News

Where security, DevOps, and data science finally meet on AI strategy

Artificial Intelligence, Densify, DevOps, Don't miss, Features, hardware, Kubernetes, News, opinion, strategy, tips /

Where security, DevOps, and data science finally meet on AI strategy 2025-08-28 at 08:34 By Mirko Zorz AI infrastructure is expensive, complex, and often caught between competing priorities. On one side, security teams want strong isolation and boundaries. On the other, engineers push for performance, density, and cost savings. With GPUs in short supply and […]

Where security, DevOps, and data science finally meet on AI strategy Read More »

Maritime cybersecurity is the iceberg no one sees coming

critical infrastructure, Curity, cybersecurity, maritime industry, NATO, News, threats /

Maritime cybersecurity is the iceberg no one sees coming 2025-08-28 at 08:01 By Sinisa Markovic Maritime transport, the backbone of global trade, is adapting to shifting economic, political, and technological conditions. Advances in technology have improved efficiency, bringing innovations such as remote cargo monitoring, advanced energy management systems, and automation of various onboard operations. But

Maritime cybersecurity is the iceberg no one sees coming Read More »

Can AI make threat intelligence easier? One platform thinks so

analytics, automation, CISO, cybersecurity, data collection, Don't miss, GreyNoise, News, Threat Intelligence /

Can AI make threat intelligence easier? One platform thinks so 2025-08-28 at 07:38 By Mirko Zorz When analysts at RH-ISAC found themselves spending 10 hours a week just collecting threat intelligence, they knew their process wasn’t sustainable. They were manually tracking blogs, RSS feeds, and social media channels, but it took too long to separate

Can AI make threat intelligence easier? One platform thinks so Read More »

How CISOs are balancing risk, pressure and board expectations

Artificial Intelligence, CISO, cyber risk, cybersecurity, generative AI, Insider Threat, News, Proofpoint, report /

How CISOs are balancing risk, pressure and board expectations 2025-08-28 at 07:05 By Sinisa Markovic AI has moved to the top of the CISO agenda. Three in five CISOs see generative AI as a security risk, with many worried about sensitive data leaking through public tools. At the same time, most organizations are not blocking

How CISOs are balancing risk, pressure and board expectations Read More »

Hundreds of Salesforce customer orgs hit in clever attack with potentially huge blast radius

AppOmni, cloud security, credentials, data theft, Don't miss, Google, Hot stuff, News, OAuth, Salesforce, third party compromise /

Hundreds of Salesforce customer orgs hit in clever attack with potentially huge blast radius 2025-08-27 at 17:47 By Zeljka Zorz A threat group Google tracks as UNC6395 has pilfered troves of data from Salesforce corporate instances, in search of credentials that can be used to compromise those organizations’ environments. “[Google Threat Intelligence Group] observed UNC6395

Hundreds of Salesforce customer orgs hit in clever attack with potentially huge blast radius Read More »

AI is becoming a core tool in cybercrime, Anthropic warns

Anthropic, Artificial Intelligence, cybercrime, cybersecurity, News, report, Threat Intelligence /

AI is becoming a core tool in cybercrime, Anthropic warns 2025-08-27 at 17:32 By Anamarija Pogorelec A new report from Anthropic shows how criminals are using AI to actively run parts of their operations. The findings suggest that AI is now embedded across the full attack cycle, from reconnaissance and malware development to fraud and

AI is becoming a core tool in cybercrime, Anthropic warns Read More »

300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158

Don't miss, Hot stuff, News, Plex Media Server, security update, streaming device, vulnerability /

300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158 2025-08-27 at 14:29 By Zeljka Zorz Over 300,000 internet-facing Plex Media Server instances are still vulnerable to attack via CVE-2025-34158, a critical vulnerability for which Plex has issued a fix for earlier this month, Censys has warned. About CVE-2025-34158 Plex Media Server (PMS) is

300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158 Read More »

AI Security Map: Linking AI vulnerabilities to real-world impact

AppOmni, Artificial Intelligence, CISO, cybersecurity, Don't miss, Features, Hot stuff, LLMs, News, research, Vectra AI /

AI Security Map: Linking AI vulnerabilities to real-world impact 2025-08-27 at 09:40 By Mirko Zorz A single prompt injection in a customer-facing chatbot can leak sensitive data, damage trust, and draw regulatory scrutiny in hours. The technical breach is only the first step. The real risk comes from how quickly one weakness in an AI

AI Security Map: Linking AI vulnerabilities to real-world impact Read More »

How compliance teams can turn AI risk into opportunity

Artificial Intelligence, CISO, Compliance, cybersecurity, Don't miss, Drata, Features, Hot stuff, News, opinion, regulation, strategy /

How compliance teams can turn AI risk into opportunity 2025-08-27 at 08:52 By Mirko Zorz AI is moving faster than regulation, and that creates opportunities and risks for compliance teams. While governments work on new rules, businesses cannot sit back and wait. In this Help Net Security video, Matt Hillary, CISO at Drata, look at

How compliance teams can turn AI risk into opportunity Read More »

Hottest cybersecurity open-source tools of the month: August 2025

cybersecurity, Don't miss, GitHub, News, open source, software /

Hottest cybersecurity open-source tools of the month: August 2025 2025-08-27 at 08:02 By Sinisa Markovic This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Buttercup: Open-source AI-driven system detects and patches vulnerabilities Buttercup is a free, automated, AI-powered platform that finds and fixes vulnerabilities in open-source

Hottest cybersecurity open-source tools of the month: August 2025 Read More »

