Enterprises that have turned to AI in order to boost their security defenses may have to reconsider their approach. Malware containing code that commands LLM-assisted products to abort their analysis or refuse to implement it is already circulating, according to a post from security company SentinelLabs. SentinelLabs thinks it knows who’s responsible for the malware,…

Read more →

Now in iOS 27 developer beta, the Camera app adds a new Siri mode that provides AI-based assistance for anything within view. Here’s what you need to try it yourself.

Read more →

US authorities are getting decidedly twitchy about frontier AI models. Just a couple of weeks after ordering Anthropic to prevent foreign companies from getting hold of its latest release, Mythos/Fable 5, it’s been putting the squeeze on another AI company.. Now, the Trump administration is asking OpenAI to hold back on the general release of…

Read more →

Instead of eliminating jobs for early-career cyber pros, AI is creating new opportunities for candidates with strong human decision-making skills.

Read more →

Chinese tech giant Tencent is set to launch an AI assistant inside WeCom, its Slack-like collaboration tool for enterprises. The new tool, Dayuan, is built on the latest large language models from Chinese AI developer DeepSeek. Tencent announced the news in a post on Chinese messaging platform Weibo by Tencent’s public relations manager Zhang Jun.…

Read more →

I’m a health and wearables editor, and these are some of the top smartwatch, smart ring, and wellness deals I’ve found for the last day of Prime Day.

Read more →

Plus, the new drugs replacing chemo in breast cancer treatment and what the AI agents inside AI giants tell us about the future of work.

Read more →

ICIT: Hidden infrastructure concentration threatens U.S. market resilience.

Read more →

In places like Troy, N.Y., leaders say AI-enabled cameras boost safety. But some locals call it a “dystopian hellscape.”

Read more →

Australia’s Security Intelligence Organization (ASIO) has uncovered an attack on a critical infrastructure operator’s network. State-sponsored actors had compromised the network and were preparing to sabotage it, according to its director general, Mike Burgess. Other countries face similar cyber-threats to critical infrastructure. It’s impossible to exaggerate the danger that the country is facing from cyberattacks…

Read more →

Australia’s Security Intelligence Organization (ASIO) has uncovered an attack on a critical infrastructure operator’s network. State-sponsored actors had compromised the network and were preparing to sabotage it, according to its director general, Mike Burgess. Other countries face similar cyber-threats to critical infrastructure. It’s impossible to exaggerate the danger that the country is facing from cyberattacks…

Read more →

How can AI help managed service providers reduce repetitive work while improving cybersecurity for small businesses? In this Channel Insider interview, Victoria Durgin speaks with Dan Reid, CEO of Framewerx, about the launch of Neuralwerx—an AI-powered platform designed to automate routine MSP tasks, lower security costs for SMBs, and free IT professionals to focus on…

Read more →

The initial public draft of the updated guidelines, titled “IoT Product Cybersecurity Guidelines for the Federal Government: Establishing IoT Product Cybersecurity Requirements,” is available for comment until August 24.

Read more →

After an accident, many people assume the responsible party’s insurance company will just look at the facts, calculate damages, and offer fair compensation. Unfortunately, the…

Read more →

The new regulations aim to protect the Emergency Alert System (EAS) and Wireless Emergency Alerts (WEA) from hijacking attacks.

Read more →

We compared the price histories of the products that ZDNET experts recommend to help you find the best deals while shopping during the final day of Amazon’s Prime Day sale.

Read more →

Major Threats & Vulnerabilities Critical Software and Hardware Exploits The FFmpeg PixelSmash vulnerability was disclosed this week, allowing remote code execution (RCE) through malicious video files. The flaw, found in the MagicYUV decoder, can trigger automatically during thumbnail generation. Users are urged to patch immediately and audit systems for exposure. Apple devices were also affected…

Read more →

Getting accurate visibility into IT and OT systems will be compounded by multivendor environments, misaligned update life cycles, and interoperability gaps.

