Help Net Security

A suspected China-linked cyberespionage group has been covertly exploiting a critical zero-day flaw (CVE-2026-22769) in Dell’s RecoverPoint for Virtual Machines software since at least mid-2024, according to new research from Google’s threat intelligence team and Mandiant. The attackers deployed stealthy backdoors (BRICKSTORM and GRIMBOLT), a webshell (SLAYSTYLE) and maintained long-term access inside targeted networks. “Beyond the Dell appliance exploitation, Mandiant observed the actor employing novel tactics to pivot into VMware virtual infrastructure, including the creation … More →

The post China-linked hackers exploited Dell zero-day since 2024 (CVE-2026-22769) appeared first on Help Net Security.

Brinqa has advanced its platform with the introduction of two new AI agents, the AI Attribution Agent and the AI Deduplication Agent, designed to address two of the most persistent and costly problems in enterprise security, unclear asset ownership and duplicate exposure signals. The key business problem of enterprise organizations around exposure management is not a lack of tools or information, it’s that they can’t make fast, defensible decisions when tools disagree, environments change, and … More →

The post Brinqa targets manual bottlenecks in exposure management with integrated AI agents appeared first on Help Net Security.

Microsoft has begun rolling out Edge 145 to the Stable release channel, adding several enterprise-focused security enhancements. The update is being deployed in phases, with some features available through preview and targeted release programs. Edge 145 brings expanded data protection capabilities to Edge for Business. The browser supports cross-tenant enforcement of Intune App Protection Policies through Intune Mobile Application Management. Organizations can apply data loss prevention controls to Edge work profiles even on devices managed … More →

The post Microsoft Edge 145 lands with major enterprise security upgrades appeared first on Help Net Security.

Securonix announced Sam, the AI SOC Analyst, and the Securonix Agentic Mesh, introducing a new operating model for security operations that scales analyst productivity, governs AI in production, and delivers board-ready outcomes. At a time when security operations are overwhelmed by alert volume, analyst shortages, and rising SIEM costs, Securonix is shifting the conversation from AI features and consumption metrics to measurable work delivered. With Sam and Agentic Mesh, security leaders can now quantify how … More →

The post Securonix shifts security operations to measurable AI-driven productivity appeared first on Help Net Security.

For years, ransomware encryption functioned as the industry’s alarm bell. When systems locked up, defenders knew an attack had occurred. Not anymore. New empirical data show that attackers are actively dismantling that signal. According to Picus Security’s Red Report 2026, adversaries are no longer optimizing for disruption; they’re optimizing for residency. Based on a thorough analysis of more than 1.1 million malicious files and 15.5 million adversarial actions from 2025, this year’s report documents a … More →

The post The era of the Digital Parasite: Why stealth has replaced ransomware appeared first on Help Net Security.

Cloud Range has introduced its AI Validation Range, a secure, contained virtual cyber range that enables organizations to test, train, and validate AI models, applications, and autonomous agents without risking exposure of sensitive production data. AI adoption is accelerating faster than most organizations can meaningfully validate its security. Security teams are asked to integrate and defend AI systems that they didn’t design and can’t safely evaluate in production. With AI Validation Range, organizations can verify … More →

The post Cloud Range launches AI Validation Range to safely test and secure AI before deployment appeared first on Help Net Security.

Threat actors have leveraged legitimate email notification feature of Atlassian Jira to deliver localized scam emails at scale. The emails From late December 2025 through late January 2026, victims were targeted with spam emails from legitimate-looking Atlassian Jira Cloud addresses. Organizations already using Jira were specifically targeted: the attackers selected domains known to have active Jira instances, which means recipients would be used to receiving Jira notifications. The subject lines contained promises of gifts and … More →

The post Scammers exploit trust in Atlassian Jira to target organizations appeared first on Help Net Security.

Notepad++, the popular text and source code editor for Windows whose update mechanism was hijacked last year,

The post Notepad++ secures update channel in wake of supply chain compromise appeared first on Help Net Security.

Attackers often gain access through routine workflows like email logins, browser sessions, and SaaS integrations. A single stolen credential can give them a quick path to move across systems when access permissions are broad and visibility is fragmented. That pattern appears across more than 750 incident response engagements covered in Unit 42’s Global Incident Response Report 2026. In 87% of cases, attacker activity crossed multiple attack surfaces, meaning investigators had to trace behavior across endpoints, … More →

The post One stolen credential is all it takes to compromise everything appeared first on Help Net Security.

Qodo has unveiled an intelligent Rules System for AI governance that replaces static, manually maintained rule files with a governance layer that automatically generates rules from real code patterns and past review decisions, continuously maintains rule health, enforces them in every code review, and measures their real-world impact. As AI accelerates software development, governance has become a growing risk for the modern enterprise. Coding standards exist as hard-to-enforce instructions and siloed rule files that degrade … More →

The post Qodo unveils AI-driven governance system for code quality control appeared first on Help Net Security.

