OWASP’s FinBot gives developers hands-on training to secure AI agents.
Category: AI
AI, Data Breaches, Global Security News
Carnival Cruise confirms data breach affecting nearly 6 million people
Carnival Corporation, the world’s largest cruise line operator, has confirmed a data breach affecting nearly 6 million people claimed by the ShinyHunters extortion gang in April 2026. […]
AI, Apps, Cybersecurity, Global Security News, Government & Policy
A Fake UK Visa Site Left 100,000 Passports Wide Open
A third-party UK visa site exposed passports and selfies on a public AWS server. It’s not official GOV.UK and affected at least 100,000 documents. UK Visa Portal is not run by the British government. It’s a third-party service, apparently operated by a UAE-registered company called Active Leadgen LLC, that charges fees to help people apply…
AI, Compliance, Endpoint, Global Security News
The AI governance imperative you can’t afford to ignore
CIOs rushing to roll out AI agents without real visibility into their decision-making processes are flirting with disaster. According to AI experts, deploying agents without observability processes and tools creates a ticking time bomb with the potential for huge negative consequences. Many companies are deploying AI agents and expecting them to increase productivity with little…
AI, Global Security News, privacy
Stop buying Motorola Android phones
Over the past decade, there’s something I’ve hinted at, mentioned in passing as a part of broader discussions, and told more people than I can count privately via email and other one-on-one conversations. And now, as the writer of the internet’s longest-standing Android column and newsletter — a fancy way of saying someone who is…
AI, Apps, Global Security News
Microsoft’s new cloud PCs place AI agents under enterprise controls
Microsoft’s Windows 365 for Agents, a cloud PC platform for agentic workloads, runs AI agents in secure environments. Organizations can direct agents with natural language to interact with applications, browsers, files, and enterprise systems. The platform is available in public preview. A conceptual computer-using agent architecture. (Source: Microsoft) Users will be able to automate workflows…
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds LiteSpeed cPanel Plugin flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds LiteSpeed cPanel Plugin flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the LiteSpeed cPanel Plugin flaw CVE-2026-48172 to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2026-48172 (CVSS score of 10.0) affects the LiteSpeed User-End cPanel plugin before version 2.4.5 and allows…
AI, Global Security News
A single typo could derail your World Cup plans
Cybercriminals are spoofing Fédération Internationale de Football Association (FIFA) websites ahead of the 2026 FIFA World Cup, the FBI warns. The attackers are registering lookalike domains with small spelling changes or different domain endings to impersonate FIFA websites and services. The tactic, known as typosquatting, relies on users making small typing mistakes when entering website…
AI, china, Global Security News, Government & Policy, Russia
Oil shipments, drone makers, and a poisoned code library targeted in recent APT campaigns
Geopolitical pressure drove much of the state-sponsored cyber activity recorded between October 2025 and March 2026, according to ESET’s latest APT Activity Report. Espionage groups aligned with China, North Korea, Russia, and Iran adjusted their targets to match the economic and security concerns of their governments. Attack sources (Source: ESET) “In Asia, the campaigns primarily…
AI, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
What the industrialization of exploitation means for defenders
For decades, cybersecurity was a battle of skill. Elite attackers versus elite defenders. The rules of engagement were understood, even if the playing field wasn’t level. If you hired better analysts and bought better tools, hopefully you hardened your systems well enough and built detection capabilities that wore out the adversary’s patience. That era is…
AI, Europe, Global Security News
Mistral Chases AI Superintelligence to Counter U.S. Dominance
The French company’s CEO said its—and Europe’s—biggest obstacle to tech independence is the scale of investment necessary.
