Commvault, a data protection and cyber resilience organization, has made recommendations to help organizations stay resilient in the age of frontier AI. Frontier models create new security risks while helping address them As frontier models, hosted in the cloud, excel at identifying vulnerabilities at speed and compressing exploitation timelines, they also present exploitable threats to…
Category: Network Security
AI, Apps, Europe, Exploits, Global Security News, malware, Network Security, Russia
AI tools becoming hot commodities on ransomware marketplaces
Sales of AI-based tools is accelerating within underground ransomware marketplaces, lowering the barrier to entry for new actors in the process. An analysis of Telegram channels, 20 dark web forums, and five underground markets by anti-ransomware platform vendor Halcyon found that AI utility posts grew to 1,486 in February 2026, up from just 38 in…
AI, Cybersecurity, Europe, Global Security News, Network Security
Photos: Infosecurity Europe 2026
Infosecurity Europe 2026 is a cybersecurity event that took place from June 2 to 4 in London. Help Net Security was on-site and here’s a closer look at the conference. The featured vendors are: Microsoft, JupiterOne, Menlo Security, Cato Networks, Falkin, Vivida, Pen Test Partners, Netskope, Qualys, Syteca, runZero, Vanta, OneTrust, Panaseer, Airia. The post…
AI, Europe, Global Security News, Network Security
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure to create a covert SMTP email relay network. “Compromised business servers across the U.S., Europe, and Asia were quietly converted into SMTP proxies, verified for mail relay capability, and synced to a downstream consumer…
AI, Global Security News, Network Security, Risk Management
New infosec products of the week: June 5, 2026
Here’s a look at the most interesting products from the past week, featuring releases from Asimily, depthfirst, Diligent, Hyland, MazeBolt, and Noma. Asimily turns device risk into automated network policy Asimily has launched Segmentation Orchestration, enabling connected-device risk intelligence to flow directly into enforceable network policy without manual translation. No other platform combines full asset…
AI, Global Security News, Network Security
Microsoft makes Linux developers feel more at home in Windows with Coreutils release
Microsoft has announced Coreutils, a new Windows 11 feature that allows developers to run many popular Linux command line utilities natively on Windows from a single binary. Revealed at this week’s Build 2026 developer conference in Seattle, Coreutils is about reducing what Microsoft terms the “cognitive load” faced by developers when moving between Windows and…
AI, Cybersecurity, Exploits, Global Security News, Network Security, privacy
Deepfakes, AI Scams, and the Future of Social Media Safety
The rapid advancement of generative artificial intelligence (AI) has intensified challenges related to deepfakes, impersonation scams, and manipulated content across social media platforms. As synthetic media becomes easier to create and harder to detect, companies are being forced to adopt more sophisticated trust and safety strategies. In an email interview with eSecurityPlanet, Alexandra Ryabova, COO…
AI, Global Security News, Network Security
Video: What Partners Need to Know About Cisco Cloud Control
Cisco has launched Cisco Cloud Control, a new platform designed to manage networking, security, observability, compute, and collaboration from a single interface. But the bigger story is Cisco’s vision for AgenticOps—an operating model where AI agents help investigate issues, correlate data, recommend actions, and eventually automate IT operations. In this video, we break down what…
AI, Apps, Compliance, Global Security News, Network Security
Gain visibility into DDoS attacks with flow logs in AWS Shield Advanced
Reconstructing distributed denial of service (DDoS) attack traffic used to mean combining data from multiple sources after the fact. AWS Shield Advanced attack flow logs change that—they capture traffic metadata during attacks so you can pinpoint sources, verify mitigations, and feed your existing analysis pipelines. Shield publishes logs to Amazon Simple Storage Service (Amazon S3),…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, Network Security
Your AI agent could become your biggest insider threat
Government agencies, cybersecurity companies and threat researchers are pouring resources into studying how fast-developing AI tools can be wielded by malicious actors to hack into victim organizations. But as agentic AI becomes more embedded in business infrastructure, there’s also a high possibility that a breach could be caused by an insider guiding the tool, whether…
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Mirasvit Full Page Cache Warmer flaw, tracked as CVE-2026-45247 (CVSS ver 4.0 score of 9.3), to its Known Exploited Vulnerabilities (KEV) catalog. The CVE-2026-45247 flaw is a…
Exploits, Global Security News, Network Security
Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root. It is tracked as CVE-2026-20230, and proof-of-concept exploit code is already public. Cisco’s PSIRT says it has not seen the flaw used in attacks yet. The PoC…
AI, APAC, Endpoint, Exploits, Global Security News, Network Security
HTTP/2’s speed abused to slow webserver performance in DoS attack
Security researchers are warning of an issue with the default HTTP/2 configuration used by major web servers which reportedly survived more than a decade of human review before showing up in Codex-assisted analysis. A flaw in the handling of the HTTP/2 protocol made a denial-of-service (DoS) attack possible on web servers including nginx, Apache HTTP…
AI, APAC, Apps, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
Inside the race to adapt to an AI-powered security world
Troy West was in Warsaw when his dinner was interrupted by his phone. But he was happy about it. West, associate director of cybersecurity for autonomous offensive security company XBOW, had just learned that a trial version of the company’s platform had found a vulnerability that led to a full takedown of a development environment…
AI, Apps, Compliance, Global Security News, Network Security, Risk Management
Introducing the Wallarm AI Control Platform: One closed loop for AI security and API security.
