Romania’s National Agency for Cadastre and Land Registration (ANCPI) suffered a major disruption on Tuesday, July 14, when its e-Terra cadastre and land registry app became unavailable to users. What was first declared to be a “major technical incident” has…
Category: Help Net Security
Lineation.ai focuses on runtime security for autonomous AI agents
Lineation.ai has announced the public launch of its comprehensive agentic security platform. Delivering a solution at the intersection of GenAI Application Security and Runtime Defense, Lineation introduces a Zero Trust unified control plane and a lightweight endpoint daemon that secures…
Tenable One unifies code risks with enterprise exposure data
Tenable has announced the expansion of the Tenable One Exposure Management Platform, unifying application security risks with all other exposure data. By integrating static code vulnerability data, Tenable One delivers complete, code-to-runtime visibility across the entire attack surface. Security teams…
Police take down investment fraud network that stole €100 million a month
Dutch police, working alongside Belgian authorities and Europol, have dismantled a major criminal network accused of operating a global investment fraud scheme through dozens of fraudulent call centers. Investigators estimate the organization generated more than €100 million a month by…
Microsoft makes Windows SSO prompts easier to manage
Microsoft is introducing a new registry-based policy that lets IT administrators automatically accept Windows SSO permissions on Windows 11 versions 24H2 and 25H2 devices managed with Microsoft Entra ID. Users with personal Microsoft accounts and devices outside policy-managed environments will…
VS Code agent host runs Copilot, Claude, and Codex in a dedicated process
Developers who lean on AI coding agents often keep several editor windows open at once, each tied to its own session. The 1.129 release of Visual Studio Code reworks that setup with a dedicated agent host. A dedicated process for…
Reading between the lines of a cyber insurance policy
Enterprises in regulated industries often carry cyber insurance policies because contracts require it or boards ask for documented risk transfer. The global market for these policies reached about $16 billion in premiums in 2024. Coverage has become widespread. Payouts have…
What public money does to open-source projects
Most of the software running inside a typical company was written by volunteers the company never paid. Open-source code sits under web apps, build pipelines, and the machine learning stacks getting so much attention right now. Roughly 96 percent of…
Ransom demands are down, email is the top way attackers get in
An employee opens an email that looks like any other, clicks a link, and gives up a password without noticing. A stolen login opens a door deeper in the network. Files stop opening a few days later. That chain now…
Companies keep getting breached by vulnerabilities they already knew about
Scanning tools have gotten good at their work. Organizations now find more weaknesses across more of their systems than at any earlier point in the industry’s history. A survey from the security firm Vicarius points to a gap that opens…
Finance phishing works because it sounds boringly normal
Finance departments process a constant stream of invoices, contracts, payment notices, and procurement emails, making email one of the most common initial access vectors for threat actors. According to Cofense, attackers exploit those workflows with phishing emails that resemble legitimate…
GPT-Red beat human red teamers on a prompt injection test
GPT-Red is an automated red-teaming model that OpenAI trains to find prompt injection weaknesses. It works the way a human red-teamer does. It sends a prompt, watches how a GPT model responds, and iterates toward a goal such as a…
LabubaRAT malware infiltrates Windows systems while posing as NVIDIA software
LabubaRAT, a previously undocumented Rust-based remote access tool (RAT) masquerading as NVIDIA software that enables post-compromise operations on Windows systems, has been uncovered by Blackpoint Cyber. According to researchers, LabubaRAT creates “a reusable foothold for hands-on activity.” Once deployed, it…
F5 Insight for ADSP enhances BIG-IP operations with guided updates and AI audit trails
F5 has announced new fleet management capabilities for F5 Insight for ADSP that help enterprises reduce risk exposure across F5 BIG-IP environments as frontier AI compresses vulnerability response timelines. The new F5 Insight workflows give security and operations teams fleet-wide…
Xint Pulse offers on-demand black-box penetration testing for web applications
Xint.io has launched Xint Pulse, a black-box autonomous penetration testing tool that provides product security teams with on-demand security assessments of their applications. Unlike the company’s enterprise platform, which is designed for continuous testing, Xint Pulse is intended for timely,…
Socure rolls out Remote Verifier for higher-risk identity checks
Socure has launched Remote Verifier in RiskOS, a new identity verification tool that helps organizations verify identities requiring additional review while reducing manual effort. Socure’s AI-powered document verification solution instantly verifies more than 99% of identities on the first try,…
Threat actor impersonated hundreds of brands on GitHub to push infostealer malware
A financially motivated threat actor is impersonating hundreds of brands on GitHub and pushing a smash-and-grab infostealer masquerading as legitimate downloads of popular software, Arctic Wolf threat researchers have warned. “The 292 impersonated repositories span security tooling, fintech and personal…
LatticeFlow AI connects governance frameworks with continuous AI risk monitoring
LatticeFlow AI has announced a platform for managing AI risk across agentic systems. Organizations are deploying autonomous AI in critical business processes, while governance approaches based on documentation and point-in-time assessments struggle to keep up with evolving risks. The LatticeFlow…
Radware adds cloud intelligence to DefensePro X for web DDoS defense
Radware has announced a new cloud-augmented protection architecture for DefensePro X, extending the platform with new AI-powered cloud algorithms while keeping traffic inspection and mitigation locally within customer premises. The first such service released is Cloud Web DDoS Protection for…
Binary Defense’s NightBeacon CMD helps enterprise SOC teams automate threat investigations
Binary Defense has announced NightBeacon CMD, a standalone AI-driven SOC workbench that enterprise security teams can deploy in their own environments. Built and hardened inside Binary Defense’s live 24/7 Security Operations Center (SOC), NightBeacon CMD gives customers the same operating…