A technical build log of the Multi-Agent Control Room, where AI agents pay invoices, escalate denials, and every action is identity-governed through OPA policies, RFC 8693 delegation tokens, and the Maverics AI Identity Gateway. Four AI agents share a corporate…
What vibe hunting gets right about AI threat hunting, and where it breaks down
In this Help Net Security interview, Aqsa Taylor, Chief Security Evangelist, Exaforce, explains vibe hunting, an AI-driven approach to threat detection that inverts traditional hypothesis-driven methods. Instead of analysts defining attack vectors upfront, the AI scans datasets for anomalous patterns…
EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallet Installs
Details have emerged about a now-patched security vulnerability in a widely used third-party Android software development kit (SDK) called EngageLab SDK that could have put millions of cryptocurrency wallet users at risk. “This flaw allows apps on the same device to bypass Android security…
AWS Fixes Severe RCE, Privilege Escalation Flaws in Research and Engineering Studio
AWS recently issued a critical security bulletin addressing severe vulnerabilities in its Research and Engineering Studio (RES). RES is an open-source web portal that allows administrators to create and manage secure cloud-based research environments. Security researchers identified three major flaws…
DesckVB RAT Uses Fileless .NET Loader to Evade Detection
DesckVB RAT is emerging as a highly active and stealthy malware threat in 2026, leveraging layered obfuscation and fileless execution techniques to bypass traditional security defenses. The attack chain begins with a malicious JavaScript file that hides its true intent…
News alert: Mallory launches AI-native platform to cut through alert noise and surface real risk
AUSTIN, Texas, Apr. 9, 2026, CyberNewswire—Mallory is launching a AI-native threat intelligence platform, purpose-built to answer the questions CISOs and their teams are asking every day: •What are the real threat vectors for our organization? •What’s actually exploitable … (more…)…
Health insurance lead sites sell personal data within seconds of form submission
Lead generation websites that offer health insurance quotes collect sensitive personal data and sell it to multiple buyers within seconds of a user clicking submit. A study by researchers at UC Davis, Stanford University, and Maastricht University mapped this process…
WhatsApp Adds Username Feature to Boost Privacy and Reduce Number Sharing
For years, WhatsApp required users to share their personal phone numbers to communicate. This is finally changing. To improve user privacy and mitigate risks like doxing or targeted spam, WhatsApp is rolling out a highly anticipated username feature. This update…
Product showcase: Session, a messenger without phone numbers or metadata
Instant messaging has been around for decades, but it became widely adopted with the emergence of smartphones. Earlier, communication was limited to basic text messages. Messaging expanded to include photos, videos, and video calls without relying on telecom networks, as…
WhatsApp Introduces Username Feature for Connecting Without Sharing Phone Numbers
WhatsApp is preparing to roll out a long-anticipated username feature that will allow users to communicate without ever revealing their phone numbers, a significant privacy upgrade for one of the world’s most widely used messaging platforms. First spotted by WABetaInfo…
New infosec products of the week: April 10, 2026
Here’s a look at the most interesting products from the past week, featuring releases from Advenica, Intruder, Mallory, and Secureframe. Mallory brings contextual threat intelligence to security operations Mallory is launching an AI-native threat intelligence platform that monitors thousands of…
The Sad Decline of Trenchant Exec Who Had Everything, Before Deciding to Steal and Sell Zero Days to Russian Buyer
Peter Joseph Williams, a former L3 Trenchant executive recently convicted of secretly selling zero-day exploits to a Russian broker, says he was suffering anxiety, burnout, years of depression, and financial difficulties when he decided to steal exploits from his US…
IT Security News Hourly Summary 2026-04-10 06h : 1 posts
1 posts were published in the last hour 3:7 : What’s New in GravityZone April 2026 (v 6.72)
What’s New in GravityZone April 2026 (v 6.72)
Bitdefender rolled out new functionality in Bitdefender GravityZone, a unified cybersecurity platform that provides prevention, protection, detection, and response capabilities for organizations of all sizes. These features, consistent with our multi-layered security strategy, are intended to ease the workload of…
Malicious password-protected files – Blog | Menlo Security
Discover the rising threat of malicious password-protected files, evading defenses via encryption and alternative channels. The post Malicious password-protected files – Blog | Menlo Security appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the…
Zero-Trust Telemetry for Quantum-Era AI Resource Orchestration
Explore how to secure Model Context Protocol (MCP) deployments with zero-trust telemetry and post-quantum cryptography for AI resource orchestration. The post Zero-Trust Telemetry for Quantum-Era AI Resource Orchestration appeared first on Security Boulevard. This article has been indexed from Security…
IT Security News Hourly Summary 2026-04-10 03h : 1 posts
1 posts were published in the last hour 0:9 : Kasada Partners with the Retail and Hospitality ISAC as Title Sponsor of 2026 Cybersecurity Summit
Kasada Partners with the Retail and Hospitality ISAC as Title Sponsor of 2026 Cybersecurity Summit
Kasada will headline the 2026 RH-ISAC Cybersecurity Summit, addressing bot-driven fraud, AI-powered cybersecurity threats, and agentic commerce across retail and hospitality sectors. The post Kasada Partners with the Retail and Hospitality ISAC as Title Sponsor of 2026 Cybersecurity Summit appeared…
What to Know About CyberAv3ngers: The IRGC-Linked Group Targeting Critical Infrastructure
An Iran-affiliated threat group has evolved from defacing water utility displays to deploying custom ICS malware and exploiting Rockwell Automation PLCs across multiple U.S. critical infrastructure sectors. Key takeaways: CyberAv3ngers is a state-directed threat group operating under Iran’s IRGC Cyber-Electronic…
How are NHIs supported in complex IT architectures
How Do Non-Human Identities Fit into Complex IT Architectures? Have you ever wondered how organizations maintain secure environments where complex IT architectures, especially when it comes to non-human identities (NHIs)? With machine identities become increasingly essential in automating processes and…
How can Agentic AI bring calm to hectic operations
What Role Do Non-Human Identities Play in Achieving Calm Operations? Managing operations is no small feat, especially when it comes to cybersecurity. But have you ever considered how non-human identities (NHIs) can significantly impact the operational stability of your organization?…
Are Agentic AI systems truly scalable for large enterprises
What Is the Role of Non-Human Identities in Cybersecurity? Where increasingly governed by technology, it’s crucial to examine the security of Non-Human Identities (NHIs). These machine identities play a pivotal role in cybersecurity but are often overlooked in favor of…
IT Security News Hourly Summary 2026-04-10 00h : 4 posts
4 posts were published in the last hour 21:55 : IT Security News Daily Summary 2026-04-09 21:32 : Is Your Liquibase Community Project Ready for the AI Era? 21:14 : Applying Oracle 19c Release Update (RU): A Practical Guide from…
IT Security News Daily Summary 2026-04-09
181 posts were published in the last hour 21:32 : Is Your Liquibase Community Project Ready for the AI Era? 21:14 : Applying Oracle 19c Release Update (RU): A Practical Guide from My DBA Experience 21:13 : Eurail data breach…