What Happens when AI Teams Compete Against Human Hackers
The NeuroGrid competition, hosted on Hack The Box, pitted 120 AI‑augmented teams against 958 human‑only teams across 36 security challenges. AI‑augmented participants completed 73% of challenges, far outpacing the 46% completion rate of human‑only teams. The advantage was strongest on medium‑difficulty tasks and in structured domains such as Secure Coding, while elite human teams still outperformed AI on the hardest problems. Speed differentials favored AI at the elite tier, making AI a potent speed multiplier for top performers.
Codenotary Trust Delivers Autonomous AI Security for Linux and Kubernetes
Codenotary unveiled Codenotary Trust, a SaaS platform that leverages artificial intelligence to detect, prioritize, and autonomously remediate security, configuration, and performance issues across Linux, containers, VMs, and applications. The solution is built for junior and mid‑level administrators, addressing the talent gap...
Push Security Adds Malicious Browser Extension Detection to Block Threats in Employee Browsers
Push Security has introduced a malicious browser‑extension detection and blocking feature within its browser‑based security platform. The capability leverages a continuously updated intelligence database to automatically block known‑bad extensions and provide real‑time visibility into all extensions across employee browsers. Administrators...
Digital.ai Expands Post-Build Protection for Android and iOS Applications
Digital.ai unveiled Quick Protect Agent v2, an LLM‑enhanced solution that adds AI‑powered post‑build hardening for Android and iOS apps. The tool automatically applies code‑aware obfuscation and other security controls after the build, requiring no source changes and integrating with Digital.ai...
Tufin’s AI-Powered Tools Simplify Network Security Operations
Tufin unveiled a suite of AI‑powered tools, including four new assistants and an Executive Dashboard, built on its TufinAI engine. The assistants automate rule searches, device discovery, compliance exception analysis, and access‑request handling via natural‑language prompts. Integrated with Tufin’s Unified...
Webinar: The True State of Security 2026
Storyblok’s "True State of Security 2026" webinar brings together its VP of Engineering, Information Security Manager, and content marketer to challenge the prevailing AI‑centric security narrative. The presenters argue that AI, while a genuine risk, has become a costly distraction,...
Over 1,200 IceWarp Servers Still Vulnerable to Unauthenticated RCE Flaw (CVE-2025-14500)
A critical unauthenticated remote code execution flaw (CVE-2025-14500) affects IceWarp's business communication platform, allowing attackers to execute OS commands as root or SYSTEM. The vulnerability, rooted in improper handling of the X‑File‑Operation header, was disclosed in September 2025 and patched...
Njordium Vendor Management System Eliminates Duplicate Third-Party Assessments
Njordium Cyber Group unveiled its Vendor Management System (VMS), a platform that consolidates third‑party risk assessments to satisfy Europe’s overlapping regulations in a single run. The solution claims to replace up to five parallel assessments with one, automatically generating outputs...
ArmorCode AI Exposure Management Identifies, Governs, and Reduces Shadow AI Risk
ArmorCode introduced AI Exposure Management (AIEM) on its Agentic AI Platform, expanding its unified exposure management suite. AIEM continuously ingests AI usage signals from security tools, creating a centralized inventory and assigning ownership to mitigate shadow AI. The solution offers...
Arkose Device ID Uses AI to Recognize Devices Across Changing Fingerprints
Arkose Labs unveiled the latest version of Arkose Device ID within its Arkose Titan platform, adding AI‑driven similarity analysis to traditional exact‑match identification. The enhancement allows persistent device recognition even as fingerprints evolve, reducing fraud from identity‑fragmentation attacks while keeping...
Josys Centralizes Identity Data to Replace Manual IT Oversight with Automated Governance
Josys has evolved into an autonomous identity governance platform that centralizes identity data from any source into a single AI‑driven system. The solution automates access reviews, lifecycle updates, and over‑permissioned user remediation, eliminating manual IT oversight. Its AI Integration Builder...
Secure by Design: Building Security in at the Beginning
Secure by Design is a holistic methodology that embeds security from the earliest stages of system and software conception, shifting protection from a reactive afterthought to a proactive design principle. CIS and SAFECode collaborate to provide measurable guidance, translating standards...
