conversations and gives users an easier way to verify suspicious content before clicking or responding. It is available to anyone, without requiring a McAfee or ChatGPT subscription. It […]

Product showcase: McAfee + ChatGPT integration turns doubt into a scam check Read More »

When ransomware hits, confidence doesn’t restore endpoints

Absolute Security, boardroom, CISO, Endpoint Security, News, Ransomware, resilience, UK, USA /

When ransomware hits, confidence doesn’t restore endpoints 2026-05-18 at 07:03 By Anamarija Pogorelec Ransomware, supply chain vulnerabilities, insider threats, compliance failures, and software disruptions remain major concerns for security leaders, according to The Ransomware Reality: Zero Days to Recover report by Absolute Security. How CISOs currently ensure endpoint resilience against ransomware (overall, %) (Source: Absolute

When ransomware hits, confidence doesn’t restore endpoints Read More »

Debian 13.5 point release lands with security fixes, bug patches

Debian, Linux, News, operating system, security update /

Debian 13.5 point release lands with security fixes, bug patches 2026-05-18 at 01:03 By Anamarija Pogorelec Debian 13.5 is the fifth point release for the stable distribution “trixie.” The update folds in roughly 100 Debian Security Advisories and corrections for more than 130 source packages, covering everything from the Linux kernel and Apache HTTP Server

Debian 13.5 point release lands with security fixes, bug patches Read More »

Week in review: Cisco patches SD-WAN 0-day, unpatched Microsoft Exchange Server flaw exploited

News, Week in review /

Week in review: Cisco patches SD-WAN 0-day, unpatched Microsoft Exchange Server flaw exploited 2026-05-17 at 14:40 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Review: Foundations of Cybersecurity, 2nd edition Jason Andress has refreshed his introductory security text for No Starch Press. He writes

Week in review: Cisco patches SD-WAN 0-day, unpatched Microsoft Exchange Server flaw exploited Read More »

Google lets Workspace admins apply one policy across all SAML apps

Google, Google Workspace, News, SSO, update /

Google lets Workspace admins apply one policy across all SAML apps 2026-05-15 at 16:07 By Sinisa Markovic Google has updated Context-Aware Access (CAA) in Google Workspace to introduce a default policy assignment for SAML applications. SAML applications are third-party or internal applications that use the Security Assertion Markup Language (SAML) protocol to enable single sign-on

Google lets Workspace admins apply one policy across all SAML apps Read More »

Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182)

0-day, APT, Cisco, Don't miss, Hot stuff, News, Rapid7, SD-WAN /

Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182) 2026-05-15 at 16:07 By Zeljka Zorz Cisco has patched yet another Catalyst SD-WAN Controller authentication bypass vulnerability (CVE-2026-20182) that has been exploited as a zero-day by “a highly sophisticated cyber threat actor”. About CVE-2026-20182 CVE-2026-20182 – affecting both Cisco Catalyst SD-WAN Controller (the “brain” of the Cisco

Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182) Read More »

Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897)

Don't miss, Hot stuff, Microsoft, Microsoft Exchange, News, vulnerability /

Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897) 2026-05-15 at 14:32 By Zeljka Zorz A critical cross-site scripting (XSS) vulnerability (CVE-2026-42897) in Microsoft Exchange Server is being exploited by attackers, Microsoft warned on Thursday. A permanent fix is still in the works. In the meantime, Microsoft provided temporary mitigations. About CVE-2026-42897 CVE-2026-42897 affects on-premises versions of

Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897) Read More »

Thieves unlock stolen iPhones using cheap tools sold on Telegram

apple, cybercrime, Infoblox, iPhone, News, social engineering, Telegram /

Thieves unlock stolen iPhones using cheap tools sold on Telegram 2026-05-15 at 14:32 By Sinisa Markovic Helping a friend recover a stolen phone, Infoblox researchers uncovered a thriving Telegram-based underground marketplace selling unlocking tools and phishing infrastructure used to monetize stolen iPhones. Activation Lock can remotely disable a stolen iPhone and prevent normal resale, with

Thieves unlock stolen iPhones using cheap tools sold on Telegram Read More »

Rocky Linux launches opt-in security repository for urgent fixes

cybersecurity, Linux, News, operating system /

Rocky Linux launches opt-in security repository for urgent fixes 2026-05-15 at 14:32 By Sinisa Markovic Rocky Linux has introduced a Security Repository that allows the distribution to ship urgent security fixes ahead of upstream Enterprise Linux when public exploit code exists and upstream patches are unavailable. “The repository is disabled by default. That’s intentional. The

Rocky Linux launches opt-in security repository for urgent fixes Read More »

Deepfake detection is losing ground to generative models

cybersecurity, deepfakes, Don't miss, News, research /

Deepfake detection is losing ground to generative models 2026-05-15 at 09:04 By Sinisa Markovic Deepfake detection has been built around a single question for close to a decade. Given a video or audio clip, is it real or synthetic? Commercial detectors analyze pixels, frequencies, and biometric signals to answer that question, and the best of

Deepfake detection is losing ground to generative models Read More »

Zombie linkages are keeping expired domains trusted for years

certificates, DNS, domain information, News, research /

Zombie linkages are keeping expired domains trusted for years 2026-05-15 at 08:24 By Sinisa Markovic Domains expire, get transferred, and return to the market every day. The systems connected to those domains can continue trusting the original owner long after control has changed. Researchers at USC and the University of Twente examined this problem in

Zombie linkages are keeping expired domains trusted for years Read More »

The AI oversight paradox: Is the investment worth the cost of watching it?

