Energy sector orgs targeted with AiTM phishing campaign
Organizations in the energy sector are being targeted with phishing emails aimed at compromising enterprise accounts, Microsoft warns. The attack campaign The attacks started …
Tesla, Sony, and Alpine systems compromised on day one of Pwn2Own Automotive 2026
Security researchers uncovered 37 previously unknown vulnerabilities on the opening day of Pwn2Own Automotive 2026, earning a combined $516,500 in prize money, according to …
OpenWrt One gains support for running Debian
Debian now runs on the OpenWrt One hardware platform following recent engineering work by Collabora. OpenWrt One is a developer focused router designed to support embedded …
Exposed training apps are showing up in active cloud attacks
Security teams often spin up vulnerable applications for demos, training, or internal testing. A recent Pentera research report documents how those environments are being left …
Unbounded AI use can break your systems
In this Help Net Security video, James Wickett, CEO of DryRun Security, explains cyber risks many teams underestimate as they add AI to products. He focuses on how fast LLM …
The internet’s oldest trust mechanism is still one of its weakest links
Attackers continue to rely on domain names as an entry point into enterprise systems. A CSC domain security study finds that large organizations leave this part of their …
A new framework helps banks sort urgent post-quantum crypto work from the rest
Financial institutions now have a concrete method for deciding where post-quantum cryptography belongs on their security roadmaps. New research coordinated by Europol sets out …
macOS Tahoe improves privacy and communication safety
macOS Tahoe privacy and security features focus on screening unwanted contact, limiting tracking, and keeping more decisions on the device. Most updates run quietly in the …
Microsoft updates the security baseline for Microsoft 365 Apps for enterprise
Microsoft has published version 2512 of its security baseline for Microsoft 365 Apps for enterprise. The baseline documents recommended policy settings for Office applications …
Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718?
CVE-2025-59718, a critical authentication bypass flaw that attackers exploited in December 2025 to compromise FortiGate appliances, appears to persist in newer, purportedly …
RCE flaw in Cisco enterprise communications products probed by attackers (CVE-2026-20045)
Cisco has fixed a critical remote code execution vulnerability (CVE-2026-20045) in some of its unified communications solutions that’s being targeted by attackers in the …
EU tightens cybersecurity rules for tech supply chains
The European Commission has proposed a new cybersecurity package aimed at strengthening the EU’s cyber resilience, including a revised EU Cybersecurity Act designed to secure …
Featured news
Resources
Don't miss
- Energy sector orgs targeted with AiTM phishing campaign
- Exposed training apps are showing up in active cloud attacks
- Unbounded AI use can break your systems
- Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718?
- RCE flaw in Cisco enterprise communications products probed by attackers (CVE-2026-20045)