Adaptiva has announced AirGap for OneSite Patch, a new capability that extends autonomous patch management to air-gapped environments. Developed in response to growing demand from government agencies, critical infrastructure operators, and large enterprises managing highly secure environments, AirGap for OneSite…
Category: Help Net Security
Scattered Spider members jailed over Transport for London hack that cost £29 million
Two members of the notorious “Scattered Spider” hacking collective have been sentenced to five years and six months in prison each for a cyberattack on Transport for London (TfL) that disrupted services for thousands of commuters and cost the transport…
CISA folds its own hard-won lessons into coordinated vulnerability disclosure guidance
On Wednesday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and four allied cyber authorities published a guide telling software vendors how to build a coordinated vulnerability disclosure (CVD) program. Six days earlier, CISA published a blog post explaining how…
Russian cybercriminal used jailbroken Gemini CLI to rebuild botnet infrastructure in six minutes
A Russian-speaking threat actor known as “bandcampro” used a jailbroken Gemini CLI, Google’s open-source terminal-based AI agent, to deploy and operate a small command-and-control (C2) botnet, according to TrendAI. Operational overview (Source: TrendAI) In more than 200 sessions between March…
Intruder brings AI-powered, on-demand penetration testing to web applications
Intruder has announced the launch of AI Pentesting for web applications, providing on-demand penetration testing. Following its initial release of issue-level investigations last quarter, the platform now allows organizations to securely connect their codebases via GitHub or GitLab to automatically…
ValorC3 extends SaaS protection with immutable cloud backups
ValorC3 Data Centers today announced the general availability of Backup as a Service, a fully managed offering that protects the SaaS data businesses rely on most, including Microsoft 365, Entra ID and Salesforce. Every backup is immutable, so data stays…
Romania’s land registry hit by cyber attack, data allegedly for sale
Romania’s National Agency for Cadastre and Land Registration (ANCPI) suffered a major disruption on Tuesday, July 14, when its e-Terra cadastre and land registry app became unavailable to users. What was first declared to be a “major technical incident” has…
Lineation.ai focuses on runtime security for autonomous AI agents
Lineation.ai has announced the public launch of its comprehensive agentic security platform. Delivering a solution at the intersection of GenAI Application Security and Runtime Defense, Lineation introduces a Zero Trust unified control plane and a lightweight endpoint daemon that secures…
Tenable One unifies code risks with enterprise exposure data
Tenable has announced the expansion of the Tenable One Exposure Management Platform, unifying application security risks with all other exposure data. By integrating static code vulnerability data, Tenable One delivers complete, code-to-runtime visibility across the entire attack surface. Security teams…
Police take down investment fraud network that stole €100 million a month
Dutch police, working alongside Belgian authorities and Europol, have dismantled a major criminal network accused of operating a global investment fraud scheme through dozens of fraudulent call centers. Investigators estimate the organization generated more than €100 million a month by…
Microsoft makes Windows SSO prompts easier to manage
Microsoft is introducing a new registry-based policy that lets IT administrators automatically accept Windows SSO permissions on Windows 11 versions 24H2 and 25H2 devices managed with Microsoft Entra ID. Users with personal Microsoft accounts and devices outside policy-managed environments will…
VS Code agent host runs Copilot, Claude, and Codex in a dedicated process
Developers who lean on AI coding agents often keep several editor windows open at once, each tied to its own session. The 1.129 release of Visual Studio Code reworks that setup with a dedicated agent host. A dedicated process for…
Reading between the lines of a cyber insurance policy
Enterprises in regulated industries often carry cyber insurance policies because contracts require it or boards ask for documented risk transfer. The global market for these policies reached about $16 billion in premiums in 2024. Coverage has become widespread. Payouts have…
What public money does to open-source projects
Most of the software running inside a typical company was written by volunteers the company never paid. Open-source code sits under web apps, build pipelines, and the machine learning stacks getting so much attention right now. Roughly 96 percent of…
Ransom demands are down, email is the top way attackers get in
An employee opens an email that looks like any other, clicks a link, and gives up a password without noticing. A stolen login opens a door deeper in the network. Files stop opening a few days later. That chain now…
Companies keep getting breached by vulnerabilities they already knew about
Scanning tools have gotten good at their work. Organizations now find more weaknesses across more of their systems than at any earlier point in the industry’s history. A survey from the security firm Vicarius points to a gap that opens…
Finance phishing works because it sounds boringly normal
Finance departments process a constant stream of invoices, contracts, payment notices, and procurement emails, making email one of the most common initial access vectors for threat actors. According to Cofense, attackers exploit those workflows with phishing emails that resemble legitimate…
GPT-Red beat human red teamers on a prompt injection test
GPT-Red is an automated red-teaming model that OpenAI trains to find prompt injection weaknesses. It works the way a human red-teamer does. It sends a prompt, watches how a GPT model responds, and iterates toward a goal such as a…
LabubaRAT malware infiltrates Windows systems while posing as NVIDIA software
LabubaRAT, a previously undocumented Rust-based remote access tool (RAT) masquerading as NVIDIA software that enables post-compromise operations on Windows systems, has been uncovered by Blackpoint Cyber. According to researchers, LabubaRAT creates “a reusable foothold for hands-on activity.” Once deployed, it…
F5 Insight for ADSP enhances BIG-IP operations with guided updates and AI audit trails
F5 has announced new fleet management capabilities for F5 Insight for ADSP that help enterprises reduce risk exposure across F5 BIG-IP environments as frontier AI compresses vulnerability response timelines. The new F5 Insight workflows give security and operations teams fleet-wide…