Collaborate Disseminate
One in five enterprise endpoints is operating outside a protected and enforceable state on any given day, according to device telemetry collected across tens of millions of corporate PCs. That figure, drawn from Absolute Security’s 2026 Resilienc… Continue reading Your security stack looks fine from the dashboard and that’s the problem
Penetration testers running Kali Linux have a new release to work with. Version 2026.1 delivers the annual theme refresh, a new BackTrack-inspired mode in kali-undercover, eight tools added to the network repositories, a kernel bump to 6.18, and severa… Continue reading Kali Linux 2026.1 ships BackTrack mode, eight new tools, and a kernel upgrade to 6.18
Prompt abuse occurs when crafted inputs manipulate an AI system into producing unintended behavior, such as attempting to access sensitive information or overriding built-in safety instructions. Prompt injection is also recognized as one of the top ris… Continue reading Microsoft details AI prompt abuse techniques targeting AI assistants
Exploits remain the leading entry point for attackers for the sixth consecutive year, according to Mandiant’s M-Trends 2026 report, which draws on more than 500,000 hours of incident response work conducted in 2025. The data shows attackers speed… Continue reading Attackers are handing off access in 22 seconds, Mandiant finds
Application Security Analyst Alignerr | USA | Remote – View job details As an Application Security Analyst, you will review and analyze application security scenarios across code, APIs, and system behavior. You will classify vulnerabili… Continue reading Cybersecurity jobs available right now: March 24, 2026
GitLab CI/CD pipelines often accumulate configuration decisions that drift from security baselines over time. Container images get pinned to mutable tags, branches lose protection settings, and required templates go missing. An open-source tool called … Continue reading Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps
Google’s advanced flow for Android changes how apps from unverified developers are installed, adding steps to reduce scam-driven sideloading. The feature is aimed at experienced users and allows sideloading through a controlled, one-time setup. It addr… Continue reading Google slows Android sideloading to trip up scammers
Michael Smith, 54, of Cornelius, North Carolina, has pleaded guilty in federal court to running a scheme that exploited music streaming platforms and diverted royalty payments from artists. He admitted to one count of conspiracy to commit wire fraud, w… Continue reading Fake AI songs streamed billions of times, netting fraudster $10 million
Here’s a look at the most interesting products from the past week, featuring releases from Intel 471, Kore.ai, NinjaOne, Pindrop, Secure Code Warrior, Token Security, and Xona Systems. NinjaOne Vulnerability Management enables real-time detection and a… Continue reading New infosec products of the week: March 20, 2026
Running a large language model on a single machine without cloud access or a container runtime remains a priority for practitioners working in air-gapped or resource-constrained environments. Llamafile, Mozilla-AI’s project for packaging and runn… Continue reading Llamafile, Mozilla’s portable LLM runner, gets GPU support and a rebuilt core