What CISOs can learn from Doppel’s new AI-driven social engineering simulation

Artificial Intelligence, automation, CISO, cybersecurity, Don't miss, Doppel, legacy technology, News, phishing, social engineering /

What CISOs can learn from Doppel’s new AI-driven social engineering simulation 2025-08-27 at 07:51 By Sinisa Markovic Doppel has introduced a new product called Doppel Simulation, which expands its platform for defending against social engineering. The tool uses autonomous AI agents to create multi-channel simulations that mirror how attackers operate across email, SMS, messaging apps,

What CISOs can learn from Doppel’s new AI-driven social engineering simulation Read More »

Social media apps that aggressively harvest user data

data security, Don't miss, Incogni, News, Privacy, report, survey /

Social media apps that aggressively harvest user data 2025-08-27 at 07:10 By Sinisa Markovic Both domestic and foreign technology companies collect vast amounts of Americans’ personal data through mobile applications, according to Incogni. Some apps leverage data for marketing and advertising purposes, feeding algorithms to calculate optimal prices based on consumer behavior, often leading to

Social media apps that aggressively harvest user data Read More »

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775)

0-day, backdoor, Citrix, Don't miss, Hot stuff, NetScaler, News, web shell /

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) 2025-08-26 at 16:35 By Zeljka Zorz Three new vulnerabilities affecting (Citrix) NetScaler application delivery controller (ADC) and Gateway devices have been made public, one of which (CVE-2025-7775) has been targeted in zero-day attacks. “Exploits of CVE-2025-7775 on unmitigated appliances have been observed,” Citrix has confirmed, and released security

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) Read More »

Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384)

CISA, Don't miss, Git, Hot stuff, News, PoC, software development, vulnerability /

Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384) 2025-08-26 at 13:47 By Zeljka Zorz CVE-2025-48384, a recently patched vulnerability in the popular distributed revision control system Git, is being exploited by attackers. Details about the attacks are not public, but the confirmation of exploitation comes from the US Cybersecurity and Infrastructure Security

Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384) Read More »

Protecting farms from hackers: A Q&A with John Deere’s Deputy CISO

CISO, critical infrastructure, cyber risk, cybersecurity, Don't miss, embedded systems, Features, Hot stuff, News, opinion, Risk Management, strategy /

Protecting farms from hackers: A Q&A with John Deere’s Deputy CISO 2025-08-26 at 09:24 By Mirko Zorz Agriculture is a connected, software-driven industry where cybersecurity is just as essential as tractors and harvesters. From embedded hardware in smart fleets to defending against advanced persistent threats, protecting the agricultural supply chain requires a layered, collaborative approach.

Protecting farms from hackers: A Q&A with John Deere’s Deputy CISO Read More »

The energy sector has no time to wait for the next cyberattack

critical infrastructure, cybersecurity, Delinea, ENCS, energy sector, FBI, News, SecurityScorecard, SixMap, strategy, threat, Trustwave /

The energy sector has no time to wait for the next cyberattack 2025-08-26 at 08:57 By Sinisa Markovic The energy sector remains a major target for cybercriminals. Beyond disrupting daily routines, a power outage can undermine economic stability and public safety. Rising demand for electricity, fueled by technology and digital growth, only adds to the

The energy sector has no time to wait for the next cyberattack Read More »

LLMs at the edge: Rethinking how IoT devices talk and act

Artificial Intelligence, Don't miss, Features, Hot stuff, IEEE, Internet of Things, LLMs, networking, News, research, smart home, Sumo Logic /

LLMs at the edge: Rethinking how IoT devices talk and act 2025-08-26 at 08:01 By Mirko Zorz Anyone who has set up a smart home knows the routine: one app to dim the lights, another to adjust the thermostat, and a voice assistant that only understands exact phrasing. These systems call themselves smart, but in

LLMs at the edge: Rethinking how IoT devices talk and act Read More »

How to build a secure AI culture without shutting people down

Artificial Intelligence, cybersecurity, Don't miss, News, security awareness, security culture, Security Journey, strategy, tips, Video /

How to build a secure AI culture without shutting people down 2025-08-26 at 07:32 By Help Net Security In this Help Net Security video, Michael Burch, Director of Application Security at Security Journey, explains how organizations can build a secure AI culture. He highlights the risks of banning AI outright, the dangers of shadow AI,

How to build a secure AI culture without shutting people down Read More »

Cybersecurity jobs available right now: August 26, 2025

cybersecurity jobs, News /

Cybersecurity jobs available right now: August 26, 2025 2025-08-26 at 07:18 By Sinisa Markovic Sr. Cybersecurity Analyst Aecon Group Inc. | USA | On-site – View job details As a Sr. Cybersecurity Analyst, you will lead cybersecurity and compliance efforts within construction operations, particularly those involving federal contracts and infrastructure projects. Senior Manager, Technology Operations

Cybersecurity jobs available right now: August 26, 2025 Read More »

ScreenConnect admins targeted with spoofed login alerts

Don't miss, Hot stuff, MFA, Mimecast, MITM, MSP, News, Sophos, spear-phishing /

ScreenConnect admins targeted with spoofed login alerts 2025-08-25 at 17:56 By Zeljka Zorz ScreenConnect cloud administrators across all region and industries are being targeted with fake email alerts warning about a potentially suspicious login event. The goal of the attackers is to grab the login credentials and MFA tokens of Super Admins: users who have

ScreenConnect admins targeted with spoofed login alerts Read More »

Scroll to Top