TL;DR- AI deployment has outpaced AI governance. Most enterprises running AI on AWS cannot answer four basic security questions about what’s running, what it’s doing,how to stop it, and how to prove it’s under control.- The Wallarm AI Control Platform closes this gap: one platform for Discover, Observe,Enforce, and Govern — running natively in your…
AI, Exploits, Global Security News, Network Security, Risk Management
Critical Cisco Unified CM Bug Patched as Public Exploit Code Emerges
Cisco patched a critical Unified CM flaw with public PoC code that allows unauthenticated attackers to launch SSRF attacks remotely. Cisco has addressed a high-severity vulnerability, tracked as CVE-2026-20230, affecting Unified CM and Unified CM SME. The flaw, caused by improper validation of certain HTTP requests, allows a remote attacker without authentication to perform server-side…
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
Barracuda Finds Malicious Microsoft 365 Logins Are Blending In
Organizations that rely heavily on failed login attempts to detect account compromise may be missing a growing threat. According to recent data from Barracuda, attackers are increasingly using legitimate credentials and trusted-looking infrastructure to successfully access Microsoft 365 environments while blending into normal user activity. “Attackers know many security teams are looking for the obvious…
AI, Apps, Cloud Security, Compliance, Endpoint, Global Security News, Network Security, privacy, Risk Management
Why Local AI Agents Are Creating a New Governance Blind Spot
Artificial intelligence (AI) governance efforts have largely focused on cloud-based tools such as ChatGPT, Microsoft Copilot, and other software-as-a-service (SaaS) platforms. According to Josh McCarthy, Chief Product Officer at Arms Cyber, organizations may be overlooking a much larger risk: autonomous AI agents running locally on employee endpoints. As AI capabilities increasingly move from cloud environments…
AI, Apps, Exploits, Global Security News, malware, Network Security, privacy, Risk Management
Hugging Face Transformers RCE flaw enables stealthy compromise via AI model configs
A high severity vulnerability in Hugging Face Transformers enables attackers to compromise systems that use the popular Python library to test and run AI models. The flaw impacts library versions that continue to be actively downloaded and comes at a time when attackers are increasingly targeting the AI supply chain, including through malicious models hosted…
AI, Cybersecurity, Global Security News, Network Security
FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell. According to Palo Alto Networks Unit 42, the campaign is said to be the next stage of a previously reported activity cluster dubbed JSCoreRunner (aka FileRipple) in late August 2025. The cybercrime group behind the…
AI, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security, Russia
Gamaredon Uses WinRAR Vulnerability to Launch Modular Spy Campaign on Ukrainian Targets
Gamaredon exploits a WinRAR flaw to drop modular, nearly fileless malware on Ukrainian targets, hiding payloads in Windows streams and resolving C2s via Telegram. Sekoia’s Threat Detection & Research team dropped a YARA rule in late December 2025 to hunt for new initial access vectors, and by January 2026 it had already generated a dozen…
AI, Global Security News, Network Security
Hyland Announces New Partner Program
Hyland, a provider of enterprise content management (ECM) solutions, is launching the Hyland Global Partner Network. This partner program is a reimagined program designed to help partners confidently build the next generation of the agentic enterprise, underpinned by Hyland’s content intelligence, industry-specific AI, and enterprise-grade governance. Why Hyland is unifying its partner base under new…
AI, Cybersecurity, Global Security News, Network Security
ChannelCon 2026 Agenda Centers on Practical Strategies for ITSPs
The Global Technology Industry Association (GTIA) has announced the agenda for ChannelCon 2026, with programming focused on AI, cybersecurity, sales, leadership, workforce transformation, and partner ecosystem growth. The event, themed “The Channel Effect,” will take place Aug. 3-5 at the Marriott Marquis San Diego Marina. Registration is open and free for GTIA members. GTIA said…
AI, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management
29 Arrests, Nine Crime Groups Dismantled: Another Blow to Illegal Streaming
International Operation KRATOS led by Europol dismantled illegal streaming networks, leading to 29 arrests and nine crime groups taken down. An international law enforcement operation, codenamed Operation KRATOS and involving 13 countries (Belgium, Bulgaria, Croatia, France, Greece, Ireland, Italy, the Netherlands, Poland, Romania, Spain, the UK, and the US), spent seven months quietly dismantling the…
AI, Global Security News, Network Security
Product showcase: Trend Micro Mobile Security detects scams in messages, QR codes, and websites
Trend Micro Mobile Security for iOS protects devices from potentially harmful websites while browsing, blocks ads and personal information trackers, helps users avoid unsafe Wi-Fi networks, and monitors data usage. The app is available for both iOS and Android devices. Getting Started After installing the app from the App Store, I created an account to…
AI, Global Security News, Network Security
Enterprise Spotlight: Rethinking cloud strategy in the age of AI
Cloud computing has reached a crossroads. The high cost and data sensitivity of AI workloads are raising the appeal of private clouds, even as neoclouds and sovereign clouds shake up the cloud provider landscape. New cyberthreats, shifting compute requirements, and management complexity are adding to cloud complications. Download the June 2026 issue of the Enterprise…
