State-backed phishing attacks targeting military officials and journalists on Signal
German security authorities are warning that a likely state-backed hacking group is engaged in attempts at phishing senior political figures, military officials, diplomats, …
Poland’s energy control systems were breached through exposed VPN access
On 29 December 2025, coordinated cyberattacks unfolded across Poland’s critical infrastructure, targeting energy and industrial organizations. The attackers struck numerous …
CISA orders US federal agencies to replace unsupported edge devices
The US Cybersecurity and Infrastructure Security Agency (CISA) issued a new binding operational directive aimed at reducing a long-standing cyber risk across federal networks: …
Ransomware attackers are exploiting critical SmarterMail vulnerability (CVE-2026-24423)
For the third time in two weeks, CISA added a vulnerability (CVE-2026-24423) affecting SmarterTools’ SmarterMail email and collaboration server to its Known Exploited …
Claude Opus 4.6 improves agentic performance and model safety
Claude Opus 4.6 builds on earlier releases with improved coding performance and more consistent behavior in complex tasks. Opus 4.6 finds real vulnerabilities in codebases …
February 2026 Patch Tuesday forecast: Lots of OOB love this month
Valentine’s Day is just around the corner and Microsoft has been giving us a lot of love with a non-stop supply of patches starting with January 2026 Patch Tuesday. The …
Mobile privacy audits are getting harder
Mobile apps routinely collect and transmit personal data in ways that are difficult for users, developers, and regulators to verify. Permissions can reveal what an app can …
The hidden cost of putting off security decisions
In this Help Net Security video, Hanah Darley, Chief AI Officer, Geordie AI, talks about how putting off security risk decisions creates long-term costs that often stay …
New infosec products of the week: February 6, 2026
Here’s a look at the most interesting products from the past week, featuring releases from Avast, Fingerprint, Gremlin, and Socure. Gremlin launches Disaster Recovery Testing …
CISA confirms exploitation of VMware ESXi flaw by ransomware attackers
CVE-2025-22225, a VMware ESXi arbitrary write vulnerability, is being used in ransomware campaigns, CISA confirmed on Wednesday by updating the vulnerability’s entry in …
OpenAI Frontier organizes AI agents under one system
OpenAI introduced Frontier, a platform designed to organize AI agents that perform business tasks within internal systems and workflows. The platform connects data from …
Why a decade-old EnCase driver still works as an EDR killer
Attackers are leaning on a new EDR killer malware that can shut down 59 widely used endpoint security products by misusing a kernel driver that once shipped with Guidance …
Featured news
Resources
Don't miss
- State-backed phishing attacks targeting military officials and journalists on Signal
- Poland’s energy control systems were breached through exposed VPN access
- CISA orders US federal agencies to replace unsupported edge devices
- Ransomware attackers are exploiting critical SmarterMail vulnerability (CVE-2026-24423)
- February 2026 Patch Tuesday forecast: Lots of OOB love this month