Read more →

This guide is for penetration testers, digital forensics investigators, security professionals, and IT administrators looking for the best Linux distributions for cybersecurity in 2026. It compares eight leading Linux distros for ethical hacking, penetration testing, incident response, and digital forensics to help you choose the right platform based on your experience level and security objectives.…

Read more →

Apple’s decision to raise prices in response to memory cost increases is not unique to the company. If Apple has to do it, everyone else will as well.  Apple announced stiff price increases Thursday — up to 25% in some cases — that extended across most products, including refurbished Macs and iPads (which saw prices increase up to…

Read more →

Here’s what that shift to AI means for the recruitment process, and how you can ensure your application gets picked from the pack.

Read more →

This guide is for security teams, penetration testers, and IT administrators looking to evaluate the best open-source penetration testing tools in 2026. It compares 23 leading tools across web application security, network scanning, password auditing, exploitation, wireless testing, and other key penetration testing categories to help you choose the right solutions for your environment. Key…

Read more →

A flaw in the Linux kernel’s traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331, nicknamed “pedit COW,” is an out-of-bounds write in the packet-editing action (act_pedit) that corrupts shared page-cache memory. A public, working exploit appeared within a day of the CVE assignment on June 16. Red Hat rates the flaw as

Read more →

It might be taking a bit longer than usual to respond to your submissions — here’s why.

Read more →

I’ve found several great sub-$100 deals still available for Amazon Prime Day. But act fast – because the event ends soon.

Read more →

An email attachment leads to the installation of a malicious Chrome extension. Researchers say it is part of a Windows backdoor delivered via a phishing email. The malware abuses Chrome Native Messaging to move control from the browser into the host system. Its most notable trick isn’t the phishing lure itself, but the way it…

Read more →

A macOS XPC flaw let regular users disable CrowdStrike and Kandji tools, exposing security gaps that vendors patched after XM Cyber reported the security issue.

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting PTC Windchill PDMlink and PTC FlexPLM enterprise Product Data Management (PDM) and Product Lifecycle Management (PLM) software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is

Read more →

Proof has launched x401, an open, issuer-neutral protocol that lets any website or API ask for and verify the identity behind agents. With x401, a service can ask for the proof it requires: verified identity, age, membership, organizational affiliation, signing authority, proof of humanness, orf another trusted claim. The agent presents a compatible credential and…

Read more →

Smartglasses are a new consumer-tech arms race for the last and best real estate on our bodies. So what are we supposed to do with them?

Read more →

DirtyClone is a new Linux kernel privilege escalation in the DirtyFrag family. JFrog Security Research published a working exploit walkthrough for the flaw on June 25, the first public demonstration for this variant. Tracked as CVE-2026-43503 (CVSS 8.8), it lets a local user corrupt file-backed memory through a cloned network packet and gain root. The patch landed in

Read more →

Open source software projects are getting a new framework for handling security vulnerabilities as AI shortens the time between flaw discovery and exploitation. The Linux Foundation has launched Akrites, an industry initiative that brings together technology companies, financial institutions, security vendors, AI companies, and open source projects to support the remediation and disclosure of vulnerabilities…

Read more →

Russian authorities used Cellebrite tools to unlock an activist’s iPhone and analyze private data despite canceled support, raising abuse concerns. On May 31, 2021, Russian security services pulled opposition activist Andrey Pivovarov off a flight at St. Petersburg airport and confiscated his iPhone 12 and MacBook. He never consented to a search and never gave…

Read more →

Cybersecurity researchers have flagged yet another evolution of the supply chain attack linked to the Mini Shai-Hulud, Miasma, and Hades malware family that has compromised a new set of npm packages, even as it has propagated to the Go ecosystem. “The latest activity includes malicious npm releases affecting LeoPlatform and RStreams packages, GitHub Actions workflow…

Read more →

The top products that outperformed others in our lab testing include brands like Ecovacs, Apple, and more, and they are discounted for Prime Day.

Read more →

For years, Microsoft has hyped Windows 11 cas an OS with AI, and the company is finally putting the building blocks in place for that transformation. Microsoft execs shared examples of how the company is integrating AI in Windows 11 at its Build event earlier this month, highlighting how AI models and agents will make…

Read more →

Don’t wait until a breach forces the company to adapt.