NetQuest Launches NetworkLens for Hyperscale AI Threat Detection
NetQuest unveiled NetworkLens, a portfolio of hyperscale, real‑time network intelligence datasets designed for AI‑driven cyber threat detection. The datasets are continuously generated by the NetQuest Streaming Network Sensor, which captures wire‑speed traffic and transforms it into structured records covering application...
PureLiFi Unveils LiFi Architecture to Extend Gigabit Capacity Indoors
pureLiFi introduced a high‑bandwidth LiFi architecture capable of 10 Gbps indoor data rates, targeting the fixed wireless access (FWA) market. The company unveiled the Bridge XC Flex, a plug‑and‑play bridge that delivers gigabit broadband through windows without drilling, and announced partnerships with 5G...
BlacksmithAI: Open-Source AI-Powered Penetration Testing Framework
BlacksmithAI is an open‑source penetration testing framework that orchestrates multiple AI agents to handle each phase of a security assessment, from reconnaissance to post‑exploitation. The system uses a lightweight shared mini‑Kali container, FastAPI, and pre‑configured Docker images to keep resource...
When Cyber Threats Start Thinking for Themselves
Autonomous AI agents are reshaping cyber threats, allowing attacks to operate without human direction. Jason Rivera of SimSpace explains that these agents can sustain phishing campaigns, discover network paths automatically, and modify malware behavior on the fly. The shift forces...
Android 17 Second Beta Expands Privacy Controls for Contacts, SMS and Local Networks
Google’s Android 17 second beta adds system‑level privacy tools, including a Contacts Picker that grants apps access only to user‑selected contacts and an EyeDropper API that reads screen colors without screen‑capture permission. A new ACCESS_LOCAL_NETWORK runtime permission controls LAN device...
Illumio Insights Brings Agentless Visibility and Breach Containment to Hybrid Environments
Illumio announced Illumio Insights, an agent‑less solution that ingests real‑time telemetry from Check Point and Fortinet firewalls to create live traffic maps across data‑center and cloud environments. The platform converts existing firewall data into visibility without installing software agents, extending...
Oculeus 2FN Authenticates Calls in Real Time to Stop CLI Spoofing
Oculeus has launched its Two Factor Network (2FN) solution, giving telcos a real‑time framework to authenticate caller identity and stop CLI spoofing. The system creates a parallel verification path with digital signatures that peer‑to‑peer carriers exchange during call setup. Industry...
AWS Security Hub Extended Brings Enterprise Security Under One Roof
AWS Security Hub Extended introduces a bundled plan that lets enterprises procure, deploy, and manage a full‑stack security suite covering endpoints, identity, email, network, data, browsers, cloud, AI, and security operations from a single console. The offering expands protection beyond...
Telegram Rises to Top Spot in Job Scam Activity
Revolut’s latest report shows encrypted messaging apps now dominate Authorised Push Payment (APP) fraud, with Telegram accounting for over 58% of job‑related scams. The platform’s share of total APP fraud rose more than 30% year‑over‑year, overtaking WhatsApp in several categories....
Wireshark 4.6.4 Resolves Dissector Flaws, Plugin Compatibility Issue
Wireshark 4.6.4 releases address two critical dissector vulnerabilities—a crash in the HTTP3 dissector and an infinite loop in the MEGACO dissector. The update also resolves a plugin compatibility problem introduced by an API/ABI change in version 4.6.1, restoring functionality for...
Intellicheck Desktop Application Helps Organizations Combat Identity Theft
Intellicheck launched an enriched Desktop Application that lets organizations of any size stop identity theft and fraud instantly, without needing system integration. The solution works with existing scanners, incurs minimal cost, and stores transaction history securely in the cloud via...
Netskope NewEdge AI Fast Path Reduces Latency for Enterprise AI Workloads
Netskope introduced NewEdge AI Fast Path, a suite of network‑optimizing capabilities that route AI traffic through low‑latency, secure paths across public, private and neo‑cloud environments. The service cuts time‑to‑first‑token for conversational models, speeds up multi‑prompt agentic workflows, and enhances retrieval‑augmented...
