The US Cybersecurity and Infrastructure Security Agency (CISA) is warning about yet another Langflow vulnerability (CVE-2026-55255) leveraged by attackers in the wild. The flaw was added to the agency’s Known Exploited Vulnerabilities catalog on Tuesday, July 7, nearly two weeks…
Category: Help Net Security
Blackpoint AI SOC Agent autonomously contains identity-based attacks
Blackpoint Cyber has unveiled the generally available autonomous response capability, Blackpoint AI SOC Agent for identity threat detection and response (ITDR). Using an AI + human hybrid model, the AI SOC Agent acts on high-confidence threats targeting Microsoft 365 and…
Censys Internet Map links real-time DNS data to internet infrastructure
Censys has announced the expansion of the Censys Internet Map to include real-time DNS visibility. Security teams can now seamlessly pivot between domains, names, and the Internet infrastructure behind them on the Censys Platform. With active DNS data now part…
FalconStor Cloud Clean Room enables validated recovery without dedicated infrastructure
FalconStor has announced FalconStor Cloud Clean Room, an on-demand infrastructure platform designed to let organizations perform validated recovery testing in a persistent secure enclave. Each test starts from a known state, reducing the risk of carrying issues over from previous…
First Recon AI Security Runtime helps enterprises govern AI with audit-ready evidence
First Recon AI has announced the public launch and general availability of First Recon’s AI Security Runtime, a security platform that both governs and secures how enterprises use artificial intelligence across an organization. First Recon’s runtime inspects every AI interaction…
DNSFilter makes its DNS threat protection available to OEM partners
DNSFilter has launched an Original Equipment Manufacturing (OEM) program that lets external ISPs, cybersecurity firms, device makers, and other consumer app developers to embed their DNS threat protection, domain analysis, and privacy solutions into their own platforms and solutions. Partners…
Attestiv DeepScan combines AI and forensic analysis for file validation
Attestiv announced the launch of DeepScan, a new platform built to help organizations automatically validate submitted files before they drive critical business decisions. DeepScan represents a major architectural shift for Attestiv and its customers: moving from detecting fake or manipulated…
Accenture acknowledges security incident following 35GB data theft claim
Accenture appears to have suffered a data breach, the extent of which is currently unknown. On Monday, a threat actor going by the handle “888” posted on the cybercrime forum PwnForums, claiming to have breached the technology consulting company and…
Crusoe brings serverless fine-tuning to AI model development
Crusoe has announced Serverless Fine-Tuning and Self-Serve Deployments in Crusoe Intelligence Foundry, the managed AI platform for Crusoe Cloud. These capabilities give data scientists and ML engineers a complete path from proprietary data to production-ready models, on purpose-built AI infrastructure,…
Automox MCP Server adds visual reviews and AI-driven patch policy creation
Automox has released Automox MCP Server 2.2, adding interactive review surfaces, first-class Patch by Severity policy creation, and live capability discovery to its governed agentic interface for endpoint operations. The release advances Automox MCP beyond natural-language access alone, giving IT…
Codenotary launches AI security platform that learns from AI agent behavior
Codenotary has announced AgentMon 3, the latest generation of its enterprise AI security platform, introducing adaptive runtime security policies. These continuously evolve as AI agents operate across an organization by learning from customer-specific workflows, observed behavioral patterns, and newly emerging…
ScienceLogic adds geographic service visibility to Skylar One
ScienceLogic has released the “Kyoto” update for Skylar One, the core observability offering in its AI Platform. The release adds geographic service visibility, simplified location and device management, enhanced relationship mapping, and platform updates aimed at improving observability across hybrid…
Thousands of malicious AI skills found capable of stealing data, running malware
AI agents can browse the web, use external tools, execute commands, and perform tasks on behalf of users. Many rely on skills that define how they interact with services and data. Malicious skills can abuse those capabilities to steal data,…
Claude Cowork turns your phone into a remote control for AI work
Anthropic started rolling out Claude Cowork, an AI agent that completes multi-step tasks, in beta for Max users on mobile and the web. They describe a goal, and Claude plans the work, uses the required tools, and produces outputs such…
Orbia CISO Miranda Ritchie on building security into sustainable infrastructure
In this interview with Help Net Security, Miranda Ritchie, industrial cybersecurity, CISO at Orbia, talks about protecting industrial systems where software runs water, chemical and manufacturing processes. She explains why a cyber incident in these settings can harm people, equipment…
20 open-source cybersecurity tools to keep your team ready for anything
AI is changing how security teams find vulnerabilities, analyze code, test applications, and protect infrastructure. Developers are building tools to secure AI systems themselves, from coding agents and memory protection to model exposure discovery. This roundup covers recent open-source releases…
macOS is becoming a proving ground for AI agents
Somewhere right now, a Mac Mini is sitting on a shelf doing someone’s chores. Nobody’s watching it. It reads a version number out of Terminal, hops over to Safari, digs up a release year, then quietly files a reminder, the…
How to implement a continuous offensive security testing program
The hard part was never finding the exposure. It was deciding what to do about it: whether to patch, mitigate, monitor, or accept, and banking that that decision would still hold tomorrow. A penetration test answers this question for the…
OpenAI and Anthropic are pulling in different directions
Companies are handing routine operational decisions to AI agents that plan, remember, and act on their behalf. These agents run on statistical models, and their behavior can drift across weeks and months. That drift opens a security gap outside the…
Picus Autonomous Exposure Validation Platform validates real-world CVE exploitability
Picus Security has launched the Picus Autonomous Exposure Validation Platform, built for a world where frontier AI has collapsed the time between disclosure and attack. Adversaries now weaponize new CVEs in hours, against a backdrop of around 132 published every…