Read more →

Synology has has fixed critical vulnerabilities in MailPlus Server, a software package used to run private email infrastructure on Synology NAS devices. The security update fixes three flaws: CVE-2026-13136, stemming from faulty authorization checks, may allow remote attackers to read or write arbitrary files and conduct denial-of-service (DoS) attacks CVE-2026-13135, caused by improper restriction of…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco and PTC Windchill and FlexPLM flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Cisco and PTC Windchill and FlexPLM flaws to its Known Exploited Vulnerabilities (KEV) catalog. The two flaws added to the catalog are: CVE-2026-12569 (CVSS score of 9.3)…

Read more →

A China-linked threat group has been targeting critical infrastructure in Southeast Asia with a new custom backdoor called TinyRCT

Read more →

AI is here, and we must help workers adapt: That’s the response of a new non-profit organization to the ongoing debate about whether AI will destroy jobs and cause catastrophe or take the economy to new heights. Launched Thursday, Raise Us is a nonpartisan national organization that says it will partner with state governors, employers,…

Read more →

From an earwax camera to multi-tools, we’ve tested some strange items at ZDNET – and recommend them all.

Read more →

Android Auto can push your phone hard – here’s how I keep temperatures under control.

Read more →

Have you seen “The Founder”? It’s the story of McDonald’s and how Ray Kroc (played by Michael Keaton) transformed the company from a local burger joint to a global landlord. According to the movie, Kroc’s accountant gave him the revelation: “You’re not in the burger business. You’re in the real estate business.” When brothers Richard…

Read more →

US lawmakers on Thursday introduced a bill that would require developers of advanced AI models to report major safety and security incidents to the Commerce Department, establishing a federal oversight framework for high-risk AI systems. The proposed AI Incident Reporting Act would mandate that developers of designated “covered models” disclose incidents within seven days of…

Read more →

Ransomware attacks against European organizations increased during the first months of 2026, with third-party suppliers becoming a major entry point for attackers. Black Kite examined 2,066 ransomware incidents across 31 countries between January 2025 and April 2026 in its 2026 European Cyber Risk Report. Country distribution of ransomware attacks (Source: Black Kite) “Three forces are…

Read more →

As AI adoption accelerates across UK businesses, security and compliance teams are working to align deployments with GDPR requirements and new government cybersecurity guidance.  Regulators and industry bodies warn that widespread use of unapproved AI tools and third-party platforms is creating governance and data security risks that many organizations are only beginning to address. UK…

Read more →

Micron makes clear the shortage will last, but memory customers are developing workarounds.

Read more →

An active phishing campaign has been targeting hotel and other hospitality organizations across Europe and Asia since April 2026, using photo-themed ZIP files to drop a Node.js implant and dig into front-desk machines, Microsoft says. The company has not attributed the activity to a known threat actor, and the operators’ end goal is still unclear. The lure…

Read more →

Mirage2FA, a phishing kit that combines short-lived HTML smuggling with obfuscated JavaScript loaders to deliver fake Microsoft 365 login pages and steal credentials during MFA prompts, has been identified by researchers at Fortra. Fortra based its analysis on a suspicious HTML and JavaScript attachment delivered by email, supporting DNS data, and the second-stage phishing page.…

Read more →

As AI and other technologies reshape how business leaders approach investment and deployment strategies, channel partners are adapting to new demands and increasingly complex environments. We asked Derek Hornacek, the director of distribution and channel sales at Panasonic Connect, about how those changes are impacting the ways vendors need to work with their channel partners…

Read more →

Kaspersky researchers have uncovered a previously unknown cyberattack campaign that has compromised government organizations and software development companies in multiple countries. They first stumbled onto the campaign while investigating an attack on a diplomatic organization in Indonesia. What initially looked like an isolated incident revealed a global operation they’ve dubbed StrikeShark, due to the attackers’…

Read more →

For years, enterprise cloud conversations centered on migrating workloads to public cloud platforms. At HPE Discover 2026, however, executives and partners painted a different picture: artificial intelligence is accelerating demand for private and hybrid cloud environments rather than replacing them. “The single most powerful hybrid workload is AI,” Jim O’Dorisio, senior vice president and general…

