cybersecurity
GopherWhisper APT group hides command and control traffic in Slack and Discord
Attackers continue to lean on everyday collaboration platforms to hide command and control traffic inside normal enterprise noise. A newly identified China-aligned APT group …
A year in, Zoom’s CISO reflects on balancing security and business
In this Help Net Security interview, Sandra McLeod, CISO at Zoom, reflects on her first year in the role. She talks about moving from reactive firefighting to business …
Ransomware, fraud, and lawsuits drive cyber insurance claims to new peaks
The 2026 InsurSec Report from At-Bay, covering more than 100,000 policy years of claims data, documents a 7% year-over-year rise in overall claim frequency and an all-time …
Google’s Workspace Intelligence promises privacy while running on your data
Security and data governance are among the key considerations in Google’s latest AI update, which introduces Workspace Intelligence within Google Workspace. Google describes …
Phishing reclaims the top initial access spot, attackers experiment with AI tools
Phishing returned as the leading method attackers used to break into organizations in the first quarter of 2026, accounting for over a third of engagements where initial …
PentAGI: Open-source autonomous AI penetration testing system
Penetration testers have long relied on collections of specialized tools, manual coordination, and documented runbooks to work through a target assessment. PentAGI, an …
Shadow AI, deepfakes, and supply chain compromise are rewriting the financial sector threat playbook
Financially motivated attacks continued to drive the bulk of cyber incidents against banks, insurers, and payment processors in 2025. Approximately 90% of breaches affecting …
Researchers build an encrypted routing layer for private AI inference
Organizations in healthcare, finance, and other sensitive industries want to use large AI models without exposing private data to the cloud servers running those models. A …
Anthropic releases Claude Opus 4.7 with automated cybersecurity safeguards
Software teams building agentic AI workflows have been pushing frontier models toward longer, unsupervised task runs. Claude Opus 4.7, now generally available from Anthropic, …
Cargo theft malware actor spent a month inside a decoy network before researchers pulled the plug
Proofpoint researchers executed a malicious payload from a threat actor known to target trucking and logistics companies in late February 2026, doing so inside a decoy …
OpenAI updates Agents SDK, adds sandbox for safer code execution
OpenAI’s updated Agents SDK helps developers build agents that inspect files, run commands, edit code, and handle tasks within controlled sandbox environments. The update …
EU cybersecurity standards are at risk if supplier ban passes
Today, the European standards body ETSI sent a formal position paper to the European Commission, calling for changes to the proposed Cybersecurity Act 2 (CSA2), the EU’s …