SentinelOne Addresses Identity Risk Across Endpoints, Browsers, and AI Workflows
SentinelOne launched the Singularity Identity portfolio to protect non‑human identities such as AI agents, service accounts, APIs, and workloads. The solution moves beyond static authentication, requiring continuous validation of intent across endpoints, browsers, and AI workflows. By tying identity data...
Veza Expands Platform with AI Access Agents for Enterprise Identity Governance
Veza announced the launch of Veza Access Agents, AI‑driven tools that automate identity and access governance for both human users and autonomous AI agents. The agents, built on AWS Bedrock, provide natural‑language interfaces for risk queries, permission visualizations, and AI‑assisted...
CloudCasa Expands Red Hat OpenShift Data Protection Across Edge and Hybrid Cloud
CloudCasa has upgraded its backup and recovery platform to better serve Red Hat OpenShift deployments across core, edge, and hybrid cloud environments. The update adds native SMB protocol support as a backup target, letting customers use existing SMB storage or operator‑deployed...
Windows 365 for Agents Brings Managed Cloud PCs to Autonomous Workflows
Microsoft introduced Windows 365 for Agents, a cloud platform that lets AI agents securely access managed cloud PCs without handling underlying infrastructure. Built on Azure virtual machines, the service leverages Microsoft Intune and Entra ID for device management and identity, offering shared PC...
International Operation Dismantles Fraud Network, €400,000 Seized
An Eurojust‑backed international operation dismantled a fraudulent call centre operating from three offices in Dnipro, arresting 11 suspects and seizing more than €400,000 in cash along with electronic equipment. Victims in Latvia and Lithuania reported losses exceeding €160,000 after being...
Binding Operational Directive 26-02 Sets Deadlines for Edge Device Replacement
CISA’s Binding Operational Directive 26‑02 obliges all federal agencies to inventory, report, decommission, and replace unsupported edge devices such as firewalls, routers, switches, load balancers, and wireless access points. Agencies have three months to identify vulnerable equipment and twelve to eighteen...
Cybersecurity Jobs Available Right Now: February 24, 2026
The February 24 2026 roundup highlights a surge of cybersecurity openings across North America, Europe, the Middle East, and Asia‑Pacific. Roles span application security, cloud security, product security, and OT/ICS specialties, with many positions emphasizing AI‑driven threat detection and zero‑trust architectures. Companies...
The Hidden Security Cost of Treating Labs Like Data Centers
In a Help Net Security interview, Rich Kellen, VP‑CISO of IFF, warns that treating operational technology (OT) labs like conventional IT data centers creates hidden security risks that can corrupt scientific results and endanger safety. He explains that OT environments...
LLMs Change Their Answers Based on Who’s Asking
A MIT Center for Constructive Communication study reveals that leading large language models—GPT‑4, Claude 3 Opus, and Llama 3‑8B—alter answer quality based on perceived user traits. When prompted with biographies suggesting lower education, non‑native English proficiency, or foreign nationality, all three models show...
Security Compass Brings Policy-Driven Security and Compliance to Agentic AI Development
Security Compass unveiled SD Elements for Agentic AI Workflow, a platform that embeds policy‑driven security and compliance checks directly into AI‑assisted software development. The solution automatically generates, validates, and records evidence that both human developers and autonomous AI agents adhere to...
The CISO View of Fraud Risk Across the Retail Payment Ecosystem
In a Help Net Security interview, Paul Suarez, VP and CISO of Casey’s, explains that fuel‑payment hardware receives the same disciplined patching and modernization approach as other retail technology. He warns that QR‑code payment methods create fresh fraud opportunities, prompting...
Applying Green Energy Tax Policies to Improve Cybersecurity
Governments are proposing to mirror green‑energy tax incentives to boost cybersecurity, pairing financial rewards with a digital trust label similar to ENERGY STAR. The model would grant tax credits or rebates to firms that achieve the label, encouraging security‑by‑design across...
CYBERSPAN Brings AI-Driven, Agentless Network Detection to MSSP Environments
IntelliGenesis launched CYBERSPAN, an AI‑driven network detection and response solution tailored for managed security service providers. The platform offers a multi‑tenant, agentless architecture that can be deployed on‑premises or in the cloud, integrating with existing SIEM, SOAR and ticketing tools...
