OpenAI’s Chronicle feature lets Codex read your screen, raising privacy concerns
OpenAI’s Chronicle is a feature designed to help Codex, an AI-powered coding assistant, better understand what users are working on by capturing context directly from their …
CISA flags another Cisco Catalyst SD-WAN Manager bug as exploited (CVE-2026-20133)
CISA added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including a Cisco Catalyst SD-WAN Manager vulnerability (CVE-2026-20133) that Cisco …
A single platform powers SIM farm proxy networks across 17 countries
Racks of phones and 4G modems, connected to carrier networks and rented out as commercial mobile proxy services, are operating across at least 94 locations in 17 countries. An …
NGate NFC malware targets Android users through trojanized payment app
NFC-based payment fraud is expanding geographically and operationally. A campaign active since November 2025 is targeting Android users in Brazil using a new variant of the …
Researchers build an encrypted routing layer for private AI inference
Organizations in healthcare, finance, and other sensitive industries want to use large AI models without exposing private data to the cloud servers running those models. A …
Cybersecurity jobs available right now: April 21, 2026
Application Security Engineer (DevSecOps / Azure DevOps) BEWAHARVEST | Philippines | Hybrid – No longer accepting applications As an Application Security Engineer …
Vercel breached via compromised third-party AI tool
Cloud deployment and hosting platform Vercel has suffered a security breach that resulted in attackers accessing some of its internal systems and compromising Vercel …
AI platform ATHR makes voice phishing a one-person job
For $4,000 and a cut of the take, a lone criminal can now run a fully automated voice-phishing operation via ATHR, a plaform that spoofs emails alerts from Google, Microsoft, …
Meta and PortSwigger drive offensive security further to find what others miss
Meta Bug Bounty and PortSwigger have formed a partnership to help security researchers sharpen their skills, collaborate more closely, and improve vulnerability discovery. The …
EU pushes for stronger cloud sovereignty, awards €180 million to four providers
The European Commission is stepping up efforts to strengthen the EU’s digital sovereignty by awarding a cloud services tender worth up to €180 million over six years. The …
SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines
Boost Security has released SmokedMeat, an open-source framework that runs attack chains against CI/CD infrastructure so engineering and security teams can see what an …
How to spot a North Korean fake in a job interview
North Korean operatives are getting hired at companies by passing job interviews using fake identities and AI tools. In this Help Net Security video, Adrian Cheek, a senior …
Featured news
Resources
Don't miss
- Attackers using Langflow flaw for credential harvesting (CVE-2026-55255)
- Accenture acknowledges security incident following 35GB data theft claim
- Orbia CISO Miranda Ritchie on building security into sustainable infrastructure
- 20 open-source cybersecurity tools to keep your team ready for anything
- macOS is becoming a proving ground for AI agents