New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 that has been observed targeting Microsoft Internet Informatio...
General
20 articles
Advancing Cybersecurity in the Age of Frontier AI: Qualys Steps into Project Glasswing
The cybersecurity industry has spent much of the last two years debating how attackers might use AI. That debate matters, but it misses a larger point: defen...
Hola Browser Windows Delivery Pipeline Hijacked to Deploy Cryptominer
An undeclared executable bundled with Hola Browser for Windows (version 1.251.
Trend Micro Deep Security Agent Flaw Allows Repeatable Security Bypass
Trend Micro’s Deep Security Agent for Linux contains a design flaw in its behavior-monitoring stack that allows a local, unprivileged attacker to repeatedly ...
Infosecurity Europe: Practical Lessons From Lloyds' Agentic AI Security Playbook
Lloyds Banking Group shared its approach for securing agentic AI workflows, with a mix of hands on experimentation and cross functional governance
Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver
Eighteen months ago, the AI SOC was a marketing line. Today it's a budget item.
Chrome 149 Patches 429 Vulnerabilities
Over 100 bugs are critical or high-severity, mainly use-after-free and insufficient validation of untrusted input flaws. The post Chrome 149 Patches 429 Vuln...
Let’s Encrypt works toward post-quantum certificates at web scale
Let’s Encrypt plans to pursue a post-quantum-safe Web PKI through Merkle Tree Certificates (MTCs), a new approach that adds post-quantum authentication to th...
Infosecurity Europe: OWASP Introduces Agentic AI Security Maturity Framework
The OWASP agentic AI security framework helps organizations assess governance maturity vs adoption and adjust governance as needed
Industry Reactions to New Trump AI Cybersecurity Executive Order: Feedback Friday
Experts commented on the EO’s voluntary nature, the balance between innovation and security, and potential implementation gaps. The post Industry Reactions t...
Malicious Browser Add-Ons Target Major AI Chatbot Users
Malicious browser add-ons are actively harvesting conversations and personal data from users of major AI platforms including ChatGPT, Claude, Copilot, Gemini...
From AI hype to operational reality: A practitioner’s framework for securing agentic systems
Most organizations already have AI governance discussions underway. They have policies, working groups, acceptable-use guidance, and long lists of principles...
Infosecurity Europe: AI Coding Tools Need Built-In Security for Agentic Development Era
Ox Security field CTO, Boaz Barzel, makes the case for vibe security to tackle AI agent coding risks
Claude Code has an MCP security problem — and your developers are already using it
Claude Code is Anthropic’s AI coding assistant — a command-line tool that developers are adopting fast. It connects to external services through Model Contex...
Five Eyes: Chinese Spies Target Government, Military Staff With Fake Job Opportunities
Posing as recruiters on online platforms, Chinese intelligence officers target personnel with access to classified or privileged information. The post Five E...
New SHub Stealer Variant Targets Major Browsers and Crypto Wallets
Threat actors have resurfaced with an upgraded SHub stealer for macOS, now branded “Reaper,” and they’re using a stealthy distribution trick that should worr...
Infosecurity Europe: Reactive Security Is Failing Healthcare Organizations, Experts Warn
A perfect storm of legacy devices, hyper connectivity and human fatigue is bad news for the healthcare sector, warns Cyber Salus
Fake Context Alignment: The Attack That Made Gemini Obey Strangers Through Your Notifications
SafeBreach tricked Gemini into obeying attackers via WhatsApp notifications, using hidden foreign-language text to bypass Google’s defenses and control smart...
Zero-Click Agentic AI Attack Bypasses Human Oversight
Taxonomy of Failure Modes in Agentic AI Systems v2.0 published in April 2026, the field received more than a classification update: it got operational guidan...
Photos: Infosecurity Europe 2026
Infosecurity Europe 2026 is a cybersecurity event that took place from June 2 to 4 in London. Help Net Security was on-site and here’s a closer look at the c...