Category: Help Net Security

Malwarebytes researchers have uncovered a fake (but convincing) Zoom meeting page that downloads surveillance software on Windows computers and tricks users into running it. According to Microsoft MVP Steven Lim, the page has claimed nearly 1,500 victims in 12 days.…

Read more →

Netskope has announced NewEdge AI Fast Path, a set of capabilities designed to optimize network paths to critical AI destinations, including applications hosted in public, private, or neo-cloud environments. The offering reduces latency and costs, improves performance and resilience, and…

Read more →

SentinelOne has unveiled its Singularity Identity portfolio designed to secure the growing population of non-human identities, including AI agents, service accounts, APIs, and workloads. Identity attacks have long been a go-to tactic for nation-state actors and cybercriminals. Most defenses focus…

Read more →

CloudCasa has announced enhancements to its backup and recovery platform designed to support Red Hat OpenShift environments across core, edge, and hybrid cloud deployments. The latest CloudCasa updates introduce SMB protocol support as a backup storage target, enabling organizations to…

Read more →

Veza expanded its platform with Veza Access Agents, a set of purpose-built AI agents designed to automate complex identity and access governance tasks for enterprises. Veza also announced advancements to its AI Agent Security product, providing organizations with deeper visibility…

Read more →

Anthropic has introduced a new Claude Code feature called Remote Control, allowing developers to continue a local coding session from a phone, tablet, or any web browser. The feature is rolling out as a research preview to Max users. This…

Read more →

The UK’s Information Commissioner’s Office (ICO) has fined Reddit $19.5 million after finding that the company failed to use children’s personal information lawfully, exposing them to inappropriate and harmful content. The investigation found that Reddit did not apply an age…

Read more →

SolarWinds has fixed four critical vulnerabilities in its popular Serv-U file transfer solution, which is used by businesses and organizations of all sizes. If exploited, the flaws may allow attackers to create a system admin user and/or execute code as…

Read more →

CISA has added CVE-2026-25108, an OS command injection vulnerability in Soliton Systems’ FileZen secure file transfer solution, to its Known Exploited Vulnerabilities (KEV) catalog. The vendor has confirmed active exploitation, stating it has received multiple reports of damage caused by…

Read more →

Peter Williams, a former executive of Trenchant, L3Harris’ cyber division, has been sentenced to 87 months in prison by a federal judge in Washington, D.C., after pleading guilty to stealing and selling sensitive cyber-exploit trade secrets to a Russian broker.…

Read more →

Apple has introduced expanded age assurance tools to help developers comply with regulations taking effect in Brazil, Australia, Singapore, Utah, and Louisiana. The updates, available in beta, expand the Declared Age Range API and related App Store systems. Age-based download…

Read more →

Venture funding in cybersecurity continued to concentrate in large private rounds at the end of 2025, driving valuations higher across stages. Data from DataTribe shows total capital invested approached $150 billion for the year, with a disproportionate share flowing into…

Read more →

The Microsoft Quantum Development Kit (QDK) is an open-source toolkit that runs on laptops and in common development environments. It includes code, simulators, libraries, and workflows that work with Visual Studio Code and GitHub Copilot. Integration with these tools gives…

Read more →

Airline brands sit at the center of peak travel booking cycles, loyalty programs, and high value transactions. Criminal groups continue to register thousands of lookalike domains tied to these brands, targeting travelers, employees, and business partners. Recent threat intelligence from…

Read more →

Internet-facing VPNs, routers, and remote access services absorbed sustained exploitation attempts throughout the second half of 2025, with nearly 3 billion malicious sessions recorded over 162 days. The concentration on edge infrastructure aligns with how attackers pursue initial access across…

Read more →

Two South Korean teenagers have been charged in connection with a cyberattack that compromised the personal data of 4.62 million users of Seoul’s public bike service, Ttareungyi. The compromised data included user IDs, mobile phone numbers, addresses, dates of birth,…

Read more →

Forescout introduced Forescout VistaroAI, which thinks like a security expert instead of a chatbot. It eliminates the need for prompt engineering by delivering role-based automation with human-in-the-loop control, resulting in faster, more accurate risk decisions and an improved user experience…

Read more →

Veeam Software announced Agent Commander, a unified solution to help organizations safely detect AI risk, protect AI systems, and undo AI mistakes, enabling them to proactively address AI-driven risks and securely scale AI agents everywhere. The first integration from Veeam’s…

Read more →

Druva announced a major expansion of DruAI, adding Deep Analysis Agents that automate complex multi-day forensic and compliance investigations. IT and security teams spend too much time not just fixing problems, but proving what happened and why across incident response,…

Read more →

Aikido Security has unveiled Aikido Infinite, a continuous AI penetration testing solution that autonomously validates and remediates vulnerabilities. Infinite reduces risk with every release by testing software changes as they move through deployment, confirming exploitability, and fixing vulnerabilities within the…

Read more →