Threat actors are recruiting the people who hold cloud logins
Companies keep most of their data and applications in cloud platforms that anyone can reach with the right login. That setup turns each employee holding…
Category: HelpnetSecurity
Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520)
Ivanti has patched two critical vulnerabilities (CVE-2026-10520 and CVE-2026-10523) in Ivanti Sentry and has urged customers to implement the fix right away. Though the vulnerabilities…
Drata brings visibility, control and auditability to enterprise AI agents
Drata has introduced AI Agent Governance, a new security category focused on managing the risks and oversight requirements of AI agents, while extending its trust…
Identity theft is turning into a chain reaction for victims
For a growing number of victims, identity theft no longer ends with a fraudulent charge or a compromised account. More than one in four people…
Building reusable workflows with custom agents in Copilot CLI
Developers spend much of their working time in the terminal, generating commands, debugging issues, and running scripts close to their systems. Repeated terminal work tends…
The security in smartphones is helping send them to landfills
Billions of working smartphones reach the end of their service lives each year and move into drawers, recycling streams, and waste piles. The WEEE Forum…
Filigran launches XTM One to automate CTEM with AI agents
Filigran has announced XTM One, an AI-native agentic layer that automates Continuous Threat Exposure Management (CTEM) workflows across the Filigran XTM Platform. XTM One introduces…
Elastic brings AI-driven incident investigation to Kubernetes and observability tools
Elastic has introduced an agentic Kubernetes investigation workflow and MCP-based observability skills that diagnose incidents the moment an alert fires. By the time an SRE…
French government messaging platform breached through account hijacking
French authorities are investigating a compromise of Tchap, the government’s secure messaging platform, after hackers hijacked a user account and gained access to public chat…
LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)
A command injection vulnerability (CVE-2026-42271) in BerryAI’s LiteLLM open-source AI gateway is being exploited by attackers, the US Cybersecurity and Infrastructure Security Agency (CISA) confirmed…
The architecture of subtraction: Why it’s time to erase the roads, not just map the traffic
The advent of AI-assisted vulnerability discovery and autonomous exploit development has brought about a new age in cybersecurity—one in which we can no longer rely…
Hackers used Meta’s AI support system to hijack over 20,000 Instagram accounts
Meta has revealed that attackers hijacked 20,225 Instagram accounts by exploiting a flaw in the company’s AI-assisted account recovery system. According to the company, a…