AI, Global Security News, malware
JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware
A new campaign orchestrated by a previously undocumented threat actor has targeted cryptocurrency organizations with an aim to facilitate digital asset theft using recruitment-themed social engineering and bespoke macOS malware. “These campaigns leveraged sophisticated social engineering techniques, custom macOS malware, and deep targeting of CI/CD infrastructure,” Wiz researchers Shira Ayal,
AI, Apps, Exploits, Global Security News, malware
19.6 Billion Files Are Sitting Open on the Internet. No Password Required
19.6 Billion files are exposed in misconfigured cloud buckets, including 685K credential files and nearly 1M database dumps. There’s a comfortable myth most people carry around: that the data they hand to companies is locked somewhere safe. Researchers at Mysterium VPN just ran the numbers, and the numbers disagree. Across 535,480 publicly listable cloud storage…
AI, Global Security News, Network Security, privacy
Ketch brings multi-agent AI orchestration to enterprise privacy programs
Ketch has unveiled its vision for agentic privacy with the Ketch Agent Network, a multi-agent orchestration layer for enterprise privacy programs. The platform is designed to continuously reason across legal obligations, internal policies, and operational realities within a unified AI-driven system. Privacy teams today are accountable for more than ever: global regulations, AI governance mandates,…
AI, Apps, Global Security News
Checksum introduces Continuous Quality Agent for automated test generation and healing
Checksum has launched its Continuous Quality Agent, an autonomous system that runs nightly against deployed applications and automatically heals broken tests without waiting for an engineer to open a dashboard or write a prompt. AI coding has changed the constraint in software development. Teams can now ship far more code than before, but every PR…
AI, Data Breaches, Global Security News, Risk Management
XM Cyber enhances identity risk visibility with continuous exposure management capabilities
XM Cyber has announced platform enhancements aimed at helping organizations reduce identity risk, compounded by AI-enabled attackers. According to Gartner, “By 2028, 70% of CISOs will use identity visibility and intelligence capabilities to shrink the IAM attack surface, reducing the risks of credential compromise.” Excessive permissions are a leading technique used in breaches and a…
AI, Global Security News
Police arrest suspect in Ajax football club hack that exposed 300,000 fan records
The Dutch National Police arrested a man suspected of hacking into the computer systems of AFC Ajax, a football club from Amsterdam. “On the morning of Tuesday, May 26, detectives arrested a 35-year-old man from the municipality of Buren for computer intrusion at the Amsterdam football club Ajax. The man is suspected of intentionally and…
AI, Apps, Compliance, Global Security News, Risk Management
Q&A: Box CEO embraces shift to ‘headless’ software in the agentic AI era
The rise of generative AI (genAI) technology has prompted a growing debate about the future of software-as-a-service (SaaS) business models. Some of the fears are overblown: enterprises are unlikely to vibe-code their own applications to replace their SaaS suppliers anytime soon, while software vendors have yet to see per-seat sales fall off due to mass automation…
AI, Cybersecurity, Data Breaches, Global Security News
The CISO selling confidence in a market full of breach headlines
Engineering teams across enterprise IT are writing their own software with AI coding assistants, spinning up agents that act on their behalf, and assigning those agents the same access privileges their human creators hold. The shift has pulled the role of the chief information security officer into territory that did not exist two years ago.…
AI, Global Security News
Nudge Security adds browser-based discovery for shadow AI agents
Nudge Security announced that its AI security platform offers discovery of shadow AI agents via the browser, extending its agent discovery capabilities to cover platforms that do not provide a public API for agent identity and inventory. The new browser-based agentic AI discovery closes a fundamental gap, where other solutions depend solely on platform APIs…
AI, Global Security News
Frontier AI models collapse under multi-turn AI attacks, Cisco finds
Attackers who probe large language models rarely give up after one refusal. They reframe, build context across turns, adopt personas, and escalate gradually. New research from Cisco’s AI threat intelligence team finds that the safety benchmarks used across the industry miss almost all of this behavior, and the gap between published scores and observed resilience…
AI, Cybersecurity, Global Security News
Hottest cybersecurity open-source tools of the month: May 2026
Presented here is a curated selection of noteworthy open-source cybersecurity solutions that have drawn recognition for their ability to enhance security postures across diverse settings. Pipelock: Open-source AI agent firewall AI coding agents run with shell access, environment variables containing API keys, and unrestricted internet connectivity, creating a single point of failure where one compromised…
AI, Apps, Cloud Security, Global Security News
Companies built AI into core systems before figuring out how to govern it
70% of organizations use GenAI in live environments, and 64% have AI agents in pilot or production deployments. Some of those agents have privileged access to core systems, according to Check Point’s 2026 Cloud Security Report. Confirmed and suspected AI incidents (Source: Check Point) Production AI expands the enterprise attack surface Security architectures built around…
AI, Cybersecurity, Global Security News, malware, Network Security, Risk Management
Employees are unknowingly inviting tech support impersonators into firms, says FBI
Online or telephone IT support scams have been tricking employees into downloading or clicking on malware for years. But according to the FBI, one group that targets US-based law firms has recently found success in person, by convincing firms to allow a supposed IT support person into the building, where they insert a storage device…
AI, Global Security News
$5.7 Trillion and Counting. How Much Further Can the Chip Rally Run?
Surging demand for chip makers has lifted major indexes from their wartime malaise.
