Discern Security has introduced new agentic AI capabilities across its proactive security platform, designed to help security teams move faster from data to action. As environments become more complex and security teams face growing tool sprawl, fragmented workflows, and too…
Category: Help Net Security
Cobalt adds continuous pentesting AI capabilities to scale offensive security and real-world risk
Cobalt has released new AI capabilities for continuous pentesting. Delivered through the Cobalt Offensive Security Platform, these next-generation components integrate AI with human pentesters and more than a decade of proprietary pentesting intelligence to accelerate the speed, scale, and depth…
Komodor unveils Klaudia AI extensibility framework to power multi-agent incident resolution
Komodor has unveiled a new extensibility framework that transforms its Klaudia AI technology into a universal multi-agent platform for troubleshooting and optimizing the performance of complex cloud native infrastructures and applications. This new architecture enables organizations to extend Klaudia AI…
Teleport announced Beams, wants to remove major barrier to agentic AI
Teleport today announced Beams, a trusted runtime designed to solve the security and IAM challenges blocking teams from designing and running AI agents in production infrastructure. Beams runs each agent in an isolated Firecracker VM with built-in identity. Each Beam…
Secure endpoint management systems immediately, CISA urges
The US Cybersecurity and Infrastructure Security Agency (CISA) warns that the cyberattack on Stryker Corporation serves as a signal to U.S. organizations that foreign cyber activity tied to Middle East conflicts may be spilling into their operations. Attackers breached Stryker’s…
CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963)
CVE-2026-20963, a remote code execution (RCE) SharePoint vulnerability Microsoft fixed in January 2026, is being exploited by attackers. The confirmation comes from the US Cybersecurity and Infrastructure Security Agency (CISA), which added the flaw to its Known Exploited Vulnerabilities (KEV)…
Google limits Android accessibility API to curb malware abuse
Google is restricting how Android apps can use accessibility features after years of abuse by banking Trojans and mobile malware. The changes, introduced in Android 17.2, limit access to the accessibility API when Advanced Protection Mode (APM) is enabled. Apps…
EDR killers are now standard equipment in ransomware attacks
Ransomware attackers routinely deploy tools designed to disable endpoint detection and response software before launching encryptors. These tools, known as EDR killers, have become a standard component of ransomware intrusions. ESET Research tracked nearly 90 EDR killers actively used in…
900,000 contact records exposed in Aura data breach
Aura, the online safety service, confirmed that an unauthorized party accessed about 900,000 records, mostly names and email addresses from a marketing tool linked to a company it acquired in 2021. The incident occurred as a result of a targeted…
Samba 4.24.0 ships Kerberos hardening and a CVE fix for domain encryption defaults
Samba 4.24.0 arrived carrying a set of Kerberos security changes aimed at Active Directory deployments. The release fixes a vulnerability, extends audit coverage for sensitive AD attributes, and introduces configuration options to counter two related Kerberos impersonation techniques. A CVE…
Keysight SBOM Manager simplifies global cybersecurity compliance and software transparency
Keysight Technologies has launched Keysight SBOM Manager, a new solution designed to help organizations meet growing global cybersecurity and software transparency requirements, led by the European Union’s Cyber Resilience Act (CRA). The solution provides a unified approach to generating, managing,…
Arcjet enables inline defense against prompt injection in production AI systems
Arcjet has released AI Prompt Injection Protection, a new capability designed to stop prompt injection attacks before they reach production AI models. The feature detects hostile prompts at the application boundary and gives developers a decision point inside the request…
Java 26 ships with new cryptography API and HTTP/3 support
Oracle released JDK 26, the 17th consecutive feature release delivered under the six-month cadence the project adopted in 2018. The release includes ten JDK Enhancement Proposals spanning language changes, garbage collection improvements, cryptographic tooling, and network protocol support. PEM encoding…
Omnix AI Advisor brings real-time credential threat insights to enterprise security teams
Dashlane has unveiled Omnix AI Advisor, a natural-language AI security assistant embedded into the Dashlane Omnix platform. Built upon Omnix’s advanced credential protection and visibility capabilities, Omnix AI Advisor accelerates enterprises’ transition to a proactive security posture by turning real-time…
AI got it wrong with high confidence. Now what?
In this Help Net Security interview, Christian Debes, Head of Data Analytics & AI at SPRYFOX, talks about the growing gap between what AI models do and what their operators can explain. He argues this gap is already a liability,…
Betterleaks: Open-source secrets scanner
Secrets scanning has become standard practice across engineering organizations, and Gitleaks has been one of the most widely used tools in that space. The author of that project has now released a new tool called Betterleaks, which is designed to…
Elite members of North Korean society fake their way into Western paychecks
Increased federal activity, including indictments over the past year, has drawn attention to a pattern that has been unfolding inside corporate hiring pipelines. North Korean nationals are securing roles as remote IT contractors and full-time staff within organizations across North…
Your APIs are under siege, and attackers are just getting warmed up
Internet-facing systems are handling sustained levels of malicious traffic across APIs, web applications, and DDoS channels. Akamai’s State of the Internet security report places these patterns within the same operating environment, with activity increasing across each area through 2025. The…
Token Security advances AI agent protection with intent-based controls
Token Security has unveiled intent-based AI agent security, a new approach that governs autonomous agents in enterprise environments by aligning their permissions with their intended purpose. As organizations deploy autonomous AI agents across enterprise infrastructure, security models are struggling to…
Menlo Security delivers unified governance and threat prevention for AI agents and humans
Menlo Security has unveiled the Browser Security Platform, purpose-built to secure the agentic enterprise, where autonomous AI agents will outnumber human employees and the browser has become the operating system for both. Menlo provides unified control plane to apply machine-speed…