Lasso’s Intent Deputy Secures AI Agents Through Real-Time Behavioral Intent Analysis
Lasso Security unveiled Intent Deputy, a runtime behavioral‑intent framework that secures autonomous AI agents by interpreting their decision flow and operational context. The solution claims 99.83% threat detection at sub‑50 ms latency and a 570‑fold cost advantage over cloud‑native guardrails. By...
Microsoft Defender Update Lets SOC Teams Manage, Vet Response Tools
Microsoft Defender now includes a Library Management feature that lets security operations centers (SOCs) organize, preview, and control the scripts and tools used in live response. Analysts can upload PowerShell, batch, and other response files ahead of investigations, making them...
AWS Coding Agents Gain New Plugin Support Across Development Tools
AWS introduced Agent Plugins, a framework that equips AI coding assistants with native AWS capabilities. The initial "deploy‑to‑AWS" plugin lets developers issue natural‑language prompts to generate architecture recommendations, cost estimates, and infrastructure‑as‑code templates. It currently integrates with Claude Code and...
The Defense Industrial Base Is a Prime Target for Cyber Disruption
Cyber adversaries are moving beyond classic espionage to disrupt the defense industrial base (DIB), aiming to cripple production capacity and supply chains. Attackers now target everything from large primes to niche startups, especially firms with dual‑use technologies, using ransomware and...
Everyone Uses Open Source, but Patching Still Moves Too Slowly
Enterprise security teams now rely on open source for core infrastructure, development pipelines, and production applications, yet patching cycles remain sluggish. TuxCare’s 2026 Open Source Landscape Report shows that 60% of recent incidents involved known vulnerabilities that were not patched...
REMnux V8 Brings AI Integration to the Linux Malware Analysis Toolkit
REMnux released version 8, rebuilt on Ubuntu 24.04 LTS, and introduces a new Cast‑based installer that handles fresh deployments, upgrades, and container installs. The highlight is the REMnux MCP server, which implements the Model Context Protocol to connect AI agents with the...
Passwork 7.4 Enhances Enterprise Security with Centralized User Vault Restrictions
Passwork has launched version 7.4, adding centralized restrictive settings for User vaults. Administrators can now block adding users, sending passwords, creating links, and shortcuts across all personal vaults. The controls apply automatically to existing and new vaults, tightening data‑leak defenses and...
Microsoft Equips CISOs and AI Risk Leaders with a New Security Tool
Microsoft has launched a public‑preview Security Dashboard for AI, consolidating posture and real‑time risk signals from Microsoft Defender, Entra, and Purview into a single interface. The tool inventories AI assets—including models, agents, and third‑party applications—and surfaces AI‑related security risks in...
ChatGPT Gets New Security Feature to Fight Prompt Injection Attacks
OpenAI has added a Lockdown Mode and Elevated Risk labels to ChatGPT to mitigate prompt‑injection attacks and other security threats. Lockdown Mode restricts tool and network access, allowing admins to create dedicated roles that limit external interactions, initially for Enterprise,...
Apple Privacy Labels Often Don’t Match What Chinese Smart Home Apps Do
A new study of 49 Chinese smart‑home apps on Apple’s App Store reveals systematic gaps in by‑stander privacy and frequent mismatches between privacy policies, user‑interface controls, and App Store privacy labels. All apps require real‑name phone registration and collect a...
In GitHub’s Advisory Pipeline, some Advisories Move Faster than Others
A new study of 288,604 GitHub Security Advisories from 2019‑2025 shows that only about 8% (23,563) complete GitHub’s formal review process. Advisories created directly in repositories are reviewed far faster—median under one day—than those imported from the National Vulnerability Database,...
Don’t Panic over CISA’s KEV List, Use It Smarter
In a Help Net Security video, Tod Beardsley, VP of Security Research at runZero, explains CISA’s Known Exploited Vulnerabilities (KEV) Catalog and clears up common misconceptions. He notes that KEV entries vary in urgency, with some requiring local access and...
MOS: Open-Source Modular OS for Servers and Homelabs
MOS is an open‑source, modular operating system built on Devuan that targets homelab enthusiasts and small‑scale server operators. It unifies server monitoring, storage pooling, container orchestration, and virtualization behind a browser‑based dashboard and a REST/WebSocket API. The platform leverages mergerfs...