AI, Apps, Compliance, Exploits, Global Security News, Government & Policy, Network Security, privacy, Risk Management
Another IT governance headache: AI-enabled sanction evasion
Over the next three to five years, both governments and the private sector will need to rapidly adapt identification and mitigation protocols as adversaries move from AI-assisted to AI-enabled sanctions evasion and proliferation financing (PF), a new research paper warns. The report, Algorithms of Evasion: The Rise of AI-Enabled Proliferation Financing, from the Royal United…
AI, Cybersecurity, Global Security News, Government & Policy
Smashing Security podcast #469: What your Oura ring won’t tell you
CISA, the US government agency whose entire job is keeping America’s critical infrastructure safe from hackers, has had a contractor publish dozens of plain-text credentials to a public GitHub profile. Meanwhile, your Oura ring is quietly transmitting some of its data unencrypted – and when one journalist asked the company how often it hands user…
AI, Apps, Compliance, Exploits, Global Security News, Government & Policy, Network Security, privacy, Risk Management
Another IT governance headache: AI-enabled sanction evasion
Over the next three to five years, both governments and the private sector will need to rapidly adapt identification and mitigation protocols as adversaries move from AI-assisted to AI-enabled sanctions evasion and proliferation financing (PF), a new research paper warns. The report, Algorithms of Evasion: The Rise of AI-Enabled Proliferation Financing, from the Royal United…
AI, Apps, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management
ShinyHunters Alleges 42M Records Stolen from Charter Communications
Charter Communications confirmed a cybersecurity incident after the ShinyHunters extortion group claimed it stole customer data and threatened to leak the information unless a ransom was paid. The company, which operates under the Spectrum brand, said it is investigating the incident and coordinating with authorities. “The Charter breach is a reminder that the most sophisticated…
AI, Global Security News, Risk Management
AI models more vulnerable than claimed when faced with iterative attacks
CISOs relying on LLM runtime guardrails and official safety scores when making security decisions about their organizations’ AI usage and model selection are due for a wakeup call. According to a new study from Cisco, frontier models from OpenAI, Anthropic, Google, xAI, and Amazon have significantly worse risk profiles when pressured in multi-turn attacks compared…
AI, Global Security News, Government & Policy, Network Security
Romanian Hacker Gets Nearly 5 Years in US Prison Over Network Intrusion
Romanian hacker Catalin Dragomir (45) got 4 years and 8 months in prison for selling access to an Oregon state network. Romanian hacker Catalin Dragomir (45) will spend 4 years and 8 months in a US prison after admitting he sold access to an Oregon state network. ” A Romanian national was sentenced to 56 months…
AI, Global Security News, Network Security
Xage Security enhances zero-trust platform for AI agents
The updated platform introduces Xage Agent Sentry and Xage Resource Gateway, which aim to secure AI agents and the resources they access at multiple levels, including network interactions, local events, and operating system calls.
AI, Global Security News
Doppel launches AI email security to disrupt phishing campaigns
Doppel Email Security utilizes autonomous agents and its Doppel 360 Threat Graph to investigate threats within the inbox.
AI, Global Security News
FBI warns law firms of in-person data theft by Silent Ransom Group
SRG actors initiate attacks by posing as IT support staff, contacting victims via phone calls or phishing emails to solicit a remote desktop session.
