Microsoft Defender Update Lets SOC Teams Manage, Vet Response Tools
Microsoft Defender now includes a Library Management feature that lets security operations centers (SOCs) organize, preview, and control the scripts and tools used in live response. Analysts can upload PowerShell, batch, and other response files ahead of investigations, making them instantly available when incidents arise. The interface also enables script content review and automated analysis by Microsoft Security Copilot, which supplies behavior summaries and risk context. Outdated or redundant scripts can be pruned, keeping the library audit‑friendly and streamlined.
AWS Coding Agents Gain New Plugin Support Across Development Tools
AWS introduced Agent Plugins, a framework that equips AI coding assistants with native AWS capabilities. The initial "deploy‑to‑AWS" plugin lets developers issue natural‑language prompts to generate architecture recommendations, cost estimates, and infrastructure‑as‑code templates. It currently integrates with Claude Code and...
The Defense Industrial Base Is a Prime Target for Cyber Disruption
Cyber adversaries are moving beyond classic espionage to disrupt the defense industrial base (DIB), aiming to cripple production capacity and supply chains. Attackers now target everything from large primes to niche startups, especially firms with dual‑use technologies, using ransomware and...
Everyone Uses Open Source, but Patching Still Moves Too Slowly
Enterprise security teams now rely on open source for core infrastructure, development pipelines, and production applications, yet patching cycles remain sluggish. TuxCare’s 2026 Open Source Landscape Report shows that 60% of recent incidents involved known vulnerabilities that were not patched...
REMnux V8 Brings AI Integration to the Linux Malware Analysis Toolkit
REMnux released version 8, rebuilt on Ubuntu 24.04 LTS, and introduces a new Cast‑based installer that handles fresh deployments, upgrades, and container installs. The highlight is the REMnux MCP server, which implements the Model Context Protocol to connect AI agents with the...
Passwork 7.4 Enhances Enterprise Security with Centralized User Vault Restrictions
Passwork has launched version 7.4, adding centralized restrictive settings for User vaults. Administrators can now block adding users, sending passwords, creating links, and shortcuts across all personal vaults. The controls apply automatically to existing and new vaults, tightening data‑leak defenses and...
Microsoft Equips CISOs and AI Risk Leaders with a New Security Tool
Microsoft has launched a public‑preview Security Dashboard for AI, consolidating posture and real‑time risk signals from Microsoft Defender, Entra, and Purview into a single interface. The tool inventories AI assets—including models, agents, and third‑party applications—and surfaces AI‑related security risks in...
ChatGPT Gets New Security Feature to Fight Prompt Injection Attacks
OpenAI has added a Lockdown Mode and Elevated Risk labels to ChatGPT to mitigate prompt‑injection attacks and other security threats. Lockdown Mode restricts tool and network access, allowing admins to create dedicated roles that limit external interactions, initially for Enterprise,...
Apple Privacy Labels Often Don’t Match What Chinese Smart Home Apps Do
A new study of 49 Chinese smart‑home apps on Apple’s App Store reveals systematic gaps in by‑stander privacy and frequent mismatches between privacy policies, user‑interface controls, and App Store privacy labels. All apps require real‑name phone registration and collect a...
In GitHub’s Advisory Pipeline, some Advisories Move Faster than Others
A new study of 288,604 GitHub Security Advisories from 2019‑2025 shows that only about 8% (23,563) complete GitHub’s formal review process. Advisories created directly in repositories are reviewed far faster—median under one day—than those imported from the National Vulnerability Database,...
Don’t Panic over CISA’s KEV List, Use It Smarter
In a Help Net Security video, Tod Beardsley, VP of Security Research at runZero, explains CISA’s Known Exploited Vulnerabilities (KEV) Catalog and clears up common misconceptions. He notes that KEV entries vary in urgency, with some requiring local access and...
MOS: Open-Source Modular OS for Servers and Homelabs
MOS is an open‑source, modular operating system built on Devuan that targets homelab enthusiasts and small‑scale server operators. It unifies server monitoring, storage pooling, container orchestration, and virtualization behind a browser‑based dashboard and a REST/WebSocket API. The platform leverages mergerfs...
