Collaborate Disseminate
ESET researchers have traced the resurgence of Sednit through a modern toolkit built around two complementary implants, BeardShell and Covenant, each relying on a separate cloud provider to ensure operational resilience. This dual-implant architecture … Continue reading This spy tool has been quietly stealing data for years
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: BlacksmithAI: Open-source AI-powered penetration testing framework BlacksmithAI is an open-source penetration testing framework that uses multiple AI agen… Continue reading Week in review: Weaponized OAuth redirection logic delivers malware, Patch Tuesday forecast
Developers and analysts are using more AI tools to produce code and to test both the performance and security of the finished products. They are also embedding AI functionality in their products directly. But just how secure are these AI tools and rout… Continue reading March 2026 Patch Tuesday forecast: Is AI security an oxymoron?
In this Help Net Security video, Gal Livschitz, Senior Penetration Tester at Terra Security, explains how phishing has evolved and why employees still fall for it. He outlines how phishing now uses HTTPS, branded pages, and lookalike domains, making at… Continue reading Why phishing still works today
AI agents have evolved from just chatbots, answering questions to executing actions using various integrated tools, often autonomously, and as such the traditional security models have become less efficient. I have seen that firsthand as a security lea… Continue reading Engineering trust: A security blueprint for autonomous AI agents
AI has become the most popular scapegoat in security. While the risk is real, the obsession is costly. Most security failures don’t start with AI. They start with people, access, and security workflows that don’t scale. This webinar aims to reframe the… Continue reading Webinar: The True State of Security 2026
Zenity Labs disclosed PleaseFix, a family of critical vulnerabilities affecting agentic browsers, including Perplexity Comet, that allow attackers to hijack AI agents, access local files, and steal credentials within authenticated user sessions. The vu… Continue reading The vulnerability that turns your AI agent against you
Most organizations believe they have workforce identity under control. New hires are verified. Accounts are provisioned. Multi-factor authentication is enforced. Audits are passed. Then a breach happens, often through an account that was “properly secu… Continue reading Why workforce identity is still a vulnerability, and what to do about it
Secure by Design is not a single tool, product, or one‑time activity. It is a holistic approach that requires security to be deliberately embedded from the very beginning, at the point where systems, software, and services are conceived and designed. R… Continue reading Secure by Design: Building security in at the beginning
Keepnet, the AI-powered Extended Human Risk Management (xHRM) platform, today announced the launch of its AI-Driven Email Incident Response Agents — autonomous AI agents that analyze, decide, act, and continuously learn to contain employee-reported ema… Continue reading Keepnet launches AI incident response agents that redefine post-delivery email threat containment