AI, Global Security News
GPU mining malware spreads via SEO poisoning, AI chatbots
Threat actors are targeting systems with high-performance computers in an ongoing cryptojacking campaign spread through a coordinated SEO poisoning operation that also manipulated AI chatbot recommendations. […]
AI, Endpoint, Global Security News
Reconstructing an Akira Ransomware Kill Chain from Perimeter and Endpoint Logs, (Wed, May 27th)
Most Akira write-ups focus on the ransom note or the encryption routine. By the time those show up the interesting forensic work is over. The questions that matter to defenders sit earlier. How did they get in. When did they get domain admin. What did they touch before the binary fired. Those answers live in…
AI, Cybersecurity, Global Security News, Government & Policy
OpenAI heralds cybersecurity, election interference safeguard plans for 2026 midterms
OpenAI on Wednesday hailed its plans to safeguard information and aid cybersecurity defenders in the 2026 midterm elections, including work to combat deepfakes and other forms of artificial intelligence misuse. The announcement builds on commitments from major tech companies in 2024, including OpenAI, to protect elections from AI-infused election interference — efforts that some thought…
AI, Apps, Global Security News, Risk Management
ScalePad CEO Chris Day on MSP & SMB AI Adoption in 2026
ScalePad CEO Chris Day says MSPs are facing mounting pressure to support artificial intelligence as SMB clients adopt AI tools faster than many providers can operationalize, creating new urgency around automation, advisory services, and AI governance. Clients are moving faster than providers MSPs are being pulled into artificial intelligence faster than many expected, as small…
AI, Cybersecurity, Global Security News, Risk Management, Russia
FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person
Silent Ransom Group, a long-running data extortion operation, continues to hit U.S.-based law firms by impersonating IT support and, in some cases, visiting victims in person to gain physical access to computers, the FBI said in an alert Tuesday. The closed group, which likely operates from Russia and emerged in 2022 after Conti disbanded, has…
AI, Apps, Endpoint, Europe, Global Security News, Risk Management
Dell Leaders on Local AI Reshaping Enterprise Security
At Dell Technologies World 2026, the tech giant announced major changes to its portfolio and to the role security plays in enhancing it, ensuring partners and customers are well protected as cyber threats evolve. Why partner alignment is crucial to customer success Rob Emsley, Director at Dell Technologies, told Channel Insider that Dell Technologies World…
AI, APAC, Compliance, Global Security News, Network Security
Cogent Data Center Sale Highlights AI Inference Shift
If you’ve been following AI infrastructure at all over the past year, you know that most of the conversation has been centered around training, which, of course, refers to the massive systems used to build these models in the first place. That’s where all the talk of bigger clusters, more GPUs, and more power has…
AI, Global Security News
Can Big Data Predict Market Movements Accurately?
Can Big Data predict markets? Learn how AI, investor behavior, and digital signals shape modern forecasting across stocks and crypto trends.
AI, Global Security News
Laying the groundwork: A practical path to identity security for AI agents
As enterprises move toward AI-driven operations, identity modernization becomes essential.
AI, china, Cybersecurity, Europe, Global Security News, Government & Policy, Politics, Risk Management, Russia
UK spy chief labels AI ‘unstoppable force’ with offensive, defensive ramifications for cyberspace
Artificial intelligence is an “unstoppable force” that allows tech to be “weaponized just below the threshold of traditional warfare,” including in cyberspace, the head of a U.K. intelligence, security and cybersecurity agency said Wednesday. We live in a world “where the latest frontier AI is rapidly unearthing fault lines in technologies our society relies on…
AI, Apps, Global Security News, malware
AI chatbot recommendations lure users to cryptojacking malware sites
Cybercriminals are using AI chatbot interactions alongside poisoned search results to direct users to malicious download sites in an active cryptojacking campaign, Microsoft has warned. The campaign impersonates legitimate software tools such as CrystalDiskInfo, HWMonitor, Display Driver Uninstaller (DDU), FurMark, K-Lite Codec Pack, and PDFgear. Screenshot of search engine results showing a malicious source of…
AI, Cybersecurity, Global Security News, Network Security
Cisco Live 2026 Preview: AI, Security, and Partner Changes
Ahead of its annual North American conference in Las Vegas, Cisco has spent the last few months rolling out a steady stream of AI-focused announcements touching nearly every corner of its business, from networking and cybersecurity to certifications and channel programs. Recent earnings report shows record revenue due to AI infrastructure demand The company’s latest…
AI, Global Security News, malware
Iran’s Nimbus Manticore Used Trojanized Zoom Installers Against US Firms
Iran’s Nimbus Manticore hackers used trojanized Zoom installers to deploy malware against US firms during a wider IRGC linked cyber campaign.
AI, Global Security News
A new identity class: Why AI agents require runtime control
Because AI agents are neither human nor traditional machines, they must be treated as a third class of identity.
AI, Europe, Global Security News, malware
Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users
Latin America and Europe become the target of two banking trojan campaigns that are designed to infect Windows and Android devices with Grandoreiro and BTMOB malware, respectively. That’s according to new findings from WatchGuard and ESET, which have observed the two malware families being used to single out companies in Spain, Portugal, and Mexico, as…
AI, Global Security News
PwC: SAP AI Strategy Shifts Toward Enterprise Execution
SAP’s latest AI announcements at Sapphire are landing as enterprise customers move beyond experimentation and begin demanding measurable returns, stronger governance, and scalable operational outcomes from AI investments. Patrick Pugh, global and U.S. alliances leader at PwC, told Channel Insider that the event reflected a broader shift in the SAP market: enterprises are increasingly embedding…
AI, china, Global Security News
China Wants Its Companies to Embrace AI—Without Firing Workers
As a backlash against AI builds in the U.S. and elsewhere, China is acting to stave off social and economic disruption.
