TLS Connect gives SMBs a right-sized automated tool to manage TLS certificates
GMO GlobalSign today launched TLS Connect, a Certificate Lifecycle Management (CLM) tool designed specifically for SMBs. TLS Connect automates public trust TLS certificate …
Aptori expands its platform with autonomous offensive testing to reduce security bottlenecks
Aptori has expanded its Runtime-Driven Validation Platform with autonomous offensive testing capabilities to address the growing gap between code output and security team …
Your IAM was built for humans, AI agents don’t care
Identity and access management was built for a simpler world. One where the hardest problem was a human logging in, and where “Who are you?” was sufficient to …
The AI criminal mastermind is already hiring on gig platforms
Labor-hire platforms let anyone with a credit card post a task and pay a stranger to complete it. The RentAHuman platform extends that model to AI agents through a Model …
25 open-source cybersecurity tools that don’t care about your budget
Regardless of the operating system you use, managing secrets, apps, cloud, compliance, and security operations can be overwhelming. The free, open-source tools presented in …
Product showcase: LuLu reveals unauthorized outbound connections from Mac apps
LuLu is a free, open-source firewall for macOS that lets you control which apps are allowed to send data from your computer. macOS includes a built-in firewall, but it mainly …
Week in review: Claude Mythos finds 271 Firefox flaws, Vercel breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines …
Users advised to drop passwords and make room for passkeys
In a decisive move that could reshape how users log in online, the National Cyber Security Centre (NCSC) is urging consumers to abandon passwords in favour of passkeys, …
Indirect prompt injection is taking hold in the wild
The open web is slowly but surely filling up with “traps” designed for LLM-powered AI agents. The technique, known as indirect prompt injection (IPI), involves …
Compromised everyday devices power Chinese cyber espionage operations
China-linked threat actors have shifted from individually procured infrastructure to large-scale covert networks, botnets built from compromised routers and other edge …
New Cisco firewall malware can only be killed by pulling the plug
Suspected state-sponsored attackers are using a custom backdoor to persistently compromise Cisco security devices (firewalls), the US CISA and the UK National Cyber Security …
Meta is overhauling how you sign in, manage settings, and protect your accounts
Meta Account gives users of Meta apps and devices a simpler way to access and manage their accounts. Accounts Center will automatically be updated to a Meta Account as part of …
Featured news
Resources
Don't miss
- Verizon DBIR: Vulnerability exploitation is the dominant initial access vector
- TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension
- Microsoft provides mitigation for “YellowKey” BitLocker bypass flaw (CVE-2026-45585)
- Communicating cyber risk in dollars boards understand
- CVE Lite CLI: Open-source dependency vulnerability scanner