Michele Spagnuolo, the Google engineer accused of using company data to bet on Polymarket, had a long list of enviable accomplishments
Tag: long
AI, Exploits, Global Security News, Risk Management
Cisco refines its risk-based vulnerability disclosure for the AI era
Security teams already struggle with long lists of vulnerabilities and limited time to patch them. Cisco believes AI could increase that pressure by accelerating vulnerability discovery and increasing the number of findings security teams need to review. The company said it is moving further toward a risk-based disclosure approach, placing greater attention on issues under…
AI, Global Security News
Weekly Update 505
Well, that didn’t last long! Recording this on Saturday morning my time, I observed ShinyHunters having gone quiet since the massive haul that would have been the Instructure ransom. It was two weeks almost to the hour since I’d first heard rumour of payment being made, and I posited that groups like this often go…
AI, Compliance, Cybersecurity, Global Security News, Network Security, privacy, Risk Management
Data Sanitization Challenges Are Increasing in the AI Era
Data sanitization has long played an important role in protecting sensitive information, but growing data volumes and stricter compliance requirements are making secure end-of-life data management more critical than ever. The 2026 State of Data Sanitization Report by Blancco highlights growing concerns among organizations regarding data privacy, regulatory pressure, and end-of-life device management. The report…
china, Global Security News
Chinese APTs Share Linux Backdoor in Central Asia Telco Attacks
“Showboat” doesn’t show off, but clearly it doesn’t need to, as it’s long helped China spy on small market communications providers.
AI, Global Security News
CVE Lite CLI: Open-source dependency vulnerability scanner
Dependency vulnerability scanning in JavaScript and TypeScript projects has long sat at the end of the development pipeline. Pull requests get opened, continuous integration runs, and a security scanner returns a list of CVE identifiers that developers then have to triage hours or days after writing the code. CVE Lite CLI, now an officially recognized…
Global Security News
Fuel Tank Breaches Expand Scope of Iran’s Cyber Offensive
Security experts have long warned that insecure automatic tank gauge (ATG) systems exposed on the Internet can be tampered with by threat actors.
AI, Compliance, Cybersecurity, Global Security News, malware, privacy, Risk Management
ANY.RUN Turns 10: Special Offers for Stronger Security Operations
Ten years in cybersecurity is a long journey. Threats have changed, attacks have become harder to spot, and security teams now need answers faster than ever. ANY.RUN has grown with those teams. What started as an interactive sandbox is now a trusted company with threat analysis and intelligence solution used by 15,000+ organizations, 600,000 security professionals, and teams at Fortune…
Exploits, Global Security News
Sandyaa: Open-source autonomous security bug hunter
Source code auditing has traditionally relied on static analyzers that flag long lists of potential issues, leaving engineers to sort bugs from noise. A new open-source project from offensive-security firm SecureLayer7 takes a different route, using LLMs to read a codebase, trace how data moves through it, and produce working exploit code for the vulnerabilities…
AI, Exploits, Global Security News
Hackers Use AI for Exploit Development, Attack Automation
Cyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestrate complex attacks.
AI, Endpoint, Global Security News
Rustinel: Open-source endpoint detection for Windows and Linux
Open-source endpoint detection has long been split between Windows-focused tools built around Sysmon and Linux tools built around eBPF or auditd. Defenders running mixed environments have had to stitch together separate pipelines, separate rule sets, and separate maintenance burdens. Rustinel, a Rust-based endpoint agent, is an attempt to collapse that work into a single codebase.…
AI, Exploits, Global Security News
Another AI-Assisted Software Scan Yields 9-Year-Old Linux Bug
The proof-of-concept exploit code runs only 10 lines long, but luckily, a patch is already available.