AI, Cybersecurity, Global Security News
Malicious npm Package Stole Files From Claude AI User Directory via GitHub
Cybersecurity researchers have discovered a new malicious package on the npm registry that comes with information stealing capabilities. According to OX Security, the package, named “mouse5212-super-formatter,” is designed to upload files from “/mnt/user-data,” a dedicated directory used by Anthropic’s Claude artificial intelligence (AI) tool to handle uploads and outputs in the background. The
AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
7 Best Vulnerability Scanning Tools & Software in 2026
This guide is for IT leaders, security teams, and vulnerability management professionals looking to strengthen risk detection and remediation efforts in 2026. It covers the best vulnerability scanning tools and the key capabilities organizations should evaluate to improve visibility across networks, endpoints, cloud environments, and web applications. Key points about vulnerability scanning tools in 2026…
AI, Global Security News
Mass database extortion causes significant damage despite low payment rates
The Ransomnews Research Team’s five-year study, spanning from May 2021 to May 2026, analyzed over 65,000 exposed databases, finding that 46.3% contained ransom or wipe notes.
AI, Global Security News
California amendment would exempt Linux from age verification law
The Linux community had raised concerns that the open-source nature of the software, lacking commercial ownership and centralized account infrastructure, would make enforcing such a policy difficult.
AI, APAC, Apps, Cloud Security, Compliance, Cybersecurity, Data Breaches, Data Security, Global Security News, malware, Network Security, Risk Management
Top 7 Cloud Security Posture Management (CSPM) Tools in 2026
This guide is for IT leaders, cloud security teams, and compliance professionals looking to strengthen cloud security posture and reduce configuration risks in 2026. It covers the top cloud security posture management (CSPM) tools and the key capabilities organizations should evaluate to improve visibility, automate remediation, and enforce compliance across cloud environments. Key Takeaways of…
AI, Global Security News
Hackers are knocking on office doors pretending to be IT staff
The Silent Ransom Group (SRG) is targeting law firms using social engineering techniques and an unusual tactic for cybercriminals: showing up at victims’ offices in person while posing as IT staff, the FBI warns. The group, also known as Luna Moth, Chatty Spider, and UNC3753, has been active since at least 2022 and has targeted…
AI, APAC, Apps, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security, Risk Management
FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework
A single malformed character in a web request can let an unauthenticated attacker slip past the access controls that guard applications built on Starlette, the open-source Python framework that powers FastAPI, researchers said. The flaw, tracked as CVE-2026-48710 could allow attackers to bypass host-validation protections using malformed Host headers, according to an advisory from cybersecurity…
AI, Cloud Security, Cybersecurity, Exploits, Global Security News
Google AI Threat Defense targets attackers using AI to find flaws faster
Google Cloud introduced AI Threat Defense, an automated cybersecurity platform that combines several of the company’s security assets to find, prioritize, and patch software vulnerabilities at machine speed. The product is aimed at enterprises contending with attackers who use AI to discover and exploit flaws in hours or days, compressing windows that once stretched into…
AI, Data Breaches, Global Security News
Can you enforce strong Active Directory password rules without frustrating users?
Strong Active Directory passwords don’t have to come at the expense of usability. Specops Software explains how passphrases, breached password protection, and self-service resets can improve security without frustrating users. […]
AI, Europe, Global Security News, Network Security, Risk Management
ExtraHop, Ignition Bring Agentic SOC Push to North America
ExtraHop, a modern network detection and response (NDR) provider, has expanded its partnership with Ignition, operating under Exclusive Networks, in North America. Providing the ‘definitive’ intelligence layer for SOCs According to ExtraHop, the expanded partnership with Exclusive Networks will make its NDR platform “more accessible than ever,” giving organizations real-time network traffic insights to strengthen…
AI, Data Breaches, Endpoint, Global Security News, malware
The LA Metro Attack Wasn’t Hacktivism. It Was a State Operation With a Costume On.
