LabubaRAT, a previously undocumented Rust-based remote access tool (RAT) masquerading as NVIDIA software that enables post-compromise operations on Windows systems, has been uncovered by Blackpoint Cyber. According to researchers, LabubaRAT creates “a reusable foothold for hands-on activity.” Once deployed, it…
Category: Help Net Security
F5 Insight for ADSP enhances BIG-IP operations with guided updates and AI audit trails
F5 has announced new fleet management capabilities for F5 Insight for ADSP that help enterprises reduce risk exposure across F5 BIG-IP environments as frontier AI compresses vulnerability response timelines. The new F5 Insight workflows give security and operations teams fleet-wide…
Xint Pulse offers on-demand black-box penetration testing for web applications
Xint.io has launched Xint Pulse, a black-box autonomous penetration testing tool that provides product security teams with on-demand security assessments of their applications. Unlike the company’s enterprise platform, which is designed for continuous testing, Xint Pulse is intended for timely,…
Socure rolls out Remote Verifier for higher-risk identity checks
Socure has launched Remote Verifier in RiskOS, a new identity verification tool that helps organizations verify identities requiring additional review while reducing manual effort. Socure’s AI-powered document verification solution instantly verifies more than 99% of identities on the first try,…
Threat actor impersonated hundreds of brands on GitHub to push infostealer malware
A financially motivated threat actor is impersonating hundreds of brands on GitHub and pushing a smash-and-grab infostealer masquerading as legitimate downloads of popular software, Arctic Wolf threat researchers have warned. “The 292 impersonated repositories span security tooling, fintech and personal…
LatticeFlow AI connects governance frameworks with continuous AI risk monitoring
LatticeFlow AI has announced a platform for managing AI risk across agentic systems. Organizations are deploying autonomous AI in critical business processes, while governance approaches based on documentation and point-in-time assessments struggle to keep up with evolving risks. The LatticeFlow…
Radware adds cloud intelligence to DefensePro X for web DDoS defense
Radware has announced a new cloud-augmented protection architecture for DefensePro X, extending the platform with new AI-powered cloud algorithms while keeping traffic inspection and mitigation locally within customer premises. The first such service released is Cloud Web DDoS Protection for…
Binary Defense’s NightBeacon CMD helps enterprise SOC teams automate threat investigations
Binary Defense has announced NightBeacon CMD, a standalone AI-driven SOC workbench that enterprise security teams can deploy in their own environments. Built and hardened inside Binary Defense’s live 24/7 Security Operations Center (SOC), NightBeacon CMD gives customers the same operating…
Nudge Security automates detection of risky OAuth grants and browser extensions
Nudge Security has announced new agentic capabilities to help security and IT teams find and remediate malicious and high-risk OAuth grants and browser extensions, two of the fastest-growing and hardest to manage attack surfaces in the enterprise. The new agents…
Spanish police dismantle €140 million cybercrime network
Spanish National Police have dismantled a cybercrime network accused of stealing and laundering about €140 million through fake investment platforms, CEO fraud, invoice fraud, and man-in-the-middle attacks. Four people were arrested as part of the operation: two in Portugal, one…
Polygraf AI Meeting Guard delivers real-time deepfake detection for enterprise meetings
Polygraf AI has announced Meeting Guard, a real-time AI fraud detection solution for enterprise meetings built to detect fraud and protect meeting security. AI can clone a voice, animate a face, and answer every interview question in real time, making…
ClickFix is changing the economics of social engineering
ClickFix has moved from a one-off social engineering trick into an industrialized attack ecosystem that is outpacing conventional antivirus and endpoint defenses, according to ReversingLabs. The technique first showed up in late 2023 and early 2024, and Proofpoint named it…
AI-driven bug hunting fuels record Microsoft Patch Tuesday
Microsoft has released patches for 570+ vulnerabilities on July 2026 Patch Tuesday, including two that are being leveraged by attackers (CVE-2026-56155 and CVE-2026-56164), and one that was previouly disclosed (CVE-2026-50661). The release was once again followed by Nightmare Eclipse publishing…
FreeRDP 3.29.0 security update resolves 22 advisories
FreeRDP is a free implementation of the Remote Desktop Protocol, released under the Apache license, and it runs on a large share of workstations and servers through the many tools built on it. The 3.29.0 version is a security, bugfix,…
AWS retools Security Hub for AI and multicloud threats
AWS added AI workload protection and Microsoft Azure security monitoring to Security Hub, its centralized security platform for collecting and prioritizing security findings across cloud environments. Support for additional cloud platforms will follow. “Collecting findings was never the hard part.…
Product showcase: Trust Chain TPRM turns vendor compliance evidence into verified assurance
Trust Chain is an AI-native third-party risk management (TPRM) solution by Strike Graph that replaces the security questionnaire model with validated evidence of compliance. Rather than asking vendors to self-report their security posture, Trust Chain requires vendors to submit evidence,…
Fortinet adds AI controls and data loss prevention to FortiEndpoint
Fortinet has announced new capabilities for its unified endpoint platform, FortiEndpoint, designed to help organizations securely adopt AI, protect sensitive data, and reduce risk. By bringing AI visibility and control, native data security, endpoint risk scoring, and FortiAI-assisted operations into…
SingGuard-NSFA: Open-source guardrails for agentic AI
SingGuard-NSFA is an open-source guardrail framework aimed at operational threats in agent workflows. Four models ship at 0.8B, 2B, 4B, and 9B parameters, all built on Qwen3.5 base backbones. Risk taxonomy The NSFA risk taxonomy organizes threats along the CIA…
The MDR renewal question: What changes when AI can handle the alerts
For most of the past decade, the managed detection and response (MDR) decision was a simple one: teams that couldn’t staff a 24/7 SOC outsourced detection and response to a provider who could. It solved a resources problem, and the…
AI used to help plan the break-in, now it’s doing the break-in
Over the past twelve months, researchers documented intrusions in which AI ran exploitation workflows autonomously, generating thousands of commands across dozens of sessions with minimal human direction, according to Check Point’s AI Security Report 2026. AI-powered cyber attacks The attackers…