AI, Global Security News
PentAGI: Open-source autonomous AI penetration testing system
Penetration testers have long relied on collections of specialized tools, manual coordination, and documented runbooks to work through a target assessment. PentAGI, an open-source project from VXControl, attempts to automate that entire workflow using a multi-agent AI system that plans, researches, and executes penetration tests with minimal human direction. How the agent system works PentAGI…
AI, Apps, Global Security News, Risk Management
What the EU AI Act requires for AI agent logging
The EU AI Act is 144 pages long. The logging requirements that matter for AI agent developers sit across four articles that keep referencing each other. Here’s what they say, when the deadlines hit, and where the gaps are. Your agent is probably high-risk The Act doesn’t mention “AI agents” by name. What matters is…
AI, Exploits, Global Security News
OpenAI expands its cyber defense program with GPT-5.4-Cyber for vetted researchers
Defending critical software has long depended on the ability to find and fix vulnerabilities faster than attackers can exploit them. OpenAI is expanding a program designed to give professional defenders prioritized access to AI tools built for that purpose. The company is scaling its Trusted Access for Cyber (TAC) program to thousands of verified individual…
AI, Global Security News, Network Security, privacy
Little Snitch for Linux shows what your apps are connecting to
Network monitoring on Linux has long been a gap for users who want per-process visibility into outbound connections. Existing tools either operate at the command line or were designed for server security rather than desktop privacy. Objective Development, the Austrian company behind the macOS firewall utility Little Snitch, released a Linux version of the tool.…
AI, Compliance, Global Security News
Comp AI: The open-source way to get compliant with SOC 2, ISO 27001, HIPAA and GDPR
Getting a startup through a SOC 2 audit has long meant months of manual evidence collection, policy writing, and repeated back-and-forth with auditors. A growing number of compliance platforms have moved to automate parts of that process, and Comp AI is now doing it with an open-source codebase that organizations can inspect, modify, and self-host.…
AI, Apps, Global Security News
Microsoft adds high-volume email sending to Exchange Online
Organizations that rely on Exchange Online for internal communications have long needed a way to send large volumes of automated messages, such as payroll notifications, IT alerts, and security advisories, without running into the sending limits designed for person-to-person email. Microsoft has addressed that with the general availability of High Volume Email (HVE) in Exchange…
Global Security News
Beyond ticketing: How Robin by Atera is automating the IT lifecycle
GUEST OPINION: IT operations have long been shaped by ticketing systems that organise work into queues, prioritise issues, and track resolution times. While effective for structure, this model is inherently reactive and depends on the problems being reported before action can begin.
AI, Cybersecurity, Global Security News
Why I’m done calling humans the weakest link
Cybersecurity has long suffered from a people problem, but not in the way we often hear about. As industry that is based on enabling communication across the globe via the internet and many types of devices, many of us practitioners are very bad at communicating to people. A primary example is the phrase “humans are…
AI, Global Security News
ShipSec Studio brings open-source workflow orchestration to security operations
Security teams have long relied on a mix of shell scripts, cron jobs, and loosely connected tools to chain reconnaissance and vulnerability scanning work together. ShipSec Studio, an open-source security workflow automation platform from ShipSec AI, aims to replace that arrangement with a dedicated orchestration layer built specifically for security operations. What the platform does…
Global Security News
Iran MOIS Colludes With Criminals to Boost Cyberattacks
Iranian APTs have long pretended to be cybercriminal groups. Now they’re working with actual cybercriminal groups.
Global Security News
Silicon Valley’s New Obsession: Watching Bots Do Their Grunt Work
Techies compare notes on how long their fleet of virtual interns can labor away without making a mistake.
Global Security News
High voltage tech: Meet AC/DC – Australia’s answer to FAANG and WITCH
Australia’s tech sector has long punched above its weight, but until now, it’s lacked a unifying shorthand. Silicon Valley has FAANG. The Indian global services giants have WITCH. Australia? Well, we’ve had vibes – but that changes today. Say hello to AC/DC, a new distinctly Australian acronym for our most influential, globally relevant tech powerhouses.…
AI, Compliance, Data Breaches, Global Security News
Storage vendor offers a real guarantee — but check out those fine-print exceptions
For as long as most junior coders have been alive, tech vendors have talked up performance guarantees even though they neglect to detail just what happens if they don’t deliver as promised. I have been begging vendors to knock off these deceptions for a long time — a very long time. Last week, I briefly…
AI, Global Security News
Why AI Is Becoming Central to Predictive Maintenance Strategies
GUEST OPINION: Predictive maintenance has long been sold as a silver bullet for asset-intensive organisations. By anticipating failures before they occur, the theory goes, businesses can reduce downtime, extend asset life and significantly lower maintenance costs.