Iran’s “hacktivist” group Ababil of Minab, which hit LA Metro and wiped terabytes of data, is forensically linked to Iran’s intelligence service MOIS. In late March, a group calling itself Ababil of Minab posted videos and screenshots online claiming it had broken into the Los Angeles County Metropolitan Transportation Authority, wiped hundreds of terabytes of…
AI, Exploits, Global Security News
Cogent targets exploit-to-remediation gap with new AI-powered security capabilities
Cogent has launched two new platform capabilities designed to reduce the time between vulnerability disclosure and confirmed remediation. Zero Day Response identifies exposure within minutes of public disclosure, without waiting for scanner signatures. Autonomous Remediation determines the right fix, assesses business impact before execution, and confirms that the vulnerability has been resolved. The releases arrive…
AI, Global Security News, malware, Network Security, Russia
CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain
CrowdStrike has dismantled the Glassworm botnet in an operation aided by Google and Shadowserver, stripping the operators’ access to infrastructure that helped threat actors infect hundreds of pieces of open-source software with malware since early 2025, the company said Tuesday. The coordinated effort involved the simultaneous takedown of four attacker-controlled servers that were designed to…
AI, Global Security News, Network Security
Glassworm botnet disrupted after resilient C2 infrastructure takedown
The Glassworm botnet targeting developers in software supply-chain attacks has been disrupted after researchers took down its resilient command-and-control infrastructure relying on Solana blockchain transactions and the BitTorrent DHT network. […]
AI, Global Security News
Ping Identity advances agentic security with AI governance and trusted access
Ping Identity announced new capabilities that extend the Ping Identity Platform for the agentic enterprise, where AI agents, automation, and developers increasingly shape how access is managed, governed, and secured across organizations. AI agents are changing both sides of the identity equation. They are new actors that need to be discovered, governed, and managed across…
AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
10 of the Best Patch Management Service Providers in 2026
This guide is for IT leaders, security teams, and system administrators looking to streamline vulnerability remediation and automate software updates in 2026. It covers the best patch management service providers and the key features organizations should evaluate to improve endpoint security, reduce operational overhead, and strengthen overall IT resilience. Key Points on Patch Management Solutions…
AI, Apps, Cloud Security, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
6 Under-the-Radar Vendors That Supercharge Breach and Attack Simulation in 2026
This guide is for IT leaders and security teams looking to validate their defenses against real-world cyberattacks in 2026. It covers the top breach and attack simulation (BAS) solutions and the key capabilities organizations should evaluate to strengthen endpoint, cloud, and network security resilience. Key Takeaways of BAS Solutions in 2026 Breach and attack simulation…
AI, Global Security News
eSentire launches new Atlas AI Operatives for autonomous threat detection and response
eSentire has unveiled new preempt, detect, and respond capabilities within the Atlas Platform, a unified agentic AI platform with purpose-built AI Operatives that work together in a continuous security lifecycle. Controlled autonomy SecOps The Atlas Platform delivers purpose-built and adaptive AI operative infrastructure in a continuous closed loop across autonomous AI offensive security, exposure management,…
AI, Apps, Compliance, Data Breaches, Endpoint, Global Security News, Network Security, privacy, Risk Management
6 Best Identity & Access Management (IAM) Software Solutions in 2026
This guide is for IT leaders, security teams, and identity administrators looking to improve access control and secure distributed workforces in 2026. It covers the best identity and access management (IAM) software solutions and the key features organizations should evaluate when choosing the right platform for cloud, SaaS, and remote access security. Key Takeaways of…
AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, privacy, Risk Management
The 6 Best Email Security Software & Solutions in 2026 (Compared and Reviewed)
This guide is for IT leaders, security teams, and business decision-makers looking to strengthen email protection against phishing, malware, and business email compromise attacks. It covers the best email security software solutions in 2026, along with the key features, pricing considerations, and deployment factors to evaluate before choosing a platform. Key Takeaways for Email Security…
AI, Global Security News
Link11 is fully committed to Europe and is opening a Customer Excellence Hub in Lisbon
Frankfurt am Main, Germany, 27th May 2026, CyberNewswire
AI, Global Security News
Iranian threat group targets US aviation sector with AI-assisted ‘MiniFast’ backdoor
Career-themed phishing lures targeted employees of US domestic airlines during Operation Epic Fury.