AI, Cybersecurity, Global Security News, Network Security
Smashing Security podcast #470: This AI security flaw might be impossible to fix
A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels. They weren’t. And when a journalist tried to warn the company, it was lawyers who responded. Meanwhile, a paper from Cornell suggests that prompt injection – the…
AI, Europe, Global Security News, Network Security
European authorities crack down on illegal streaming networks
Authorities in Europe arrested 29 alleged cybercriminals and took down more than 27,000 illegal streaming URLs that pirated major sporting events, films and TV programming, Europol said Wednesday. The continent-wide collaboration, led by Bulgaria and the European Union’s police agency, allowed authorities to dismantle nine organized crime groups supporting the illicit streaming networks, officials said.…
AI, Global Security News, Network Security
Anthropic Gives Claude Partners New Hub, Services Tiers
Anthropic announced two major additions to its Claude Partner Network on Wednesday: a tiered Services Track and a new Claude Partner Hub, both designed to help enterprises identify qualified partners to deploy and manage Claude-powered AI systems. The move builds on the Claude Partner Network, launched in March, which Anthropic backed with a $100 million…
AI, Cybersecurity, Funding, Global Security News, Government & Policy, Network Security
DHS Secretary Markwayne Mullin pinpoints optimal CISA staffing levels
Department of Homeland Security Secretary Markwayne Mullin told Congress Wednesday that the Cybersecurity and Infrastructure Security Agency would ideally have 2,800 personnel, up from approximately 2,200 now and down from 3,400 before the second Trump administration began. President Donald Trump has pushed to dramatically reduce personnel numbers at the agency, something that has drawn criticism…
AI, Endpoint, Global Security News, Network Security
Cyber espionage campaign targeted stock exchange executive’s Outlook account
Attackers spent five months silently stealing emails from a stock exchange executive’s Outlook account in a suspected espionage operation. A threat actor quietly sat inside a senior executive’s Outlook account at a major global stock exchange for roughly 150 days, from October 2025 to March 2026. Broadcom’s Symantec and Carbon Black threat-hunting team investigated the…
AI, Compliance, Global Security News, Network Security, Risk Management
SEON Launches AI Fraud Tools with New MCP Server
Fraud prevention startup SEON has launched its new MCP server, along with two new platform capabilities, Network Detection and AI Chart Builder, further connecting its existing automation and business intelligence features. Alongside these features, the company has introduced an AI Playbook for Risk and Compliance Teams, providing customers with a practical starting point to quickly…
AI, Apps, Cloud Security, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Cloud Security Alliance Report Highlights Growing Patch Gap Risks
Despite years of investment in vulnerability scanning and shift-left security practices, known vulnerabilities continue to drive production security incidents, according to the Cloud Security Alliance’s 2026 State of Modern Application & AI Security Report. As AI accelerates both vulnerability discovery and exploit development, organizations are facing increasing pressure to reduce exposure windows before attackers can…
AI, Exploits, Global Security News, Government & Policy, malware, Network Security, Russia
Russia’s FSB Says Foreign Spies Infected Officials’ Phones With Malware
Russia’s FSB claims foreign intelligence planted malware on senior officials’ phones to intercept calls and activate cameras. No technical evidence, no country named. On June 2, 2026, Russia’s Federal Security Service (FSB) published a statement claiming it had uncovered and documented a large-scale foreign intelligence operation targeting the mobile devices of senior Russian officials. The…
AI, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, Risk Management
Trump Signs Executive Order Creating Voluntary AI Security Review Framework
President Trump has introduced a new executive order aimed at strengthening oversight of advanced AI models without imposing new regulations on tech companies. The order establishes a voluntary framework that allows developers of powerful AI models to share systems with the federal government for security reviews before public release. “The United States continues to lead…
AI, Exploits, Global Security News, Network Security
Autonomous AI-driven worm can reason its way through corporate networks
Researchers at the University of Toronto, the Vector Institute, and the University of Cambridge have built and tested a proof-of-concept AI-driven worm that does not operate on a fixed list of exploits. Instead, it analyzes each target it encounters, reasons about how to attack it, and creates a strategy on the fly, all with the…
AI, Compliance, Exploits, Global Security News, Network Security, Risk Management
Microsoft wants to put AI agents on a short leash
As enterprises race to adopt AI agents across software development workflows, Microsoft is rolling out new controls aimed at keeping the transformation from becoming a security headache. At its annual developer conference, Microsoft Build, the company unveiled a set of initiatives, including a brand new runtime containment offering, Microsoft Execution Container (MXC), for agentic AI…
AI, Compliance, Exploits, Global Security News, Network Security, Risk Management
Microsoft wants to put AI agents on a short leash
