Terra Portal Adds Human-Governed AI to Live Production Pentesting
Terra Security unveiled Terra Portal, a desktop app that places human‑governed AI at the core of live‑production penetration testing. The tool combines autonomous agents for routine tasks with a Copilot layer for controlled exploitation, shrinking the discovery‑to‑fix timeline from months to hours. By preserving safety and compliance, it enables firms to meet CISA’s 15‑day remediation rule. The platform also lets service providers shift from project‑based work to continuous, scalable offensive security services.
Armadin Secures $189.9 Million to Counter AI-Driven Cyber Threats
Armadin announced a $189.9 million seed and Series A round, the largest combined funding ever in cybersecurity, led by Accel with participation from Google Ventures, Kleiner Perkins, Menlo Ventures, In‑Q‑Tel, 8VC and Ballistic Ventures. The capital will accelerate its AI‑driven platform that...
Teen Crew Caught Selling DDoS Attack Tools
Poland’s Central Bureau for Combating Cybercrime identified seven minors, aged 12 to 16, who sold software that enables distributed denial‑of‑service (DDoS) attacks. The teenagers targeted high‑traffic sites such as auction platforms, hosting services and booking portals, generating profit from the...
This Spy Tool Has Been Quietly Stealing Data for Years
ESET researchers have uncovered a renewed Sednit campaign that relies on a dual‑implant architecture—BeardShell and the open‑source framework Covenant—each hosted on separate cloud providers for redundancy. The toolkit has been used to conduct long‑term surveillance of Ukrainian military personnel since...
Fake Claude Code Install Pages Highlight Rise of “InstallFix” Attacks
Security researchers at Push Security discovered that attackers are publishing counterfeit Anthropic Claude Code installation pages. These look‑alike sites, promoted through paid Google ads, replace legitimate install commands with malicious scripts that download the Amatera stealer on Windows and comparable malware...
Turning Expertise Into Opportunity for Women in Cybersecurity
SheSpeaksCyber, a free directory launched by the Women4Cyber Foundation, connects event organizers with thousands of qualified women in cybersecurity. The platform targets 1,000 published speaker profiles by 2027 and aims for 50 percent female representation on conference stages by 2030. By...
Microsoft Working on Teams Feature to Keep Unauthorized Bots at Bay
Microsoft announced a new Teams feature that will let meeting admins identify and control third‑party bots before they join meetings, rolling out in May 2026 across desktop, macOS, Linux, iOS, and Android. The tool displays external bots waiting in the lobby...
Hexnode IdP Brings Device-Aware Authentication and Zero Trust to Enterprise Access
Hexnode has launched Hexnode IdP, a native identity provider embedded within its unified endpoint management (UEM) platform. The solution combines authentication, single sign‑on, MFA and role‑based access with real‑time device posture checks, allowing only compliant devices to access corporate applications....
Cyolo PRO 7.0 Expands OT-First Secure Remote Access with AI Session Intelligence
Cyolo has launched Cyolo PRO 7.0, an upgrade that extends its OT‑first secure remote access platform with AI‑driven session intelligence, passive asset and traffic discovery, and a consolidated operational dashboard. The AI engine automatically transcribes session video, categorizing user actions to speed...
March 2026 Patch Tuesday Forecast: Is AI Security an Oxymoron?
Developers are increasingly embedding AI into software, but the tools themselves are proving vulnerable, highlighted by Google’s Gemini AI flaw in Chrome (CVE‑2026‑0628) with an 8.8 CVSS score. Malicious AI‑powered browser extensions are also surfacing, harvesting data from unsuspecting users....
Backup Strategies Are Working, and Ransomware Gangs Are Responding with Data Theft
Business email compromise (BEC) and funds transfer fraud (FTF) accounted for 58% of cyber‑insurance claims in 2025, with BEC alone representing 31% of all claims. Average BEC loss fell 28% to $27,000 and FTF loss dropped 14% to $141,000, while...
Why Phishing Still Works Today
Gal Livschitz, senior penetration tester at Terra Security, explains how phishing has become harder to detect by leveraging HTTPS, branded look‑alike domains, and sophisticated delivery methods. He highlights the rise of QR‑based phishing in PDFs, MFA‑fatigue attacks that pressure users...
