Running AWS security audits without a dedicated security team typically means choosing between enterprise platforms with per-check billing and generic open-source scanners that produce findings with no remediation guidance. Cloud-audit, a Python CLI tool published on GitHub by Mariusz Gebala,…
Tag: Help Net Security
Zero trust, zero buzzwords: Here’s what it means
In this Help Net Security video, Murat Balaban, CEO of Zenarmor, breaks down zero trust and zero trust network access (ZTNA) without the buzzwords. The video covers why this approach matters, including the risk of lateral movement after a breach…
Software vulnerabilities push credential abuse aside in cloud intrusions
Cloud intrusions are unfolding on shorter timelines, with attackers leaning more on unpatched software and compromised identities. H2 2025 distribution of initial access vectors exploited in Google Cloud (Source: Google) Google Cloud’s Cloud Threat Horizons Report H1 2026 reflects incident…
Fortinet enhances SecOps with cloud SOC, AI automation, and managed services
Fortinet has announced major innovations across the Fortinet Security Operations (SecOps) Platform. The updates feature next-generation SecOps advancements, including expanded agentic AI capabilities, a preview of FortiSOC, managed services, and endpoint security enhancements delivered through FortiEndpoint. “As attackers weaponize AI…
Messenger can warn you about sketchy links without knowing what you clicked
Meta’s Advanced browsing protection (ABP) helps Messenger identify and warn users about potentially harmful websites they open from a chat. Malicious sites can try to steal passwords, collect personal information, or install malware. Advanced browsing protection (Source: Meta) “In its…
Mend.io eliminates AI prompt weaknesses before production
Mend.io has launched System Prompt Hardening within Mend AI to detect, score, and automatically remediate weaknesses in AI system prompts. Hidden instructions in system prompts have emerged as a growing security concern that traditional AppSec tools do not fully address.…
Microsoft flips Windows Autopatch to default hotpatch security updates
Microsoft is changing the default behavior in Windows Autopatch so that hotpatch security updates are enabled automatically for eligible devices managed through Microsoft Intune or the Microsoft Graph API starting with the May 2026 Windows security update. Windows Autopatch is…
HR, recruiters targeted in year-long malware campaign
An attack campaign targeting HR departments and job recruiters has been stealthily compromising systems, Aryaka researchers have discovered. By avoiding analysis environments and leveraging a specialized module designed to kill antivirus and endpoint detection software, the Russian-speaking attacker(s) behind this…
Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts
Phishers are targeting AWS accounts holders with fake email security alerts and redirecting them to a high-fidelity clone of the AWS Management Console sign-in page, Datadog researchers have warned. The cloned AWS phishing page (Source: Datadog Security Labs) The campaign…
Terra Portal adds human-governed AI to live production pentesting
Terra Security has announced the launch of Terra Portal, its agentic desktop app that serves as an execution layer for pentesters to direct and oversee AI-driven testing in live production environments. Terra Portal reduces the discovery-to-fix cycle for vulnerabilities from…
This spy tool has been quietly stealing data for years
ESET researchers have traced the resurgence of Sednit through a modern toolkit built around two complementary implants, BeardShell and Covenant, each relying on a separate cloud provider to ensure operational resilience. This dual-implant architecture has enabled sustained surveillance of Ukrainian…
Teen crew caught selling DDoS attack tools
Seven minors who distributed online programs designed to facilitate DDoS attacks have been identified by Poland’s Central Bureau for Combating Cybercrime (CBZC). They were between 12 and 16 at the time of the crime. CBZC officer during a cybercrime investigation…
Armadin secures $189.9 million to counter AI-driven cyber threats
Armadin has raised $189.9 million in Seed and Series A funding. Led by Accel, with participation from Google Ventures, Kleiner Perkins, Menlo Ventures, In-Q-Tel, and follow-on investment from 8VC and Ballistic Ventures, this marks the largest combined Seed and Series…
Mimecast brings gateway-grade email security to API deployment
Mimecast has announced that its complete email security protection stack is now available through API deployment, eliminating a fundamental trade-off in the market. Standalone integrated cloud email security (ICES) solutions offered fast deployment but came at a cost: they were…
New Claude tool uses AI agents to find bugs in pull requests
Anthropic’s Claude Code Review is a new tool, available as a research preview beta for Team and Enterprise plans, that sends a team of AI agents to examine every pull request. “We needed a reviewer we could trust on every…
Phishing campaign spoofs local officials to steal permit fees
The FBI is warning about a phishing scheme in which cybercriminals impersonate city and county officials to solicit fraudulent payments for planning and zoning permits. Criminals mine publicly available permit data to find likely targets and make their outreach appear…
Escape lands $18 million funding to scale AI-driven offensive security automation
Escape has raised $18 million in Series A funding to automate the entire security lifecycle with AI agents. The round, led by Balderton Capital with participation from Uncorrelated Ventures and existing investors Iris Capital and Y Combinator, will help lean…
Datadog MCP server delivers live observability to AI agents and IDEs
Datadog has announced the general availability of its MCP Server. For developers embedding AI agents into development and operational workflows, the Datadog MCP Server provides access to live observability data, enabling teams to debug with their preferred AI coding agents…
SailPoint expands AI-powered identity security with adaptive identity framework
SailPoint announced significant advancements to its AI-powered SailPoint Platform, introducing the first in a series of capabilities that advance its adaptive identity vision, an approach designed to address the critical security challenges of IT environments. New features include: Privilege: SailPoint…
Singulr AI’s Agent Pulse delivers enforceable runtime governance and visibility for AI agents
Singulr AI has announced the launch of Agent Pulse, extending its Unified AI Control Plane to autonomous AI agents and model context protocol (MCP) servers. Agent Pulse delivers enforceable runtime governance, contextual discovery, and measurable oversight for the agentic enterprise.…