As enterprises race to adopt AI agents across software development workflows, Microsoft is rolling out new controls aimed at keeping the transformation from becoming a security headache. At its annual developer conference, Microsoft Build, the company unveiled a set of initiatives, including a brand new runtime containment offering, Microsoft Execution Container (MXC), for agentic AI…
AI, Compliance, Exploits, Global Security News, Network Security, Risk Management
Microsoft wants to put AI agents on a short leash
As enterprises race to adopt AI agents across software development workflows, Microsoft is rolling out new controls aimed at keeping the transformation from becoming a security headache. At its annual developer conference, Microsoft Build, the company unveiled a set of initiatives, including a brand new runtime containment offering, Microsoft Execution Container (MXC), for agentic AI…
AI, Data Breaches, Exploits, Global Security News, Network Security
Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore
Assume the breach. Zero-days keep shipping, AI is writing exploits faster than anyone patches, and “patch everything in time” stopped working years ago. Stop betting the org on winning that race. You don’t control which bug lands. You control what it can reach once it does. That is a question about the shape of your…
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds Android and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2022-0492 (CVSS score of 7.0) Linux Kernel Improper Authentication…
AI, Compliance, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management
Release Notes: Decision-Ready SOC Reporting, Elastic Security Integration, and 1400+ Threat Coverage Updates
Security leaders are under growing pressure to reduce the time between threat detection and response without adding more complexity to already overloaded SOC workflows. ANY.RUN’s May updates help teams act on security risks more efficiently, improve consistency across investigations, and maintain stronger protection as attacker tactics continue to evolve. Discover the updates your team can…
AI, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Lessons from the Canvas cyberattack
Canvas cyberattack: Who, what, when, how? What and when? Over May 6 and 7, 2026, Canvas learning management system (LMS) users were served up a defaced web page in place of the expected login page. The altered web page displayed a warning by the ShinyHunters criminal hacker and extortion group advising of the Instructure compromise.…
AI, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Lessons from the Canvas cyberattack
Canvas cyberattack: Who, what, when, how? What and when? Over May 6 and 7, 2026, Canvas learning management system (LMS) users were served up a defaced web page in place of the expected login page. The altered web page displayed a warning by the ShinyHunters criminal hacker and extortion group advising of the Instructure compromise.…
AI, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Lessons from the Canvas cyberattack
Canvas cyberattack: Who, what, when, how? What and when? Over May 6 and 7, 2026, Canvas learning management system (LMS) users were served up a defaced web page in place of the expected login page. The altered web page displayed a warning by the ShinyHunters criminal hacker and extortion group advising of the Instructure compromise.…
AI, Global Security News, Network Security
Enterprise Spotlight: Rethinking cloud strategy in the age of AI
Cloud computing has reached a crossroads. The high cost and data sensitivity of AI workloads are raising the appeal of private clouds, even as neoclouds and sovereign clouds shake up the cloud provider landscape. New cyberthreats, shifting compute requirements, and management complexity are adding to cloud complications. Download the June 2026 issue of the Enterprise…
AI, Apps, Exploits, Global Security News, Network Security, Risk Management
Why an HP Poly VoIP Phones Bug Could Become an Enterprise Foothold
Rapid7 details a critical unauthenticated overflow in HP Poly VoIP phones that can lead to root RCE, with patches available for affected models. Rapid7’s latest disclosure on CVE-2026-0826 should get serious attention from anyone running HP Poly VoIP phones in an enterprise setting. It’s a critical unauthenticated stack-based buffer overflow that can give a remote…
AI, Compliance, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management
Anthropic grants Project Glasswing access to 150 more companies, with a focus on critical infrastructure
Anthropic on Tuesday announced that it was adding 150 more companies to its Project Glasswing AI-based vulnerability hunting initiative, with a particular focus on critical infrastructure companies including those involved in “power, water, healthcare, communications and hardware.” Analysts and security vendors agreed that the move is a positive step, noting that the more companies involved…
AI, Endpoint, Exploits, Global Security News, Network Security
HP Poly VoIP vulnerability sets the stage for executive voice deepfakes
HP has released patches for a critical buffer overflow vulnerability in multiple IP-enabled conference phones from its Poly Voice line. The flaw allows unauthenticated attackers to obtain root privileges on the underlying operating system, potentially enabling them to execute other attacks such as eavesdropping on conversations and recording voice data for AI-enabled impersonation attacks. The…
AI, Apps, Compliance, Global Security News, Network Security, Risk Management
Identify unused AWS KMS keys and prevent accidental key deletions