Imprivata Delivers Passwordless Access to Improve Security, Compliance, and Productivity
Imprivata has expanded its Enterprise Access Management platform with context‑aware passwordless authentication, AI‑powered risk signaling, and behavioral analytics. The new suite supports FIDO passkeys, facial recognition, and zero‑trust VPN‑less remote access, aiming to streamline access for frontline staff and knowledge...
Portnox Expands ZTNA with Passwordless Access for RDP, SSH, and Enterprise Consoles
Portnox has broadened its zero‑trust network access (ZTNA) platform to include passwordless connectivity for console‑based protocols such as RDP, SSH, VNC and Telnet. The expansion removes credential‑based authentication, a vector behind roughly 80 % of data breaches, while preserving a frictionless...
BloodHound Scentry Helps Organizations Reduce Identity Risk and Close Attack Paths
SpecterOps has launched BloodHound Scentry, a managed service that pairs the BloodHound Enterprise platform with seasoned security practitioners to fast‑track identity attack‑path management (APM). The offering delivers tailored remediation, monthly threat analysis, privilege‑zone design, OpenGraph extensions, and custom reporting, promising...
Trojanized 7-Zip Downloads Turn Home Computers Into Proxy Nodes
Malwarebytes discovered a trojanized version of the popular 7‑Zip installer that silently adds proxyware payloads, turning compromised home computers into residential proxy nodes. The malicious installer is hosted on a look‑alike domain (7zip.com) and is often reached through erroneous links...
Armis Centrix Brings Unified, AI-Driven Application Security to the SDLC
Armis introduced Centrix for Application Security, an AI‑driven platform that unifies vulnerability detection across the entire software development lifecycle. The solution scans source code, dependencies, container images and configuration files in unlimited languages, delivering context‑aware insights tied to the CI/CD...
DuckDuckGo Enables AI Voice Chat without Saving Voice Data
DuckDuckGo has integrated AI-powered voice chat into its Duck.ai assistant, allowing users to converse with the model using spoken input. The company emphasizes that audio streams are processed in real time and are not stored after the session, with encryption...
How AI Is Reshaping Attack Path Analysis
Cybersecurity teams are drowning in disparate findings, while adversaries leverage AI to craft rapid attack chains. By integrating AI with the MITRE ATT&CK framework, organizations can generate dynamic heat maps that surface coverage gaps and model realistic attack paths. Platforms...
What Happens when Cybersecurity Knowledge Walks Out the Door
Andrew Northern, Principal Security Researcher at Censys, argues that mentorship is vital for preserving institutional memory and judgment under pressure in cybersecurity teams. He warns that when senior defenders disengage, the tacit knowledge needed to protect legacy‑heavy environments evaporates quickly....
AI-Driven Scams Are Eroding Trust in Calls, Messages, and Meetings
AI agents are now automating the research and targeting phases of social engineering, turning weeks‑long preparations into minutes. This automation lowers both the skill threshold and cost for launching phishing and scam campaigns. Deepfake audio and video are being used...
Cybersecurity Jobs Available Right Now: February 10, 2026
February 2026’s cybersecurity job roundup lists 26 open positions across 12 countries, ranging from cloud security engineers to senior threat‑intelligence analysts. The roles cover cloud, AI, OT, and zero‑trust specializations, with many offering hybrid or fully remote work. Employers span consulting...
BeyondTrust Fixes Easy-to-Exploit Pre-Auth RCE Vulnerability in Remote Access Tools (CVE-2026-1731)
BeyondTrust has patched a critical pre‑authentication remote code execution flaw (CVE‑2026‑1731) affecting its Remote Support and Privileged Remote Access products. The vulnerability lets unauthenticated attackers run OS commands on vulnerable on‑premise deployments. SaaS customers received the fix on February 2 2026, while...
OpenAI Updates Europe Privacy Policy, Adding New Data Categories
OpenAI has refreshed its Europe‑facing privacy policy to align with the November 2024 EU revisions. The new document expands coverage to include files, images, audio, video, and contact data, while adding clearer sections on user controls such as opting out of...
