cybersecurity
Closing the AI governance gap in your enterprise
In this Help Net Security video, Casey Bleeker, CEO at SurePath AI, talks about the AI governance gap that exists in almost every organization. Drawing from three years of …
Over 70% of organizations hit by identity breaches
Attackers rely on stolen credentials, compromised service accounts, and social engineering attacks targeting employees, according to Sophos’ The State of Identity Security …
Machine identities outnumber humans 109 to 1
Organizations manage an average of 109 machine identities for every human identity. AI agents account for a growing share of those identities, with companies expecting AI …
Signal responds to phishing attacks with new in-app security warnings
Signal is adding new protections for users following recent phishing and social engineering attacks. In March, the FBI and CISA issued a warning stating that Signal had become …
Microsoft’s agentic security system found four critical Windows RCE flaws
Microsoft responded to growing competition in AI security by announcing that its new agentic security system helped researchers discover 16 new vulnerabilities in the Windows …
Sandyaa: Open-source autonomous security bug hunter
Source code auditing has traditionally relied on static analyzers that flag long lists of potential issues, leaving engineers to sort bugs from noise. A new open-source …
Fedora Hummingbird brings the container security model to a Linux host OS
Container image security pipelines have spent the past several years pushing toward minimal footprints, hermetic builds, and continuous CVE remediation. The Fedora Project is …
OpenAI’s Daybreak uses Codex Security to identify risky attack paths
OpenAI Daybreak is the company’s cybersecurity initiative focused on building AI-assisted software defense into the development process from the start. It combines OpenAI …
Google researchers uncover criminal zero-day exploit likely built with AI
Google’s threat intelligence researchers have linked a zero-day exploit to AI-assisted development by a criminal group. The exploit targeted a popular open-source …
Linux developers weigh emergency “killswitch” for vulnerable kernel functions
Linux kernel developers are reviewing a proposal for an emergency risk mitigation mechanism (“Killswitch”) that would allow administrators to disable vulnerable …
The scam economy has found its AI upgrade
Scam attempts continue to reach consumers via email, text messages, social media, online advertising, and phone calls. The volume of exposure has remained stable over the past …
Review: Foundations of Cybersecurity, 2nd edition
Jason Andress has refreshed his introductory security text for No Starch Press. He writes in the introduction that the term security now extends past data center servers to …
Featured news
Resources
Don't miss
- Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751)
- How to use NIST and ISO frameworks to govern AI agents
- The assembly line behind 1.5 million malicious domains
- AI sovereignty makes data centers strategic targets for cyber operations
- CISA orders federal agencies to “patch smarter”