As you scale your use of Amazon Web Services (AWS), managing KMS keys becomes increasingly important. Whether you manage a handful of keys or thousands across multiple AWS accounts and AWS Regions, there’s often a need to audit key usage to help you meet compliance requirements, evaluate your risk posture, and optimize key management costs.…
AI, china, Cybersecurity, Funding, Global Security News, Government & Policy, Network Security, Risk Management
Trump revives parts of canceled AI order with cybersecurity-focused directive
US President Donald Trump signed an executive order aimed at strengthening cybersecurity defenses and establishing a voluntary framework for cooperation between the federal government and developers of advanced artificial intelligence models, reviving portions of a broader AI initiative that he abruptly shelved less than two weeks ago. The order, “Promoting Advanced Artificial Intelligence Innovation and…
Cybersecurity, Exploits, Global Security News, Network Security
Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw impacting Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. The vulnerability, CVE-2024-21182 (CVSS score: 7.5), allows an unauthenticated attacker with network access to take control of susceptible servers. It was
AI, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Claude Code GitHub Actions Flaw Created Supply Chain Attack Risk
Organizations using Claude Code GitHub Actions should review their CI/CD environments after a researcher found vulnerabilities that could expose repositories to compromise and supply chain attacks. The flaws, which have since been patched, allowed attackers to bypass permission controls and inject untrusted input into trusted workflows. These vulnerabilities allow “… an attacker [to] bypass its…
AI, APAC, china, Global Security News, Government & Policy, Network Security, Politics, Russia
The Pentagon Is Running an AI Propaganda Mill Targeting Latin America
The United States is feeding Pentagon propaganda to internet users in Latin American countries using a new AI-laden content mill, an investigation by The Intercept has found. La Tilde quietly began development early this year and appears to still be a work in progress, pitching itself as a modern media brand for Latin American audiences…
AI, Apps, Compliance, Endpoint, Global Security News, Network Security
Secure multi-tenant AI agents with Amazon Bedrock AgentCore resource-based policies
Software as a service (SaaS) providers building AI-powered applications on Amazon Bedrock AgentCore often need to serve multiple tenants with distinct security requirements from a shared infrastructure. Some tenants require cross-account access from their own Amazon Web Services (AWS) accounts, while others mandate that traffic stay within a private virtual private cloud (VPC) for regulatory…
AI, Apps, Compliance, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Google Patches Android Zero-Day Under Active Exploitation
Google has patched a high-severity Android zero-day vulnerability that attackers have already exploited in the wild. The issue affects multiple Android releases and serves as a reminder that mobile operating systems remain a valuable target for threat actors seeking access to sensitive enterprise and personal data. “There are indications that CVE-2025-48595 may be under limited,…
AI, Global Security News, Network Security
HPE Earnings, Shares Surge on AI and Networking Demand
HPE shares surged after the company reported stronger-than-expected fiscal second-quarter results, powered by booming demand for artificial intelligence infrastructure, networking equipment, and servers. HPE beats Q2 expectations The company reported revenue of $10.7 billion for the quarter ended April 30, a 40% increase from a year earlier and well ahead of Wall Street expectations. Adjusted…
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Palo Alto Networks PAN-OS flaw, tracked as CVE-2024-21182 (CVSS score of 7.5), to its Known Exploited Vulnerabilities (KEV) catalog. The CVE-2024-21182 flaw is an easily exploitable vulnerability affecting Oracle WebLogic…
AI, Apps, Cloud Security, Cybersecurity, Endpoint, Global Security News, Network Security, Risk Management, Venture
Four questions to answer if a security product will survive in the AI-first world
AI is changing the world faster than anyone could have predicted. This isn’t because it is taking over jobs (this would be too simplistic), but because it is slowly taking over a growing number of tasks that used to be done by humans. Security is not in any way immune to these changes, and I…
AI, APAC, Cloud Security, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security
Anthropic expanding access to Project Glasswing
Anthropic is broadening access to its Project Glasswing program, adding approximately 150 organizations in 15 countries, the company announced Tuesday, as its restricted Claude Mythos Preview model has already surfaced more than 10,000 high- or critical-severity software vulnerabilities since the program launched in early April. The expansion follows an initial cohort of roughly 50 partners…
AI, Global Security News, Network Security
Quantum Resilience Needs a Common Language. Here’s Where to Start.
Navigate the transition to quantum-safe security with Cisco’s Quantum Resilience Framework. We provide a clear path to protecting your network and data against future quantum threats through standardized, multi-layer resilience and clear roadmaps.
AI, Exploits, Global Security News, Network Security
Security at Cisco Live: Going Shields Up for the Agentic Era
In the post-Mythos era, AI makes exploits faster than ever. Cisco builds security right into your network and infrastructure, helping your organization stay resilient even when threats move faster than human response.
