Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)
A Qilin ransomware affiliate is believed to be exploiting CVE-2026-50751, an authentication bypass vulnerability in Check Point VPN Remote Access and Mobile Access, the …
CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)
A vulnerability (CVE-2026-28318) that can be exploited to crash SolarWinds Serv-U file transfer servers is being leveraged by attackers in the wild, the US Cybersecurity and …
Samsung just made Galaxy phones more secure in One UI 9 beta
Samsung’s One UI 9 beta integrates Lockdown mode into the power menu. This is the screen that contains Power off, Restart, and emergency options. Opening it initiates …
OpenAI is locking down parts of ChatGPT to reduce data theft risks
OpenAI has started rolling out Lockdown Mode for ChatGPT, an optional security setting that restricts access to external resources and several product capabilities. It is …
DockSec: Open-source AI-powered Docker security scanner
DockSec is an OWASP Incubator Project that combines three container security scanners with a language-model layer for explanation and remediation. Created by Advait Patel, the …
When attacks spread too far: Lessons from real cyber attack case studies
In this Help Net Security video, Michael Adjei, Director, Systems Engineering at Illumio, explains three real world cyber attacks and what went wrong during detection. Adjei …
Google Colab CLI opens runtimes to Claude Code and Codex
Google released the Google Colab Command-Line Interface, a tool that connects local terminals to remote Colab runtimes. The CLI provides an execution platform for developers …
Cybercriminals create 19,000 FIFA-themed domains ahead of 2026 World Cup
Fans looking for tickets, accommodation and match broadcasts are already encountering scams tied to the 2026 FIFA World Cup. The 2026 FIFA World Cup will bring millions of …
GitHub Copilot app launches as desktop home for AI coding agents
GitHub introduced the Copilot app, a desktop application built for working with AI coding agents, at Microsoft Build 2026. The release expands GitHub’s Copilot product …
52% of direct-to-IP threats are missing from intelligence feeds
Security tools are good at inspecting websites, domains, URLs, and files, so attackers are moving lower in the stack and communicating directly with IP addresses, where …
Week in review: Cisco SD-WAN 0-day exploited, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: OWASP Agent Memory Guard: Stop AI agents from being weaponized through their …
Attackers obtained encrypted password vaults from some Dashlane user accounts
Dashlane has disclosed new details about a brute-force attack that let a threat actor access some customer accounts and copy encrypted vaults. Dashlane said it found no …
Featured news
Resources
Don't miss
- China-linked spies backdoored authentication stack to stay hidden for years
- AI vulnerability discovery is pushing 2026 CVEs toward 66,000
- PhishLumos: Exposing phishing campaigns that evade detection by hiding content
- Onspring CISO on where automated GRC systems fall short
- Open-source CI/CD abuse detector guards against stolen credential attacks