Read more →

Russian authorities used Cellebrite’s UFED forensic tools to break into the iPhone of detained opposition activist Andrey Pivovarov in June 2021, three months after Cellebrite said it would stop selling its tools and services to Russia and Belarus. The finding, published June 25 by the Citizen Lab, rests on two things that rarely line up: traces…

Read more →

In this post, I will show you how smart sensors improve modern security systems. Modern security systems need more than cameras and alarms. Businesses now manage risks across entrances, restrooms, storage rooms, shared offices, warehouses, parking areas, schools, healthcare spaces, and public facilities. Smart sensors improve security by detecting conditions that traditional systems may miss.…

Read more →

Polymarket confirmed hackers stole funds from some users after attackers injected malicious code through a compromised third-party vendor. Polymarket confirmed that a security breach at a third-party vendor allowed attackers to inject malicious code into its website, leading to the theft of funds from an undisclosed number of users. The company said it has contained…

Read more →

The UK Cyber Monitoring Centre reviews the Canvas breach affecting 160 UK universities, highlighting data theft risks and financial impacts of cyber incidents

Read more →

Officers from Poland’s Central Bureau for Combating Cybercrime (CBZC) arrested four suspected members of an organized cybercrime group accused of SIM swap attacks, cryptocurrency theft, and money laundering. The operation involved agents from the U.S. Federal Bureau of Investigation (FBI) and Homeland Security Investigations (HSI). The investigation is being supervised by the Regional Prosecutor’s Office…

Read more →

Shares fell—wiping out most of the stock’s gains this year—after Germany’s financial regulator launched an audit of the company’s financial statements

Read more →

ZeroTier has announced the release candidate 2 (RC2) for ZeroTier Quantum, its end-to-end quantum-secure networking platform. This milestone marks the final testing phase, positioning the platform one step away from general availability (GA). ZeroTier Quantum addresses the looming threat quantum computing poses to traditional encryption by meeting the NIST and NSA’s highest CNSA 2.0 standards,…

Read more →

ThreatModeler has announced the general availability of ThreatModeler Nexus, an agentic threat modeling platform that brings governed, architecture-aware security to the way modern software is actually built. As AI writes a growing share of production code, the question is no longer whether to threat model, but where and when. ThreatModeler Nexus answers that with a…

Read more →

The Russian state-sponsored threat actor known as Turla has been attributed to a previously undocumented .NET backdoor called STOCKSTAY that has been deployed against government and military organizations in Ukraine, and entities that have an interest in Italian foreign policy. Describing the Windows backdoor as continually developed by the hacking group, Google Threat Intelligence Group…

Read more →

Across Australia, boards are signing off AI strategies with urgency. Productivity has stalled, costs are rising and labour is tight. AI should be a way to get more from…

Read more →

Microsoft has given Windows 10 users another year of free security updates, extending its consumer Extended Security Updates (ESU) program until October 12, 2027. “Windows 10 support has ended. You can enroll in ESU any time until the program ends on October 12, 2027. If you’re already enrolled, your coverage will automatically continue through that…

Read more →

Reliable business technology begins with physical systems that suit the site, the workload, and the people using them each day. Leaders across Australia can buy similar…

Read more →

Submitting a suspicious file to VirusTotal or MalwareBazaar places a copy of that file on a platform other people can search. Analysts across the industry rely on these services to get a quick verdict on whether a binary is dangerous. The convenience carries a condition many overlook. Once a sample reaches a public repository, the…

Read more →

SuperOps and Guardz are bundling PSA, RMM, MDM, and agentic SecOps into one offering for MSPs. In this Help Net Security Q&A, SuperOps CEO Arvind Parthiban and Guardz CEO Dor Eisner explain how a connected stack cuts the time and context lost to tool-switching, lowers costs against multi-vendor setups, and helps close the gap between…

Read more →

Healthcare practices run on a chain of outside vendors. An EMR system holds clinical records, a billing platform processes claims, a telehealth tool supports remote visits, and a cloud provider stores data. Every one of those connections gives an outside company a path into the practice, and any one of them can break. That is…

Read more →