AI, Apps, Endpoint, Global Security News, Network Security, Risk Management
Cisco Debuts Cloud Control for Agentic IT Operations
Cisco today unveiled Cisco Cloud Control, a new unified platform built for humans and AI agents to manage, monitor, and defend critical IT infrastructure. This platform is fully extensible, with more than 40 ecosystem tooling connectors, and fully customizable, enabling the creation of custom applications and agents using natural language directly within the platform. Cisco…
AI, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management
Attackers exploit Palo Alto GlobalProtect flaw days after disclosure
A Palo Alto Networks vulnerability that allows attackers to establish unauthorized VPN access into corporate networks is being actively exploited in the wild, weeks after the company disclosed the flaw as a medium-severity issue and said it was unaware of any attacks. However, according to Rapid7, threat actors began exploiting the bug within days of…
AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security
From Fake Purchase Orders to Remote Access: Analyzing the JS.MonoGlyphRAT Threat to US Enterprises
A previously unidentified cyberattack is quietly spreading through US businesses — and most security tools are not catching it. Researchers at ANY.RUN have identified a new backdoor called JS.MonoGlyphRAT, an advanced piece of malware delivered as an ordinary-looking JavaScript file disguised as a purchase order, quote, or business proposal. Once an employee opens the file,…
AI, Global Security News, Network Security
Microsoft Entra pushes passkeys, tightens identity security
Microsoft has released multiple identity and network access capabilities for Entra, its family of identity and network access products that help organizations implement a zero trust security strategy, over the last 30 days. Features reaching general availability Identity and authentication updates Phishing-resistant MFA is now available on Linux desktops through the Microsoft identity broker. The…
AI, APAC, Compliance, Cybersecurity, Europe, Global Security News, Network Security, Risk Management
ENISA NIS360 2026: Progress Across the Board, But the Sectors That Matter Most Are Still Falling Short
ENISA NIS360 2026 shows cybersecurity improving across EU critical sectors, but health, water, rail, and space remain in the risk zone. ENISA has published its third annual NIS360 report, assessing the cybersecurity maturity and criticality of all sectors covered by the NIS2 directive. The headline finding is that things are improving across the board. The…
AI, Apps, Global Security News, malware, Network Security
GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure
Malware on approximately 2,000 WordPress sites hid C2 instructions in Steam profile comments using invisible Unicode. GoDaddy researchers spotted a command-and-control infrastructure for a malware campaign abusing Valve’s Steam gaming platform. The experts discovered malware on approximately 1,980 WordPress sites that fetches its instructions by reading Steam Community profile comments, where the actual payload is…
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
Attackers are exploiting Palo Alto Networks defect that initially flew under the radar
Researchers and threat hunters are scrambling to respond to an actively exploited authentication-bypass vulnerability affecting Palo Alto Networks customers’ firewalls. The company initially tagged CVE-2026-0257 with a medium-severity rating when it disclosed the defect May 13, but quickly reassessed it as critical after Rapid7 observed and confirmed active exploitation in the wild. The Cybersecurity and…
AI, Apps, Data Breaches, Endpoint, Global Security News, malware, Network Security, Risk Management
Fake Claude Code Installers Deliver Credential-Stealing Malware
Developers searching for Claude Code installation instructions could be walking into a sophisticated malware campaign that disguises itself as legitimate AI tooling documentation. Researchers found dozens of fake Claude Code and developer platform sites designed to steal credentials, API keys, and cryptocurrency. “The attack chain runs on the same unchecked trust that makes AI developer…
AI, Apps, Funding, Global Security News, Network Security
Anthropic Moves Toward IPO as OpenAI Competition Heats Up
Anthropic has confidentially filed paperwork with the U.S. Securities and Exchange Commission (SEC) for an initial public offering (IPO), becoming the latest artificial intelligence giant to move toward the public markets and potentially beating rival OpenAI to a public debut. The Claude developer submitted a draft registration statement to the SEC on June 1, a…
AI, Cybersecurity, Exploits, Global Security News, Network Security
Oracle’s first monthly patch release fixes 35 flaws, including 11 rated ‘critical’
Oracle has released the first security fixes in its new monthly Critical Security Patch Update (CSPU) cycle, designed to address urgent vulnerabilities that can’t wait for the company’s quarterly patching. The initial batch addresses 35 flaws, including several for which exploit code is publicly available. In total, there are 11 flaws rated ‘critical’, 18 rated…
AI, Global Security News, Network Security
NetQuest expands NetworkLens to detect threats hidden in network management traffic
NetQuest announced an expansion of its NetworkLens enriched dataset portfolio. The new network telemetry datasets deliver detailed traffic characteristics of network management transactions, giving security teams the granular, AI-ready intelligence needed to detect threats hidden within the protocols used to manage critical network infrastructure. The effectiveness of AI-driven threat detection tools — including agentic security…
AI, Global Security News, Network Security, Risk Management
Cops Are Spying on People Who Criticize AI Data Centers Online
Americans speaking out against artificial intelligence data centers on social media are falling under police surveillance, a confidential law enforcement bulletin obtained by The Intercept reveals. A fusion center in Philadelphia combed through spicy internet comments from AI critics and concluded there is a growing risk of physical violence against data centers from “domestic violent…
