To counter cookie theft, Chrome ships device-bound session credentials
Cookie theft follows a well-established pattern. Infostealer malware infiltrates a device, extracts authentication cookies, and exfiltrates them to an attacker-controlled …
Little Snitch for Linux shows what your apps are connecting to
Network monitoring on Linux has long been a gap for users who want per-process visibility into outbound connections. Existing tools either operate at the command line or were …
Apiiro CLI turns AI coding assistants into full-stack security engineers
The Apiiro CLI brings the Apiiro platform to your terminal and to your AI coding assistants, giving them six native security capabilities: scanning, risk management, …
April 2026 Patch Tuesday forecast: Spring-cleaning of a preview
I just blinked and the first quarter of the year is GONE. Where does the time go? I looked back at my article from last month where I touched on the use of AI and some of the …
What vibe hunting gets right about AI threat hunting, and where it breaks down
In this Help Net Security interview, Aqsa Taylor, Chief Security Evangelist, Exaforce, explains vibe hunting, an AI-driven approach to threat detection that inverts …
Health insurance lead sites sell personal data within seconds of form submission
Lead generation websites that offer health insurance quotes collect sensitive personal data and sell it to multiple buyers within seconds of a user clicking submit. A study by …
Product showcase: Session, a messenger without phone numbers or metadata
Instant messaging has been around for decades, but it became widely adopted with the emergence of smartphones. Earlier, communication was limited to basic text messages. …
New infosec products of the week: April 10, 2026
Here’s a look at the most interesting products from the past week, featuring releases from Advenica, Intruder, Mallory, and Secureframe. Mallory brings contextual threat …
Claude Managed Agents bring execution and control to AI agent workflows
Anthropic’s Claude Managed Agents are a suite of composable APIs for building and deploying cloud-hosted agents at scale, handling sandboxed code execution, …
113,000 explicit prompts from AI girlfriend platform exposed, many linked to user IDs
MyLovely.AI, an AI girlfriend platform, suffered a data breach that exposed over 100,000 users. MyLovely.AI allows people to create personalized not safe for work (NSFW) …
Claude helps researcher dig up decade-old Apache ActiveMQ RCE vulnerability (CVE-2026-34197)
In the latest demonstration of how AI assistants can help with bug hunting, Horizon3.ai researcher Naveen Sunkavally used Claude to unearth CVE-2026-34197, a remote code …
Mallory brings contextual threat intelligence to security operations
Mallory is launching an AI-native threat intelligence platform, purpose-built to answer the questions CISOs and their teams are asking every day: What are the real threat …
Featured news
Resources
Don't miss
- Verizon DBIR: Vulnerability exploitation is the dominant initial access vector
- TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension
- Microsoft provides mitigation for “YellowKey” BitLocker bypass flaw (CVE-2026-45585)
- Communicating cyber risk in dollars boards understand
- CVE Lite CLI: Open-source dependency vulnerability scanner