What Happens when AI Teams Compete Against Human Hackers
The NeuroGrid competition, hosted on Hack The Box, pitted 120 AI‑augmented teams against 958 human‑only teams across 36 security challenges. AI‑augmented participants completed 73% of challenges, far outpacing the 46% completion rate of human‑only teams. The advantage was strongest on...
Codenotary Trust Delivers Autonomous AI Security for Linux and Kubernetes
Codenotary unveiled Codenotary Trust, a SaaS platform that leverages artificial intelligence to detect, prioritize, and autonomously remediate security, configuration, and performance issues across Linux, containers, VMs, and applications. The solution is built for junior and mid‑level administrators, addressing the talent gap...
Push Security Adds Malicious Browser Extension Detection to Block Threats in Employee Browsers
Push Security has introduced a malicious browser‑extension detection and blocking feature within its browser‑based security platform. The capability leverages a continuously updated intelligence database to automatically block known‑bad extensions and provide real‑time visibility into all extensions across employee browsers. Administrators...
Digital.ai Expands Post-Build Protection for Android and iOS Applications
Digital.ai unveiled Quick Protect Agent v2, an LLM‑enhanced solution that adds AI‑powered post‑build hardening for Android and iOS apps. The tool automatically applies code‑aware obfuscation and other security controls after the build, requiring no source changes and integrating with Digital.ai...
Tufin’s AI-Powered Tools Simplify Network Security Operations
Tufin unveiled a suite of AI‑powered tools, including four new assistants and an Executive Dashboard, built on its TufinAI engine. The assistants automate rule searches, device discovery, compliance exception analysis, and access‑request handling via natural‑language prompts. Integrated with Tufin’s Unified...
Webinar: The True State of Security 2026
Storyblok’s "True State of Security 2026" webinar brings together its VP of Engineering, Information Security Manager, and content marketer to challenge the prevailing AI‑centric security narrative. The presenters argue that AI, while a genuine risk, has become a costly distraction,...
Over 1,200 IceWarp Servers Still Vulnerable to Unauthenticated RCE Flaw (CVE-2025-14500)
A critical unauthenticated remote code execution flaw (CVE-2025-14500) affects IceWarp's business communication platform, allowing attackers to execute OS commands as root or SYSTEM. The vulnerability, rooted in improper handling of the X‑File‑Operation header, was disclosed in September 2025 and patched...
Njordium Vendor Management System Eliminates Duplicate Third-Party Assessments
Njordium Cyber Group unveiled its Vendor Management System (VMS), a platform that consolidates third‑party risk assessments to satisfy Europe’s overlapping regulations in a single run. The solution claims to replace up to five parallel assessments with one, automatically generating outputs...
ArmorCode AI Exposure Management Identifies, Governs, and Reduces Shadow AI Risk
ArmorCode introduced AI Exposure Management (AIEM) on its Agentic AI Platform, expanding its unified exposure management suite. AIEM continuously ingests AI usage signals from security tools, creating a centralized inventory and assigning ownership to mitigate shadow AI. The solution offers...
Arkose Device ID Uses AI to Recognize Devices Across Changing Fingerprints
Arkose Labs unveiled the latest version of Arkose Device ID within its Arkose Titan platform, adding AI‑driven similarity analysis to traditional exact‑match identification. The enhancement allows persistent device recognition even as fingerprints evolve, reducing fraud from identity‑fragmentation attacks while keeping...
Josys Centralizes Identity Data to Replace Manual IT Oversight with Automated Governance
Josys has evolved into an autonomous identity governance platform that centralizes identity data from any source into a single AI‑driven system. The solution automates access reviews, lifecycle updates, and over‑permissioned user remediation, eliminating manual IT oversight. Its AI Integration Builder...
Secure by Design: Building Security in at the Beginning
Secure by Design is a holistic methodology that embeds security from the earliest stages of system and software conception, shifting protection from a reactive afterthought to a proactive design principle. CIS and SAFECode collaborate to provide measurable guidance, translating standards...
NetQuest Launches NetworkLens for Hyperscale AI Threat Detection
NetQuest unveiled NetworkLens, a portfolio of hyperscale, real‑time network intelligence datasets designed for AI‑driven cyber threat detection. The datasets are continuously generated by the NetQuest Streaming Network Sensor, which captures wire‑speed traffic and transforms it into structured records covering application...