AI, Global Security News
GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure
CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous disruption of all command-and-control (C2) channels associated with GlassWorm, a persistent software chain campaign targeting software developers through malicious packages and extensions. “Since at least early 2025, GlassWorm operators have systematically targeted software developers, a
AI, Europe, Global Security News, Network Security, privacy
Apple’s iPhone satellite ambition goes beyond rescuing hikers
Apple has spent billions of dollars to develop satellite connectivity for iPhone; I very much doubt it did so solely to rescue stranded hikers. The company will most certainly have had a bigger prize in its sights when it first began working with GlobalStar (now owned by Amazon). The most logical reason to invest in satellite…
AI, Global Security News, malware, Network Security, Risk Management, Russia
How cybersecurity firms took down Glassworm botnet in one shot
Glassworm infected developers through poisoned tools and packages until a coordinated takedown killed all four of its C2 channels at once. On May 26, 2026, at 14:00 UTC, CrowdStrike Counter Adversary Operations team, working with Google and the Shadowserver Foundation, killed all four command-and-control channels of the Glassworm botnet at the same time. The timing…
AI, Global Security News
5 Steps to Managing Shadow AI Tools Without Slowing Down Employees
When an employee installs an AI writing assistant, connects a coding copilot to their IDE, or starts summarizing meetings with a new browser tool, they are doing exactly what a productive employee should do: finding faster ways to work. Across most organizations today, employees are running three to five AI tools on any given day.…
AI, Global Security News
Thousands of Fake FIFA Domains Target World Cup Fans
Group-IB uncovered Ghost Stadium phishing and 4300 fake FIFA World Cup domains targeting fans
AI, Compliance, Cybersecurity, Global Security News, malware, Risk Management
Inside ANY.RUN’s 10-Year Evolution: An Interview with CEO Aleksey Lapshin
What happens when a malware analyst decides to build a product he always wished he had? The case of ANY.RUN tells us that ten years later it may turn into an industry-standard solution, adopted by 74 Fortune 100 companies. Celebrating a decade of ANY.RUN, CEO Aleksey Lapshin shared his perspective on the evolution of the company,…
AI, Cybersecurity, Global Security News
Gitea Vulnerability Exposes Private Container Images without Authentication
Cybersecurity researchers have disclosed a security flaw in Gitea, an open-source, self-hosted platform for version control, that allows unauthenticated remote attackers to pull private container images from Gitea deployments without requiring an account, password, or other credentials. The vulnerability, tracked as CVE-2026-27771 (CVSS score: N/A), affects all versions of Gitea prior to 1.26.2
AI, Cybersecurity, Exploits, Global Security News
CISA gives feds 4 days to patch actively exploited cPanel plugin flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. federal agencies four days to secure their servers against a critical vulnerability in the LiteSpeed cPanel user-end plugin, which is actively being exploited in attacks. […]
AI, Global Security News
Total Android recall: Never lose an important notification again
Google’s shiny new Android 17 update may be on the brink of making its way out into world, but one of the most consequential Android notification upgrades I’ve seen in ages is actually available for anyone, on any device, this instant. It’s one of those things you don’t even realize is missing — and awkwardly…
AI, Global Security News
68% of UK Firms Plan to Increase Cyber Spending as AI Risks Rise
UK firms plan higher cyber spending as AI adoption raises security concerns
AI, APAC, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management
The NSA, ‘Mythos’ and the quiet emergence of AI cyber doctrine
For most of my career running security operations, the shape of cyber conflict has been defined by who could move faster than the other side. Faster at identifying a vulnerability, faster at patching, faster at detecting, faster at responding. The last few months have made me reevaluate that framing. Speed still matters. It just no…
AI, Cybersecurity, Global Security News, Network Security
DXC, WWT on Dell’s Partner Program & Enterprise AI Growth
At Dell Technologies World 2026, much of the conference focused on partner program enhancements the organization recently made. For partners like DXC and World Wide Technologies (WWT), these enhancements provide even greater opportunities to provide strong customer outcomes. They reinforce what both DXC and WWT already know: Dell’s Partner Program is a major reason their…
AI, Europe, Global Security News, Government & Policy, privacy, Risk Management
Dutch Government just said no to an American firm buying the keys to their digital State
The Dutch government blocked Kyndryl’s €100M bid for Solvinity, citing national security concerns over critical digital infrastructure. Dutch Government told Kyndryl it can’t buy Solvinity. That sentence doesn’t sound dramatic, but what it means is this: a European government just blocked an American IT company from acquiring the firm that runs DigiD, the platform Dutch…
AI, Global Security News
PureLogs Variant Steals Data via Purchase Order Lures
FortiGuard Labs detailed a PureLogs campaign using JavaScript, PowerShell and process hollowing
AI, Global Security News
AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites
Microsoft has warned of an active cryptojacking campaign that makes use of artificial intelligence (AI) chatbot interactions as a mechanism for surfacing malicious download sites. “This emerging delivery technique extends social engineering beyond conventional search results and increases the visibility of malicious software recommendations,” Microsoft Defender Experts and the Microsoft
AI, Apps, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
Microsoft SharePoint Has a New RCE Flaw. If You Haven’t Patched Yet, Go Do That.