United Airlines CISO on Building Resilience when Disruption Is Inevitable
United Airlines’ chief information security officer, Deneen DeFiore, explained how the carrier modernizes cybersecurity without jeopardizing safety‑critical aircraft systems. The airline wraps legacy platforms with modern identity, segmentation and monitoring controls while adding compensating resilience measures. United treats cyber risk...
Allama: Open-Source AI Security Automation
Allama is an open‑source security automation platform that lets teams build visual workflows for threat detection and response. It ships with integrations for more than 80 security tools, from SIEMs to ticketing systems, and leverages AI‑powered agents that can enrich,...
AI Agents Behave Like Users, but Don’t Follow the Same Rules
The Cloud Security Alliance report warns that autonomous AI agents are expanding faster than identity and access management (IAM) frameworks can keep up. Organizations still rely on static credentials such as API keys and shared accounts, while modern workload‑identity standards...
State-Backed Phishing Attacks Targeting Military Officials and Journalists on Signal
German authorities have identified a likely state‑backed hacking group targeting senior political figures, military officials, diplomats, and investigative journalists via the Signal messaging app. The attackers use two phishing variants: impersonating Signal support to solicit security PINs or verification codes,...
MintMCP’s Governance Platform Helps Organizations Deploy, Monitor, and Secure AI Agents
MintMCP introduced an enterprise governance platform that lets organizations deploy, monitor, and secure AI agents and MCP servers at scale. The solution offers one‑click MCP server provisioning, real‑time agent activity tracing, and configurable guardrails to block risky actions. It also...
February 2026 Patch Tuesday Forecast: Lots of OOB Love This Month
Microsoft’s February 2026 Patch Tuesday follows a heavy January with 92 Windows 11/Server 2025 and 79 Windows 10 vulnerabilities addressed. Three out‑of‑band (OOB) patches were released in January to fix remote‑desktop credential prompts, Outlook .pst cloud storage errors, and a zero‑day Office vulnerability...
Kasada Account Intelligence Combats Manual Fraud and Abuse
Kasada has launched Account Intelligence, a real‑time solution that detects manual, account‑level fraud and abuse before financial loss occurs. The product uses high‑fidelity device telemetry linked to account behavior, allowing early identification of credential abuse, promo fraud, and coordinated multi‑account...
Mobile Privacy Audits Are Getting Harder
Mobile privacy audits face verification gaps as apps hide data flows behind permissions and encrypted traffic. The new mopri framework combines static analysis of APKs with dynamic, user‑driven execution to capture real‑world network activity on Android devices. It offers modular...
The Hidden Cost of Putting Off Security Decisions
Hanah Darley, Chief AI Officer at Geordie AI, warns that postponing security decisions creates a hidden "visibility debt" that compounds over time. Each quarter without adequate insight allows shadow IT, legacy systems, and unmanaged assets to proliferate, leading to larger...
Microsoft Launches LiteBox, a Security-Focused Open-Source Library OS
Microsoft unveiled LiteBox, an open‑source library operating system designed to act as a secure kernel layer for protecting guest kernels through hardware virtualization. Developed alongside the Linux Virtualization Based Security (LVBS) project, LiteBox runs security‑critical code in a hardened, isolated...
AiStrike Introduces AI-Powered MDR to Reduce Costs and Alert Fatigue
AiStrike has launched AiStrike MDR, an AI‑powered managed detection and response service that replaces traditional human‑intensive SOCs with an AI‑led, expert‑guided model. The platform unifies threat intelligence, detection, investigation and response across cloud, endpoint and identity data, delivering automated triage...
Varonis Acquires AllTrue.ai to Enable Safe, Compliant AI at Scale
Varonis announced the acquisition of AllTrue.ai to embed AI‑specific visibility and enforcement into its data‑centric security platform. The combined solution gives enterprises real‑time insight into AI models, agents and shadow AI, while applying guardrails that enforce least‑privilege access and compliance....
Smart Glasses Are Back, Privacy Issues Included
After the failure of Google Glass, smart glasses are re‑emerging, led by the Ray‑Ban Meta collaboration that blends fashion with AI‑enabled camera and microphone. Harvard students showed the device’s video can be fed into facial‑recognition systems to identify strangers, while...