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
Windows Netlogon RCE exploited, domain controllers at risk (CVE-2026-41089)
CVE-2026-41089, a critical Windows Netlogon RCE flaw that allows remote code execution, is now actively exploited in the wild, the Centre for Cybersecurity Belgium (CCB) warned on Friday. About CVE-2026-41089 CVE-2026-41089 is a stack-based buffer overflow vulnerability in Windows Netlogon, the service and protocol that handles authentication and security within a Windows domain environment. The…
AI, Europe, Global Security News, Network Security, Russia
Ransomware Operators Keep Business Hours. The Data Proves It
16,699 ransomware leak posts over 2 years show 84% drop Monday–Friday, peak at European afternoon hours. October spikes yearly. Someone analyzed 16,699 ransomware leak-site posts across 200 groups over two years and asked the question most threat intelligence reports dance around: when does this actually happen? The answer is mundane and useful. Ransomware runs on…
AI, Europe, Global Security News, Network Security, Russia
Ransomware Operators Keep Business Hours. The Data Proves It
16,699 ransomware leak posts over 2 years show 84% drop Monday–Friday, peak at European afternoon hours. October spikes yearly. Someone analyzed 16,699 ransomware leak-site posts across 200 groups over two years and asked the question most threat intelligence reports dance around: when does this actually happen? The answer is mundane and useful. Ransomware runs on…
AI, Global Security News, Network Security
PathSolutions brings on-premises AI troubleshooting to NetOps teams
PathSolutions has announced the launch of TotalView AI, a new capability within its TotalView platform that provides AI-driven troubleshooting for NetOps teams using network data analyzed on-premises. As enterprise networks become more distributed and complex, NetOps teams face increasing pressure to resolve issues quickly, often without the benefit of deep domain expertise. At the same…
AI, Exploits, Global Security News, Network Security
Cato cuts vulnerability protection time to 45 minutes with agentic threat research
Cato Networks announced a new capability that reduces time-to-protect for newly disclosed vulnerabilities to 45 minutes. The company attributes this reduction to the use of agentic threat research designed to accelerate protection against emerging exploits. Traditional appliance-based security depends on a slow customer-operated patching cycle: vendors develop protections, customers receive updates, teams test them, and…
AI, Global Security News, Network Security
Webinar tomorrow: From alert to resolution in network incident response
Network incidents are often detected quickly, but investigations and coordination can delay resolution. Join our webinar tomorrow to learn how automation and AI-assisted workflows can help IT teams accelerate incident response. […]
AI, Compliance, Europe, Global Security News, Network Security, Risk Management
IBM unveils tool to track sovereignty risks for cloud workloads
IBM has launched a tool designed to help customers assess cloud-sovereignty risks and meet regulatory compliance requirements. The Sovereignty Risk Profile launch comes as digital sovereignty becomes a higher priority for organizations concerned about where data is stored and processed. According to an IBM survey, 93% of executives believe sovereignty needs to be part of…
AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
Windows 11 Smart App Control explained
In the ever-evolving cybersecurity landscape, Microsoft has introduced various new features in Windows 11 designed to protect users from modern workplace threats. Among such features, Smart App Control (SAC) changes how Windows devices handle, and occasionally block, unwanted or potentially malicious applications. But what exactly is Smart App Control? How does it work, who benefits…
Global Security News, Network Security
Dragos acquires Phosphorus to secure extended operational technology
Dragos has acquired Phosphorus, extending the Dragos Platform to protect billions of connected devices embedded across critical infrastructure and other operational networks. Operational environments have outgrown traditional OT boundaries. Power grids, pipelines, manufacturing facilities, and data centers now depend on an increasingly diverse mix of connected devices and digital systems. Traditional and non-traditional assets alike…
AI, Exploits, Global Security News, Network Security, Risk Management
CIFSwitch, a Linux Root Bug Hidden in Plain Sight for 19 Years
CIFSwitch is a 19-year-old Linux logic bug turning forged CIFS auth keys into root. Affects Mint, CentOS, Rocky, Kali, SLES. CIFSwitch stands apart from typical privilege escalation vulnerabilities because of how it was discovered. Asim Manizada, a security engineer at SpaceX, didn’t find it by auditing source code the old-fashioned way. He built an AI-powered…
Exploits, Global Security News, Network Security
Hackers are exploiting Palo Alto GlobalProtect VPN authentication bypass (CVE-2026-0257)
Authentication bypass vulnerabilities (CVE-2026-0257) in Palo Alto Networks’ firewalls that the company disclosed on May 13 have been targeted in “limited exploit attempts”. “Across multiple customers, Rapid7 observed successful exploitation via authentication probes using forged cookies, but the appliance accepted the cookie without a full VPN session being established in 8 out of 10 impacted…
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Palo Alto Networks PAN-OS flaw, tracked as CVE-2026-0257 (CVSS score of 7.8), to its Known Exploited Vulnerabilities (KEV) catalog. Palo Alto Networks addressed the vulnerability CVE-2026-0257 on May…
Exploits, Global Security News, Network Security
Palo Alto Warns High-Severity Bug Is Being Actively Exploited
A vulnerability in Palo Alto Networks’ PAN-OS software is being exploited in attacks