PureLiFi Unveils LiFi Architecture to Extend Gigabit Capacity Indoors
pureLiFi introduced a high‑bandwidth LiFi architecture capable of 10 Gbps indoor data rates, targeting the fixed wireless access (FWA) market. The company unveiled the Bridge XC Flex, a plug‑and‑play bridge that delivers gigabit broadband through windows without drilling, and announced partnerships with 5G...
BlacksmithAI: Open-Source AI-Powered Penetration Testing Framework
BlacksmithAI is an open‑source penetration testing framework that orchestrates multiple AI agents to handle each phase of a security assessment, from reconnaissance to post‑exploitation. The system uses a lightweight shared mini‑Kali container, FastAPI, and pre‑configured Docker images to keep resource...
When Cyber Threats Start Thinking for Themselves
Autonomous AI agents are reshaping cyber threats, allowing attacks to operate without human direction. Jason Rivera of SimSpace explains that these agents can sustain phishing campaigns, discover network paths automatically, and modify malware behavior on the fly. The shift forces...
Android 17 Second Beta Expands Privacy Controls for Contacts, SMS and Local Networks
Google’s Android 17 second beta adds system‑level privacy tools, including a Contacts Picker that grants apps access only to user‑selected contacts and an EyeDropper API that reads screen colors without screen‑capture permission. A new ACCESS_LOCAL_NETWORK runtime permission controls LAN device...
Illumio Insights Brings Agentless Visibility and Breach Containment to Hybrid Environments
Illumio announced Illumio Insights, an agent‑less solution that ingests real‑time telemetry from Check Point and Fortinet firewalls to create live traffic maps across data‑center and cloud environments. The platform converts existing firewall data into visibility without installing software agents, extending...
Oculeus 2FN Authenticates Calls in Real Time to Stop CLI Spoofing
Oculeus has launched its Two Factor Network (2FN) solution, giving telcos a real‑time framework to authenticate caller identity and stop CLI spoofing. The system creates a parallel verification path with digital signatures that peer‑to‑peer carriers exchange during call setup. Industry...
AWS Security Hub Extended Brings Enterprise Security Under One Roof
AWS Security Hub Extended introduces a bundled plan that lets enterprises procure, deploy, and manage a full‑stack security suite covering endpoints, identity, email, network, data, browsers, cloud, AI, and security operations from a single console. The offering expands protection beyond...
Telegram Rises to Top Spot in Job Scam Activity
Revolut’s latest report shows encrypted messaging apps now dominate Authorised Push Payment (APP) fraud, with Telegram accounting for over 58% of job‑related scams. The platform’s share of total APP fraud rose more than 30% year‑over‑year, overtaking WhatsApp in several categories....
Wireshark 4.6.4 Resolves Dissector Flaws, Plugin Compatibility Issue
Wireshark 4.6.4 releases address two critical dissector vulnerabilities—a crash in the HTTP3 dissector and an infinite loop in the MEGACO dissector. The update also resolves a plugin compatibility problem introduced by an API/ABI change in version 4.6.1, restoring functionality for...
Intellicheck Desktop Application Helps Organizations Combat Identity Theft
Intellicheck launched an enriched Desktop Application that lets organizations of any size stop identity theft and fraud instantly, without needing system integration. The solution works with existing scanners, incurs minimal cost, and stores transaction history securely in the cloud via...
Netskope NewEdge AI Fast Path Reduces Latency for Enterprise AI Workloads
Netskope introduced NewEdge AI Fast Path, a suite of network‑optimizing capabilities that route AI traffic through low‑latency, secure paths across public, private and neo‑cloud environments. The service cuts time‑to‑first‑token for conversational models, speeds up multi‑prompt agentic workflows, and enhances retrieval‑augmented...
SentinelOne Addresses Identity Risk Across Endpoints, Browsers, and AI Workflows
SentinelOne launched the Singularity Identity portfolio to protect non‑human identities such as AI agents, service accounts, APIs, and workloads. The solution moves beyond static authentication, requiring continuous validation of intent across endpoints, browsers, and AI workflows. By tying identity data...