AI, Apps, Endpoint, Global Security News, Government & Policy, Network Security, Risk Management
PQC roadmap remains hazy as vendors race for early advantage
Post-quantum cryptography (PQC) has long sat on the periphery of enterprise security, with experts calling it inevitable but not urgent. That posture is beginning to shift. Earlier this year, Palo Alto Networks published a blog announcing a new “quantum-safe security” initiative, framing it as a way for enterprises to assess where quantum-vulnerable cryptography exists across…
AI, Global Security News
mquire: Open-source Linux memory forensics tool
Linux memory forensics has long depended on debug symbols tied to specific kernel versions. These symbols are not installed on production systems by default, and sourcing them from external repositories creates a recurring problem: repositories go stale, kernel builds diverge, and analysts working incident response often find no published symbols for the exact kernel they…
AI, APAC, Apps, Global Security News
Cheap enterprise PCs? Not anytime soon — analysts
Historic price hikes for PCs are likely to linger for a long time, prompting many enterprises to put hardware upgrades on hold, analysts said. PC prices — for both enterprise and consumer buyers — are expected to jump by about 17% this year, Gartner analyst Ranjit Atwal told Computerworld. And the era of the $500…
AI, APAC, Apps, Cloud Security, Compliance, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Why application security must start at the load balancer
For a long time, I thought of the load balancer as a performance device. Its job was to distribute traffic, improve uptime, and make applications feel fast. Security was something that happened elsewhere, on firewalls, inside WAFs or deep in the application code. That perspective changed early in my consulting career. I worked with a…
AI, Global Security News
Fraudsters integrate ChatGPT into global scam campaigns
AI models are being folded into fraud and influence operations that follow long standing tactics. A February 2026 update to OpenAI’s Disrupting Malicious Uses of Our Models report details how ChatGPT and related API access were used in romance scams, fake legal services, coordinated influence campaigns, and a state linked harassment effort. Six tweets whose…
Global Security News
Google Disrupts ‘Prolific’ and ‘Elusive’ China-Linked Global Hacking Campaign
UNC2814 hit 53 victims in 42 countries with novel backdoor in decade long cyber espionage operation
AI, Global Security News
AI is becoming part of everyday criminal workflows
Underground forums include long threads about chatbots drafting phishing emails, generating code snippets, and coaching social engineering calls. A new study examined conversations captured between January 1, 2025 and July 31, 2025 across dozens of cybercrime forums to map how AI tools are entering day to day criminal operations. The dataset includes 163 discussion threads…
Global Security News
The Active Adversary Report: Safety in numbers
What a long, strange trip it’s been Categories: Security Operations Tags: Active Adversary
Global Security News
The Hong Kong Investor Putting American Money Into China’s AI Push
Neil Shen has long bridged both countries, from working at Sequoia after Yale to his own firm
AI, Cybersecurity, Global Security News
Open-source AI Pentesting Tools are Getting Uncomfortably Good
AI has come a long way in the pentesting world. We are now seeing open-source tools that can genuinely mimic how a human tester works, not just fire off scans. I dug into three of them, BugTrace-AI, Shannon, and CAI, the Cybersecurity AI framework, and put them up against real-world targets in a lab environment.…
Global Security News
Naming and shaming: How ransomware groups tighten the screws on victims
When corporate data is exposed on a dedicated leak site, the consequences linger long after the attack fades from the news cycle
AI, ANYRUN, Compliance, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Malware Analysis, malware behavior, Risk Management
Emerging Ransomware BQTLock & GREENBLOOD Disrupt Businesses in Minutes
How long would it take your team to realize ransomware is already running? The newly identified ransomware families are already causing real business disruption. These threats can disrupt operations fast while also reducing visibility through stealth or cleanup activity, shrinking the time teams have to detect and contain the attack. Here’s what you should know about BQTLock and GREENBLOOD, and how your team can detect and contain them before…
AI, CISO, Cybersecurity, Don't miss, features, Global Security News, Hot stuff, News, Risk Management
United Airlines CISO on building resilience when disruption is inevitable
Aviation runs on complex digital systems built for stability, safety, and long lifecycles. That reality creates a unique cybersecurity challenge for airlines, where disruption can quickly become an operational and public trust crisis. In this Help Net Security interview, Deneen DeFiore, VP and CISO at United Airlines, explains how the company approaches modernization without compromising…
AI, CISO, Cybersecurity, Don't miss, features, Global Security News, Hot stuff, News, Risk Management
United Airlines CISO on building resilience when disruption is inevitable
Aviation runs on complex digital systems built for stability, safety, and long lifecycles. That reality creates a unique cybersecurity challenge for airlines, where disruption can quickly become an operational and public trust crisis. In this Help Net Security interview, Deneen DeFiore, VP and CISO at United Airlines, explains how the company approaches modernization without compromising…