German discount supermarket chain Lidl has notified customers in Germany, Belgium, and the Netherlands that customer data was stolen after attackers breached one of its IT service providers. In notices published on its support websites in Belgium and the Netherlands,…
Category: Help Net Security
EU and UK blacklist Russia’s cyber operators over efforts to destabilize Europe
The EU and the UK jointly sanctioned dozens of Russian individuals and entities, accusing Moscow of coordinating a malicious cyber ecosystem targeting Europe, its member states, and international partners. The UK sanctioned 24 individuals and entities, while the EU imposed…
Tidal Cyber connects assets, vulnerabilities, and threats through Threat-Led Defense
Tidal Cyber has announced Threat-Led Asset Visibility and Vulnerability Prioritization, new innovations extending the company’s Threat-Led Defense platform. The announcement marks a significant advancement in defensive security, shifting the industry beyond static asset inventories, CVSS scoring, and disconnected exposure management…
Lumen expands managed detection and response with Cortex XSIAM integration
Lumen Technologies has announced Lumen Defender Advanced Managed Detection and Response (AMDR) for Palo Alto Networks Cortex XSIAM. Attackers are increasingly operating earlier in the lifecycle while AI is accelerating threat speed. This expanded service will bring together Lumen’s managed…
Cloudflare Precursor uses continuous behavioral analysis to stop advanced bots
Cloudflare has announced the general availability of Precursor, a next-generation, continuous behavioral validation engine for bot management. Precursor runs seamlessly inside web browsers to monitor entire user sessions in order to detect bot automation. Unlike static CAPTCHAs, it analyzes ongoing…
Fake OAuth client IDs are helping attackers slip past sign-in logs
Attackers running account enumeration against Microsoft cloud tenants have added a step that keeps their probing out of the usual telemetry. They spoof the OAuth client ID, the globally unique identifier assigned to an application and passed as client_id in…
Ransomware negotiator who betrayed clients sentenced to 70 months in prison
A former ransomware negotiator at incident response firm DigitalMint has been sentenced to 70 months in prison after admitting he shared confidential client information with the BlackCat ransomware group and later helped carry out ransomware attacks. Prosecutors say Angelo Martino,…
Security threat prompts Progress to disable ShareFile accounts, tell customers to shut down servers
A “credible external security threat” targeting Progress Software’s ShareFile Storage Zone Controllers (SZC) – the on-premises, customer-managed server components where organizations store files shared via this popular enterprise platform – has spurred the company to disable access to ShareFile accounts…
Claude Code users keep 50% higher limits until July 19
Anthropic has extended a limited-time promotion that increases weekly usage limits in Claude Code by 50% through July 19, 2026, at 11:59 PM PT. When the promotion ends, weekly usage limits will return to their standard levels without any changes…
FastNetMon eliminates third-party bgp lookups with Netomics
FastNetMon is introducing Netomics, a self-hosted BGP routing intelligence platform that combines live routing data, registry information, RPKI validation, routing history and AI-assisted querying into a single application. Built for internet service providers (ISPs), cloud providers, Internet Exchange Points (IXPs)…
Why SBOMs, signing, and provenance still don’t tell you if software is safe
We have made real progress in software supply chain security, improving visibility into software components, authenticity and build integrity. Much of this progress traces back to Executive Order 14028, which pushed agencies, contractors and enterprises to invest in SBOMs, signing…
Cynative: Open-source deep research agent
Running a large language model against a live cloud account to hunt for security holes comes with an obvious hazard. An agent that holds real credentials and a mandate to poke around can delete a bucket, flip a permission, or…
Microsoft demystifies how Windows updates work
Microsoft has published a guide explaining the Windows servicing model, outlining the purpose of monthly security updates, optional preview releases, hotpatch updates, and the mechanisms used to deliver new features throughout the year. “Most individuals and organizations regularly deploy monthly…
A hardware security AI assistant that checks chips for hidden backdoors
Chip designers license blocks of circuitry from outside vendors and drop them into larger products. A single processor can carry components from a range of suppliers, each written by a company the buyer may never deal with directly. A malicious…
99.9% of fixable AI vulnerabilities remain unpatched
Organizations build, deploy, and operate AI in the cloud, but basic cybersecurity hygiene is often sacrificed for speed, according to Orca Security’s 2026 State of AI Security Report. Building AI without security Fifty-six percent of AI adopters have deployed agent…
Enterprises are rethinking where their AI applications run
Growing demand for compute capacity, power, cooling and low-latency connectivity is prompting organizations to reassess where AI applications run, according to CoreSite. Public cloud continues to support experimentation and rapid deployment, while colocation is increasingly used for workloads that require…
Debian 13.6 security update patches over a hundred advisories in trixie
Most PCs still run with a UEFI Secure Boot certificate authority, installed by default since 2013, that has now expired. That certificate signed the bootloaders letting machines start with Secure Boot turned on. Its expiry sits at the center of…
Week in review: Accenture data breach, great open-source cybersecurity tools
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Securing the inbox: Where identity, brand and security meet Getting a verified logo to appear next to your email has traditionally meant having to work…
Incode brings on-device processing to age estimation for privacy-focused verification
Incode has launched On-Device Age Estimation, an age verification capability that performs age estimation and liveness detection directly on the user’s device, without transmitting facial data off the device. The company’s age estimation models are now available to run entirely…
July 2026 Patch Tuesday forecast: Is CVE tracking still practical?
I was off by a month in my forecast of record-setting CVE releases from Microsoft. In June, we saw the deluge of over 200 reported CVEs that I expected in May. There were 116 CVEs for Windows 11 and 104…