AI, investment, News, report, security ROI /

The AI oversight paradox: Is the investment worth the cost of watching it? 2026-05-15 at 07:30 By Anamarija Pogorelec Unlike in 2025, when AI adoption and testing drove business strategies, organizations in 2026 want proven ROI before committing budgets, according to a report by Globalization Partners. How global executives characterize their organization’s approach to AI

The AI oversight paradox: Is the investment worth the cost of watching it? Read More »

New infosec products of the week: May 15, 2026

Alation, Apricorn, News, Versa Networks /

New infosec products of the week: May 15, 2026 2026-05-15 at 07:00 By Anamarija Pogorelec Here’s a look at the most interesting products from the past week Alation, Apricorn, Versa Networks, and TrustCloud. The questionnaire-based TPRM model is broken, and TrustCloud has a fix TrustCloud announced a new version of TrustLens, its third party risk

New infosec products of the week: May 15, 2026 Read More »

Microsoft turns Copilot Studio into an AI agent control center

agentic AI, AI, automation, Microsoft, News /

Microsoft turns Copilot Studio into an AI agent control center 2026-05-14 at 18:25 By Anamarija Pogorelec The Microsoft Copilot Studio April 2026 updates improve visibility and governance for admins and expand workflow capabilities for managing agents. Copilot surfaces agent status in the authoring experience, giving admins insight into each agent’s security and protection posture. Customers

Microsoft turns Copilot Studio into an AI agent control center Read More »

Microsoft’s WinUI agent plugin trims token use by over 70% during development

Claude Code, GitHub, Microsoft, News, programming, software development, Windows /

Microsoft’s WinUI agent plugin trims token use by over 70% during development 2026-05-14 at 18:25 By Sinisa Markovic Microsoft published a plugin on May 13 that lets GitHub Copilot CLI and Claude Code drive the full WinUI 3 development cycle, from project scaffolding through signed MSIX packaging. The WinUI agent plugin ships one agent, eight

Microsoft’s WinUI agent plugin trims token use by over 70% during development Read More »

Fragnesia: New Linux kernel LPE bug was spawned by Dirty Frag patch (CVE-2026-46300)

containers, Don't miss, exploit, Hot stuff, Linux, News, PoC, servers, vulnerability /

Fragnesia: New Linux kernel LPE bug was spawned by Dirty Frag patch (CVE-2026-46300) 2026-05-14 at 17:34 By Zeljka Zorz Researchers have found and disclosed yet another local privilege escalation (LPE) vulnerability in the Linux kernel: CVE-2026-46300, aka “Fragnesia”. The flaw is in the same class of vulnerabilities as the recently disclosed Dirty Frag bug(s). Like

Fragnesia: New Linux kernel LPE bug was spawned by Dirty Frag patch (CVE-2026-46300) Read More »

AI cyber capability is speeding past earlier projections

AI, Anthropic, cybersecurity, enterprise, News, OpenAI /

AI cyber capability is speeding past earlier projections 2026-05-14 at 12:48 By Sinisa Markovic AI cyber capability is improving faster than expected, with newer models surpassing earlier projections, according to the UK government’s AI Security Institute (AISI). AISI measures AI cyber capability using “time horizon benchmarks”, which estimate how long AI systems can complete cybersecurity

AI cyber capability is speeding past earlier projections Read More »

CERN’s open source KiCad library gives the world 17,000 circuit board components

hardware, News, open source /

CERN’s open source KiCad library gives the world 17,000 circuit board components 2026-05-14 at 11:16 By Sinisa Markovic CERN has released its complete KiCad component library under an open source license, making it available to hardware designers anywhere in the world. The library, maintained by CERN’s Design Office, contains more than 17,000 electronic components in

CERN’s open source KiCad library gives the world 17,000 circuit board components Read More »

Vector embedding security gap exposes enterprise AI pipelines

AI, cybersecurity, Data exfiltration, Don't miss, GitHub, Hot stuff, News, research /

Vector embedding security gap exposes enterprise AI pipelines 2026-05-14 at 08:30 By Mirko Zorz Enterprise adoption of retrieval-augmented generation has moved sensitive corporate content into a new storage format that existing security tools cannot inspect. Companies deploying internal AI assistants convert documents into high-dimensional numerical vectors and ship them to embedding services and vector databases

Vector embedding security gap exposes enterprise AI pipelines Read More »

Closing the AI governance gap in your enterprise

AI, CISO, cyber risk, cybersecurity, enterprise, News, strategy, tips, Video /

Closing the AI governance gap in your enterprise 2026-05-14 at 08:00 By Help Net Security In this Help Net Security video, Casey Bleeker, CEO at SurePath AI, talks about the AI governance gap that exists in almost every organization. Drawing from three years of conversations with IT, business, and security leaders, Casey explains why AI

Closing the AI governance gap in your enterprise Read More »

Scroll to Top