Hackers are knocking on office doors pretending to be IT staff
The Silent Ransom Group (SRG) is targeting law firms using social engineering techniques and an unusual tactic for cybercriminals: showing up at victims’ offices in person …
Google AI Threat Defense targets attackers using AI to find flaws faster
Google Cloud introduced AI Threat Defense, an automated cybersecurity platform that combines several of the company’s security assets to find, prioritize, and patch …
Claude now reviews and fixes vulnerabilities as you write code
Anthropic introduced a security-guidance plugin for Claude Code that reviews code changes for common vulnerabilities and helps Claude identify and fix issues during the same …
Fake ChatGPT and Claude installers on GitHub are dropping Deno RAT malware
Attackers are hosting counterfeit installers and plugins on GitHub and SourceForge that pose as widely used software, including ChatGPT, Claude, AutoTune, Kontakt, Ableton …
Apple makes its quantum-resistant encryption open source
Apple has published its post-quantum cryptography implementations in corecrypto, together with mathematical proofs and verification tools for independent expert evaluation, …
Coinflow CISO on crypto payments security under AI pressure
Crypto payment firms sit near the top of the target list for advanced persistent threat groups, and the workload on their security leaders keeps growing. Malcolm Portelli, …
Vigolium: Open-source vulnerability scanner
Vigolium, an open-source vulnerability scanner that combines deterministic scanning with AI-driven auditing, launched its initial open-source release this month. The project …
The alert economy is driving security analyst burnout
In this Help Net Security video, Ido Livneh, CEO of Jazz, explains why security analysts burn out and what leaders can do about it. The cause, he argues, is not long hours but …
European AI adoption hits 99% with regulated data driving most policy violations
Generative AI tools operate inside nearly every European workplace, embedded in meeting transcription services, writing assistants, coding copilots, and search features. …
Anthropic: Claude Mythos identified 10,000+ software flaws
Anthropic and its Project Glasswing partners have identified more than 10,000 high- or critical-severity vulnerabilities in critical software systems, the company announced in …
Chinese phishing gangs grow into a force to be reckoned with
Chinese-language phishing-as-a-service (PhaaS) communities are expanding in an area historically dominated by Russian-speaking cybercriminal groups. The Google Threat …
Actively exploited Trend Micro Apex One flaw gets CISA warning (CVE-2026-34926)
A relative directory path traversal vulnerability (CVE-2026-34926) in Trend Micro’s Apex One platform has been exploited in zero-day attacks, the company confirmed. …
Featured news
Resources
Don't miss
- Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520)
- Record Microsoft Patch Tuesday, fresh zero-day
- Every set of AI guardrails can be broken by the right prompt
- The security in smartphones is helping send them to landfills
- Product showcase: Staying ahead of the threat horizon with Aunoo