AI, Data Breaches, Global Security News, Government & Policy, Network Security, privacy, Risk Management
1,000 Data Breaches Later, the Disclosure Lag is Worse Than Ever
Today, I loaded the 1,000th data breach into Have I Been Pwned. Reflecting on that milestone number, I pondered how to mark the occasion in writing, and what immediately came to mind was a very simple question: why is it still needed? Especially considering the emergence of privacy regulations such as GDPR and CCPA in…
AI, Exploits, Global Security News, Network Security, Risk Management
Asimily turns device risk into automated network policy
Asimily has launched Segmentation Orchestration, enabling connected-device risk intelligence to flow directly into enforceable network policy without manual translation. No other platform combines full asset visibility, vulnerability prioritization, and segmentation orchestration in a single system. “AI has exploded the volume and sophistication of network attacks against connected devices, and security teams are discovering that visibility…
AI, Apps, Exploits, Global Security News, Government & Policy, Network Security, privacy, Risk Management
The Pentagon Finally Admits That Location Data Is a Battlefield Problem
The Pentagon confirmed adversaries are using commercial location data to track U.S. troops, exposing risks tied to smartphones and ad-tech networks. For years, security researchers, privacy advocates, and intelligence analysts have been warning about the same thing: smartphone location data isn’t just an advertising product. It’s surveillance infrastructure that anyone with enough money can access.…
AI, Global Security News, malware, Network Security
Unidentified RAT pushes NetSupport RAT, (Mon, Jun 1st)
Introduction This diary provides indicators from an unidentified RAT infection on Wednesday 2026-05-27 that was followed by a malicious NetSupport Manager RAT package. This originated from the SmartApeSG ClickFix campaign. I still don’t know the name of the initial RAT, but it has consistently been generating encoded (not HTTPS/SSL/TLS) traffic to a command and control…
AI, Cybersecurity, Exploits, Global Security News, Network Security
CVE-2026-0257: Rapid7 Caught Attackers Abusing Forged VPN Cookies Against Multiple Customers
CVE-2026-0257 lets attackers forge Palo Alto GlobalProtect auth cookies and bypass VPN login. Exploitation confirmed since May 17. Palo Alto Networks addressed the vulnerability CVE-2026-0257 on May 13. Two weeks later, cybersecurity firm Rapid7 confirmed active exploitation across multiple customer environments. The flaw impacts the GlobalProtect portal and gateway components of Palo Alto Networks PAN-OS…
AI, Europe, Exploits, Global Security News, malware, Network Security
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 99
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks TrapDoor Crypto Stealer Supply Chain Attack Hits 34 Packages and Hundreds of Versions Across npm, PyPI, and Crates.io RemotePE: The Lazarus RAT that lives…
AI, Cybersecurity, Data Breaches, Europe, Exploits, Global Security News, Government & Policy, malware, Network Security, Politics, privacy, Risk Management, Russia
Security Affairs newsletter Round 579 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. ShinyHunters Leaks Charter Communications Data, Potentially Impacting 5 Million Customers Signal Phishing Campaign Targets Journalists and…
Global Security News, Network Security
Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices
Dutch authorities have announced the takedown of a botnet that enslaved millions of infected devices, including computers, tablets, smartphones, and IoT devices, to carry out malicious attacks. The bot network, per the Dutch Politie and the National Cyber Security Center (NCSC), consisted of at least 17 million infected devices. More than 200 servers located in…
AI, Europe, Global Security News, Network Security
SoftBank to Plow $52 Billion Into French Data Centers
SoftBank is promising to spend at least $52 billion on building a network of massive data centers in France, helping advance Europe’s goal of tech independence with what would be the continent’s largest AI infrastructure project.
Data Breaches, Exploits, Global Security News, Network Security
Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
Palo Alto Networks is warning that hackers are now exploiting a PAN-OS GlobalProtect authentication bypass flaw, tracked as CVE-2026-0257, in attacks attempting to breach corporate networks. […]
AI, Data Breaches, Europe, Global Security News, Network Security
ShinyHunters Leaks Charter Communications Data, Potentially Impacting 5 Million Customers
Cybercrime group ShinyHunters leaked data allegedly stolen from Charter Communications, exposing millions of customer records after a failed extortion attempt. The ShinyHunters extortion group has published data allegedly stolen from Charter Communications after the company apparently refused to pay a ransom. Charter Communications is one of the largest telecommunications companies in the United States. It…
AI, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management
Botnet of 17 Million Devices Dismantled in the Netherlands
Dutch authorities seized 200 servers running a 17-million-device botnet linked to proxy service Asocks. Dutch authorities have taken offline a massive botnet of at least 17 million devices and seized more than 200 servers at a local provider that supported the operation. Infected devices included computers, tablets, and smartphones. The action was carried out following…
AI, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management
Botnet of 17 Million Devices Dismantled in the Netherlands
Dutch authorities seized 200 servers running a 17-million-device botnet linked to proxy service Asocks. Dutch authorities have taken offline a massive botnet of at least 17 million devices and seized more than 200 servers at a local provider that supported the operation. Infected devices included computers, tablets, and smartphones. The action was carried out following…
