Category: Help Net Security

Attackers are exploiting a recently patched critical vulnerability (CVE-2026-1731) in internet-facing BeyondTrust Remote Support and Privileged Remote Access instances. “Attackers are abusing get_portal_info to extract the x-ns-company value before establishing a WebSocket channel,” Ryan Dewhurst, Head of Threat Intelligence at…

Read more →

Proofpoint has acquired Acuvity, strengthening its platform with AI-native visibility, governance, and runtime protection for AI and agent-driven workflows. As generative AI reshapes how work gets done, organisations are deploying AI copilots, autonomous agents, and model-connected applications across every function,…

Read more →

OpenAI has released a research preview of GPT-5.3-Codex-Spark, an ultra-fast model for real-time coding in Codex. It is available to ChatGPT Pro users in the latest versions of the Codex app, the command-line interface, and the VS Code extension. The…

Read more →

The Dutch National Police arrested a 21-year-old man from Dordrecht as part of a cybercrime investigation by Team Cybercrime Oost-Brabant. The suspect is believed to have distributed a tool known as JokerOTP, a bot used to intercept one-time passwords (OTPs)…

Read more →

Brutus is an open-source, multi-protocol credential testing tool written in pure Go. Designed to replace legacy tools that have long frustrated penetration testers with dependency headaches and integration gaps, Brutus ships as a single binary with zero external dependencies and…

Read more →

Industrial control system networks continue to run on legacy communication protocols that were built for reliability and uptime, not authentication or data integrity. In many environments, malicious actors with access to the OT network can impersonate devices, issue unauthenticated commands,…

Read more →

Security teams running Ubuntu in production often delay major OS upgrades until the next point release arrives with accumulated patches and newer hardware support. Ubuntu 24.04.4 LTS is now available as refreshed installation media for Noble Numbat, bundling the latest…

Read more →

Arctic Wolf has announced new endpoint security capabilities for its Managed Service Provider (MSP) partners. The addition of Aurora Managed Endpoint Defense, powered by the Arctic Wolf Aurora Platform, enables partners to deliver stronger customer protection, streamline service delivery, and…

Read more →

Edge computing is spreading fast, from factory floors to remote infrastructure. But many of these systems are hard to maintain once they are deployed. Devices may run old kernels, custom board support packages, or stacks that no one can rebuild…

Read more →

Threat actors are using AI across the attack lifecycle, increasing speed, scale, and adaptability, according to the 2026 State of Cybersecurity report by Ivanti. The study compares perceived threat levels across common attack types with organizational readiness to respond and…

Read more →

Private equity firms have spent years treating cybersecurity as an IT hygiene issue inside portfolio companies. That approach is getting harder to sustain as ransomware, data theft, and regulatory pressure interfere with value creation during the hold period. Has cybersecurity…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Armis, Black Duck, Portnox, and SpecterOps. Armis Centrix brings unified, AI-driven application security to the SDLC Armis has announced Armis Centrix for Application Security, which…

Read more →

Black Duck has announced the availability of a set of enhanced Black Duck Polaris Platform integrations across all major source code management (SCM) platforms, including GitHub, GitLab, Azure DevOps, and Bitbucket. The Polaris Platform is an integrated, software-as-a-service application security…

Read more →

Among the many security fixes released by Microsoft on February 2026 Patch Tuesday is one for CVE-2026-20841, a command injection vulnerability in Notepad that could be exploited by attackers to achieve remote code execution on targets’ Windows system. About CVE-2026-20841…

Read more →

NowSecure announced the launch of AI-Navigator, new functionality that streamlines and improves mobile application security testing. By automating authentication workflows, NowSecure enables security teams to dynamically test mobile apps for vulnerabilities and privacy leaks up to 90% faster. “Mobile apps…

Read more →

Research has shown that some AI models can identify phishing websites with near-perfect accuracy when asked. When those same models are used as autonomous agents with access to tools like email, web browsers, and password vaults, they can still carry…

Read more →

Apple has released fixes for a zero-day vulnerability (CVE-2026-20700) exploited in targeted attacks last year. CVE-2026-20700 is a memory corruption issue in dyld, the Dynamic Link Editor component of Apple’s operating systems, and may allow attackers with memory write capability…

Read more →

Microsoft has introduced new developer tools, updates to developer analytics, and a Web Installer in the Microsoft Store on Windows to help developers build and scale apps on the platform. “The Microsoft Store on Windows continues to evolve, shaped by…

Read more →

OpenVPN version 2.7.0 is now available. The update advances support for multi-address server configurations and updates client functionality across operating systems. The release includes enhancements in data channel handling and support for evolving kernel and cryptographic components. Server enhancements Version…

Read more →

BlueCat Networks has unveiled BlueCat Horizon, a SaaS-based platform designed to modernize how enterprises and mid-market organizations operate, secure, and evolve their networks through AI-assisted insights and coordinated action across the network. BlueCat Horizon introduces a common set of platform…

Read more →