Cybersecurity Planning Keeps Moving Toward Whole-of-Society Models
National governments are reshaping cybersecurity into whole‑of‑society frameworks that link risk management, workforce development, technology standards, and cross‑sector coordination. Centralized authorities act as hubs for incident response, intelligence sharing, and international cooperation, while private operators remain pivotal for critical infrastructure...
Measuring AI Use Becomes a Business Requirement
A Larridin survey reveals a 16‑point visibility gap between executives and directors on AI usage, highlighting pervasive shadow AI and fragmented governance. Large enterprises run an average of 23 AI tools, yet only 38 percent maintain a comprehensive inventory, leaving many...
ConnectSecure Introduces Linux Patching Capability to Simplify Cross-Distro Updates
ConnectSecure unveiled a cross‑platform Linux patching capability that consolidates updates for Red Hat, Ubuntu, Debian, and CentOS into a single console. The tool automates kernel and OS patch identification and deployment, cutting manual effort by up to 80 %. It also introduces...
SECNAP CloudJacket MXDR Integrates SOC, SIEM, and NDR
SECNAP Network Security launched CloudJacket MXDR, a managed extended detection and response platform that unifies SOC, SIEM, and NDR functions under a single pane of glass. Built on the patented CloudJacket foundation, the solution adds multi‑tenant capabilities, AI‑augmented analyst workflows,...
Avast Brings Deepfake Scam Detection to Windows PCs and Mobile Devices
Avast announced the global rollout of its Scam Guardian and Scam Guardian Pro apps for Android and iOS, and introduced Deepfake Guard for Windows PCs. The new AI‑driven feature scans video audio in real time to detect malicious deepfake content, supporting...
Detectify Internal Scanning Finds and Fixes Vulnerabilities Behind the Firewall
Detectify introduced Internal Scanning, a tool that extends its external‑facing crawling and fuzzing engine into private networks, enabling security teams to locate and fix vulnerabilities behind the firewall with the same speed as external tests. The solution deploys via a...
Global Threat Map: Open-Source Real-Time Situational Awareness Platform
Global Threat Map is an open‑source platform that aggregates multiple public threat‑intelligence feeds into a live, animated world map showing malware, phishing, botnet and other malicious activity. The project publishes its data‑collection code on GitHub, offering full transparency of sources...
How Secure by Design Helps Developers Build Secure Software
The Center for Internet Security and SAFECode have published "Secure by Design: A Guide to Assessing Software Security Practices," a risk‑based manual that integrates security into every stage of the software development lifecycle. The guide aligns the NIST Secure Software...
Why Incident Response Breaks Down when It Matters Most
In a Help Net Security video, Jon David, Managing Director at NR Labs, explains why incident response often collapses during active breaches. He highlights that hesitation, poor escalation, and weak communication let attackers outpace defenders. The discussion emphasizes that trust,...
Auto Finance Fraud Is Costing Dealers up to $20,000 per Incident
Auto dealers are facing a growing fraud problem that can cost up to $20,000 per incident, according to Experian research. The most common schemes involve income and employment misrepresentation, followed closely by synthetic and third‑party identity fraud. Fraud often surfaces...
Download: Tines Voice of Security 2026 Report
Tines has released its Voice of Security 2026 report, based on a survey of more than 1,800 security leaders and practitioners worldwide. The study reveals that while AI adoption is accelerating across security teams, manual work, rising workloads and burnout remain...
Sandisk Brings SPRandom to Open Source for Large SSD Testing
SanDisk unveiled SPRandom, an open‑source preconditioning utility for large‑capacity enterprise SSDs. The tool, contributed to the fio benchmark suite, can shrink the time required to bring a 128 TB drive to steady state from over 144 hours to roughly six hours—a reduction...
Malwarebytes in ChatGPT Delivers AI-Powered Protection Against Scams
Malwarebytes has launched Malwarebytes in ChatGPT, embedding its threat‑intelligence engine into OpenAI’s chatbot to let users instantly assess scams, phishing links, and suspicious domains. The service draws on a continuously updated database that protects millions of devices, offering point‑by‑point analysis...