Veza Expands Platform with AI Access Agents for Enterprise Identity Governance
Veza announced the launch of Veza Access Agents, AI‑driven tools that automate identity and access governance for both human users and autonomous AI agents. The agents, built on AWS Bedrock, provide natural‑language interfaces for risk queries, permission visualizations, and AI‑assisted...
CloudCasa Expands Red Hat OpenShift Data Protection Across Edge and Hybrid Cloud
CloudCasa has upgraded its backup and recovery platform to better serve Red Hat OpenShift deployments across core, edge, and hybrid cloud environments. The update adds native SMB protocol support as a backup target, letting customers use existing SMB storage or operator‑deployed...
Windows 365 for Agents Brings Managed Cloud PCs to Autonomous Workflows
Microsoft introduced Windows 365 for Agents, a cloud platform that lets AI agents securely access managed cloud PCs without handling underlying infrastructure. Built on Azure virtual machines, the service leverages Microsoft Intune and Entra ID for device management and identity, offering shared PC...
International Operation Dismantles Fraud Network, €400,000 Seized
An Eurojust‑backed international operation dismantled a fraudulent call centre operating from three offices in Dnipro, arresting 11 suspects and seizing more than €400,000 in cash along with electronic equipment. Victims in Latvia and Lithuania reported losses exceeding €160,000 after being...
Binding Operational Directive 26-02 Sets Deadlines for Edge Device Replacement
CISA’s Binding Operational Directive 26‑02 obliges all federal agencies to inventory, report, decommission, and replace unsupported edge devices such as firewalls, routers, switches, load balancers, and wireless access points. Agencies have three months to identify vulnerable equipment and twelve to eighteen...
Cybersecurity Jobs Available Right Now: February 24, 2026
The February 24 2026 roundup highlights a surge of cybersecurity openings across North America, Europe, the Middle East, and Asia‑Pacific. Roles span application security, cloud security, product security, and OT/ICS specialties, with many positions emphasizing AI‑driven threat detection and zero‑trust architectures. Companies...
The Hidden Security Cost of Treating Labs Like Data Centers
In a Help Net Security interview, Rich Kellen, VP‑CISO of IFF, warns that treating operational technology (OT) labs like conventional IT data centers creates hidden security risks that can corrupt scientific results and endanger safety. He explains that OT environments...
LLMs Change Their Answers Based on Who’s Asking
A MIT Center for Constructive Communication study reveals that leading large language models—GPT‑4, Claude 3 Opus, and Llama 3‑8B—alter answer quality based on perceived user traits. When prompted with biographies suggesting lower education, non‑native English proficiency, or foreign nationality, all three models show...
Security Compass Brings Policy-Driven Security and Compliance to Agentic AI Development
Security Compass unveiled SD Elements for Agentic AI Workflow, a platform that embeds policy‑driven security and compliance checks directly into AI‑assisted software development. The solution automatically generates, validates, and records evidence that both human developers and autonomous AI agents adhere to...
The CISO View of Fraud Risk Across the Retail Payment Ecosystem
In a Help Net Security interview, Paul Suarez, VP and CISO of Casey’s, explains that fuel‑payment hardware receives the same disciplined patching and modernization approach as other retail technology. He warns that QR‑code payment methods create fresh fraud opportunities, prompting...
Applying Green Energy Tax Policies to Improve Cybersecurity
Governments are proposing to mirror green‑energy tax incentives to boost cybersecurity, pairing financial rewards with a digital trust label similar to ENERGY STAR. The model would grant tax credits or rebates to firms that achieve the label, encouraging security‑by‑design across...
CYBERSPAN Brings AI-Driven, Agentless Network Detection to MSSP Environments
IntelliGenesis launched CYBERSPAN, an AI‑driven network detection and response solution tailored for managed security service providers. The platform offers a multi‑tenant, agentless architecture that can be deployed on‑premises or in the cloud, integrating with existing SIEM, SOAR and ticketing tools...
Lasso’s Intent Deputy Secures AI Agents Through Real-Time Behavioral Intent Analysis
Lasso Security unveiled Intent Deputy, a runtime behavioral‑intent framework that secures autonomous AI agents by interpreting their decision flow and operational context. The solution claims 99.83% threat detection at sub‑50 ms latency and a 570‑fold cost advantage over cloud‑native guardrails. By...