Aggregator

Полиция задержала четверых соучастников кражи.

A new font-rendering attack causes AI assistants to miss malicious commands shown on webpages by hiding them in seemingly harmless HTML. [...]

SailPoint has announced the launch of SailPoint Shadow AI Remediation, the latest component of its real-time AI governance and security framework. This solution enables organizations to discover, monitor, and secure the use of unauthorized AI tools, known as “shadow AI,” helping to mitigate the security and compliance risks associated with the rapid growth of artificial intelligence. As employees turn to AI platforms like ChatGPT, Claude, Gemini, and others to enhance productivity, they often do so … More →

The post SailPoint improves visibility and control over unauthorized AI use appeared first on Help Net Security.

Microsoft has stopped automatically installing the Microsoft 365 Copilot app on Windows devices that have the Microsoft 365 desktop client apps. [...]

Pindrop has announced Pindrop Protect Fraud Assist, the agentic fraud investigation and case management solution for real-time phone conversations. As AI fraud attacks surge across contact centers, Pindrop Protect Fraud Assist embeds agentic AI directly into the fraud investigation workflow, helping analysts investigate smarter, close cases faster and keep pace with rising fraud volumes, without adding headcount. As an AI assistant to the fraud analyst, the agent delivers real-time call summaries, deep risk insights and … More →

The post Pindrop Fraud Assist uses AI to analyze calls and strengthen fraud prevention appeared first on Help Net Security.

Подробности свежего руководства ENISA: как защититься от кода, который никто не проверял.

Huntress has announced Managed Endpoint Security Posture Management (ESPM) and Managed Identity Security Posture Management (ISPM), expanding its Agentic Security Platform to deliver end-to-end protection across endpoints, identities, and human risk. Huntress built Managed ESPM from the ground up and developed Managed ISPM in less than four months by leveraging expertise and capabilities from its Inside Agent acquisition in November 2025. These products empower customers to proactively close common security gaps like misconfigurations, excessive permissions, … More →

The post Huntress adds tools to its Agentic Security Platform to detect, fix, and prevent endpoint and identity risks appeared first on Help Net Security.

Find your most sensitive code and prioritize fixes.

The post Introducing AI-powered Contextual Project Classification: From severity scores to business risk appeared first on Security Boulevard.

古巴国家电网于2026年3月16日（周一）发生全面崩溃，导致全国约1000万人口陷入断电状态。

人工智能正从根本上压缩网络攻击的时间线，攻击者已实现以分钟级速度完成入侵、横向移动和破坏，而多数防御体系仍基于

Kore.ai has announced the launch of its Agent Management Platform, a unified command center designed to govern, monitor, and manage AI agents and AI systems across the enterprise. As organizations deploy AI and multi-agent systems, many are encountering “AI sprawl,” a phenomena analysts describe as dozens of AI initiatives across different teams, tools, and clouds without centralized visibility or governance. Gartner predicts that by 2028, enterprises will operate thousands of AI agents across various business … More →

The post Kore.ai debuts Agent Management Platform to govern enterprise AI ecosystems appeared first on Help Net Security.

A vulnerability labeled as critical has been found in GNOME libsoup. The affected element is an unknown function. Such manipulation leads to use after free. This vulnerability is listed as CVE-2026-4271. The attack may be performed from remote. There is no available exploit.

A vulnerability identified as problematic has been detected in Apache Airflow up to 3.1.7. Impacted is an unknown function of the component FastAPI DagVersion Listing API. This manipulation causes incorrect permission assignment. This vulnerability is tracked as CVE-2026-26929. The attack is possible to be carried out remotely. No exploit exists. You should upgrade the affected component.

A vulnerability categorized as problematic has been discovered in HCL Sametime. This issue affects some unknown processing. The manipulation results in basic cross site scripting. This vulnerability is identified as CVE-2025-62320. The attack can be executed remotely. There is not any exploit available.

A vulnerability was found in Apache Airflow up to 3.1.7. It has been rated as problematic. This vulnerability affects unknown code of the file /ui/dependencies. The manipulation leads to incorrect permission assignment. This vulnerability is referenced as CVE-2026-28563. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is advised.

A vulnerability was found in Apache Airflow up to 3.1.7. It has been declared as critical. This affects an unknown part of the component Execution API. Executing a manipulation can lead to missing authorization. The identification of this vulnerability is CVE-2026-30911. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in HCL Sametime. It has been classified as problematic. Affected by this issue is some unknown functionality of the component HTTP Request Handler. Performing a manipulation results in improper input validation. This vulnerability was named CVE-2025-31966. The attack may be initiated remotely. There is no available exploit.

Enterprise Cloud Network Solutions secure multi-cloud environments with Zero Trust, visibility, and threat prevention across users, apps, and distributed data systems.

Kingston Digital has announced the launch of the next-generation IronKey Locker+ 50 G2 (LP50 G2) hardware-encrypted USB flash drive. The drive provides enterprise-grade security with FIPS 197 and AES 256-bit hardware encryption in XTS mode. It also safeguards against BadUSB with digitally signed firmware and against brute force password attacks. LP50G2 features a premium space grey metal casing and supports both Admin and User passwords with options for Complex or Passphrase modes. Complex mode allows … More →

The post New Kingston IronKey USB drive delivers enterprise-grade data security appeared first on Help Net Security.

Пора узнать, попали ли вы в секретный список.