A critical vulnerability, tracked as CVE-2026-45659, in Microsoft SharePoint can allow attackers to achieve remote code execution with little effort. Microsoft released security updates to patch a high-severity SharePoint vulnerability, tracked as CVE-2026-45659 (CVSS score of 8.8), that could allow remote code execution. The flaw does not require complex conditions for exploitation, making it a…
AI, Apps, Global Security News
Jetico expands BestCrypt Data Shelter with zero-trust file access controls
Jetico has announced the extension of BestCrypt Data Shelter to include centrally managed enterprise data access control for sensitive files. The solution allows security teams to define and enforce policies governing which applications, processes and users can access protected files. This default-deny model aligns with zero-trust security principles. “Organizations have made significant progress in encrypting…
AI, Apps, Cloud Security, Compliance, Cybersecurity, Data Breaches, Data Security, Global Security News, Network Security, privacy, Risk Management
DSPM buyer’s guide: Top 10 data security posture management tools
Data security posture management (DSPM) explained Data security posture management (DSPM) tools help security teams examine their entire data environment to find shadow data, reducing the risk of data loss. Tracking down sensitive data across both cloud and on-premises systems can be vexing. Each environment presents its own challenges. Given the dynamic and ephemeral nature…
AI, Funding, Global Security News
The big winner in Elon Musk’s suit against OpenAI and Microsoft — hypocrisy
If ever there were a lawsuit in which a jury and judge should have ruled against both the accuser and the defendants, Elon Musk’s suit against OpenAI and Microsoft was it. The high-profile legal battle pitted the world’s richest man against a company worth more than $3 trillion, another that might soon launch a $1…
AI, Global Security News
The AI tech job slaughter gets real
Tech companies seem to be falling over each other these days in firing people to either replace them with AI or to pay to build AI infrastructure. Wouldn’t it be nice if they at least waited until AI actually worked for business? On the one hand, top tech businesses such as Amazon, Block, Cisco, Cloudflare,…
AI, Apps, Global Security News
AppOmni’s Marlin AI automates SaaS threat analysis, triage, and remediation at scale
AppOmni has launched Marlin AI to transform how enterprise organizations defend complex SaaS applications. Marlin AI delivers autonomous AI-powered SaaS security that leverages AppOmni’s deep SaaS application observability. It actively correlates SaaS security indicators, performs deep investigations, and guides security teams to immediate solutions. By reducing the massive hours wasted on investigating threats, alerts and…
AI, Exploits, Global Security News
Novee’s Agentic Fix turns validated exploits into fixes through AI coding agents
Novee has announced Agentic Fix, an enhancement to its AI penetration testing platform that helps teams move from validating security findings to deploying fixes in a single step. Agentic Fix extends Novee’s platform by generating remediation guidance from the same exploit context used to uncover an issue, then routing that guidance to the AI coding…
AI, Global Security News
Coinflow CISO on crypto payments security under AI pressure
Crypto payment firms sit near the top of the target list for advanced persistent threat groups, and the workload on their security leaders keeps growing. Malcolm Portelli, CISO at Coinflow, runs the company’s security program from Malta. Coinflow is headquartered in the United States and operates across multiple jurisdictions. Portelli sat down for this interview…
AI, Endpoint, Global Security News
Vigolium: Open-source vulnerability scanner
Vigolium, an open-source vulnerability scanner that combines deterministic scanning with AI-driven auditing, launched its initial open-source release this month. The project ships 235+ scanner modules and an in-process agent runtime called olium that handles autonomous endpoint discovery, attack planning, and finding triage. The tool exposes two scanning paths. vigolium scan runs a multi-phase deterministic pipeline…
AI, Global Security News
The alert economy is driving security analyst burnout
In this Help Net Security video, Ido Livneh, CEO of Jazz, explains why security analysts burn out and what leaders can do about it. The cause, he argues, is not long hours but meaningless work. Analysts spend their days closing repetitive tickets while the institutional knowledge of senior staff walks out the door when they…
AI, Europe, Global Security News, Risk Management
European AI adoption hits 99% with regulated data driving most policy violations
Generative AI tools operate inside nearly every European workplace, embedded in meeting transcription services, writing assistants, coding copilots, and search features. Workers in the region pull these tools into daily routines that involve customer records, financial information, and proprietary code, and that volume of activity has produced a measurable pattern in where data exposure occurs.…
AI, Endpoint, Global Security News, malware, Network Security, Risk Management
Microsoft previews automatic device isolation in Defender for Endpoint
Microsoft is previewing a new automatic device isolation capability in Defender for Endpoint’s auto attack disruption tool to help security pros contain cyber attacks in progress on their IT networks. The company announced the capability earlier this month in a column about new features in Defender. There’s no word on when automatic device isolation will…