Enterprise security teams rely on open source across infrastructure, development pipelines, and production applications, even when they do not track it as a separate category of technology. Open source has become a default building block in many environments, and the operational risks now look like standard enterprise security problems: patch delays, version sprawl, and aging platforms that stay online longer than planned. TuxCare’s 2026 Open Source Landscape Report describes an open source footprint that continues … More →

The post Everyone uses open source, but patching still moves too slowly appeared first on Help Net Security.

In this Help Net Security video, Dieter Van Putte, CTO at Landmark Global, discusses how cybersecurity has become a core part of global supply chain operations. He explains that logistics is now also about data moving between carriers, customs authorities, warehouses, brokers, and customers. That constant flow increases risk and expands the attack surface. Van Putten outlines key security priorities, including encrypted data transfers, secure APIs, strict access control, and data minimization. He stresses that … More →

The post Cybersecurity in cross-border logistics operations appeared first on Help Net Security.

AI agent frameworks are being used to automate work that involves tools, files, and external services. That type of automation creates security questions around what an agent can access, what it can change, and how teams can detect risky behavior. SecureClaw is an open-source project that adds security auditing and rule-based controls to OpenClaw agent environments. The tool is published by Adversa AI and is designed to work with OpenClaw and related agents such as … More →

The post SecureClaw: Dual stack open-source security plugin and skill for OpenClaw appeared first on Help Net Security.

Can cloud-based password managers that claim “zero-knowledge encryption” keep users’ passwords safe even if their encrypted-vault servers are compromised? Researchers at ETH Zurich and Università della Svizzera italiana set out to answer that question, and the answer is (unfortunately) no. Attack paths against encrypted vaults Cloud-based password managers store users’s passwords in a password vault, which is created and encrypted by the user’s client software by using a cryptographic key derived from the user’s master … More →

The post Design weaknesses in major password managers enable vault attacks, researchers say appeared first on Help Net Security.

Palo Alto Networks has entered into a definitive agreement to acquire Koi, giving enterprises the power to finally see and protect the AI-native ecosystem that defines modern work. The new imperative: Agentic endpoint security Traditional security was built to stop malicious files, but AI agents and tools can actively read, write, and move data. Attackers are chaining exploits in agent frameworks — from authentication bypass to API-based remote code execution — while spoofing agent identities … More →

The post Palo Alto Networks intends to acquire Koi, advancing agentic endpoint security appeared first on Help Net Security.

Booz Allen Hamilton has entered into a definitive agreement to acquire Defy Security as a wholly owned subsidiary. The acquisition will expand delivery of end-to-end, tech-enabled cybersecurity solutions for U.S. and international enterprises across financial services, healthcare and life sciences, manufacturing, technology, energy, retail, and other sectors. Defy Security’s customer base, sales expertise, and vendor relationships will complement Booz Allen’s industry knowledge and tradecraft across commercial and federal markets. The combination will expand its ability … More →

The post Booz Allen to acquire Defy Security, expanding global cyber reach appeared first on Help Net Security.

ManageEngine has added new causal intelligence and autonomous AI capabilities in Site24x7, its full-stack observability platform. These enhancements transform how enterprises handle outages, shifting from firefighting to autonomous resilience. By reducing mean time to recovery (MTTR) and ensuring service-level agreement (SLA) compliance, Site24x7 helps IT teams safeguard the customer experience and retain trust. IT environments are increasingly fragmented across hybrid clouds, microservices, and dynamic networks, generating massive volumes of telemetry and predictive anomaly signals every … More →

The post ManageEngine adds causal and autonomous AI to Site24x7 to cut MTTR appeared first on Help Net Security.

Malwarebytes has expanded the availability of its scam detection tool Scam Guard to desktop for both Windows and Mac. The free scam protection tool provides real-time feedback on scams, threats and malware alongside digital safety recommendations. Scams have become a global crisis, draining $442 billion from consumers over the past year, according to GASA’s Global State of Scams 2025 report. Even though more than half of adults encounter scams daily, two-thirds of people can’t tell … More →

The post Malwarebytes brings Scam Guard to desktop with real-time scam protection appeared first on Help Net Security.

Ready to get certified but not sure where to start? Get insider tips and tricks on what to do from day one to test day. Join ISC2-certified instructors and an audience of your peers for this live interactive webinar on February 20, 2026 at 7:00 PM CET. Find out what to do in the months, weeks, days and hours leading up to your exam. Attend webinar: Power up your exam prep!

The post ISC2 webinar: Power up your exam prep! appeared first on Help Net Security.

In many industrial environments, internet-facing gateways, remote access appliances, and boundary systems sit close enough to production networks that attackers can move from IT intrusion to operational disruption with limited resistance. Dragos’ 2026 OT/ICS Year in Review describes a threat landscape where adversaries are spending more time learning how physical processes work and less time treating OT access as a passive foothold. A shift in 2025 involved multiple state-aligned groups moving into control-loop mapping. That … More →

The post OT teams are losing the time advantage against industrial threat actors appeared first on Help Net Security.