Help Net Security

Hacker with a special interest in breaching sports institutions ends behind bars

Sinisa Markovic — Thu, 23 Apr 2026 14:13:37 +0000

French police have arrested a suspected hacker linked to a series of data breaches affecting organizations in the country. Citing authorities, Le Parisien reported that the suspect, a 20-year-old man using the alias ‘HexDex,’ was taken into custody on April 22, 2026, in the Vendée region, western France. The suspect admitted to using the alias ‘HexDex,’ which he used to claim the leaks online and repost the data on forums such as BreachForum and Darkforum, … More →

The post Hacker with a special interest in breaching sports institutions ends behind bars appeared first on Help Net Security.

IP Fabric MCP server adds governance and control to enterprise AIOps workflows

Industry News — Thu, 23 Apr 2026 13:00:12 +0000

IP Fabric has launched a new Model Context Protocol (MCP) server that removes key barriers to enterprise AIOps adoption, combining secure in-platform deployment with a built-in prompt library for network operations. While MCP servers and AI integrations are increasingly common, most fall short in enterprise environments where security, control and trusted data are non-negotiable. IP Fabric eliminates these barriers to enterprise AIOps adoption with a purpose-built solution that delivers a practical and governed path to … More →

The post IP Fabric MCP server adds governance and control to enterprise AIOps workflows appeared first on Help Net Security.

Aqua Compass MCP server enables real-time investigation and containment of runtime threats

Industry News — Thu, 23 Apr 2026 12:48:19 +0000

Aqua Security has announced Aqua Compass, a Model Context Protocol (MCP) server that enables agentic investigation, containment and remediation of runtime incidents, and new runtime risk dashboards. These capabilities help security teams move beyond identifying risk and focus on containing threats in running applications. The announcement builds on Aqua’s Secure AI capabilities, extending the company’s AI innovation from protecting AI applications to applying AI directly to runtime security operations. Cloud native development and AI-generated code … More →

The post Aqua Compass MCP server enables real-time investigation and containment of runtime threats appeared first on Help Net Security.

Google brings instant email verification to Android, no OTP needed

Anamarija Pogorelec — Thu, 23 Apr 2026 12:01:20 +0000

Google has introduced cryptographically verified email credentials for Android through the Credential Manager API. This API aligns with the W3C Digital Credential API standard. It provides a unified way for apps to request and retrieve user credentials for authentication and authorization. “By integrating the new verified email via the Credential Manager API, you can reduce onboarding friction and provide a more streamlined and secure authentication flow. This reflects a shift toward a future where verification … More →

The post Google brings instant email verification to Android, no OTP needed appeared first on Help Net Security.

If cyber espionage via HDMI worries you, NCSC built a device to stop it

Sinisa Markovic — Thu, 23 Apr 2026 11:16:41 +0000

A new cybersecurity device developed by the National Cyber Security Centre (NCSC) should be a helpful solution for protecting governments and businesses from malicious activity carried through display connections. Called SilentGlass, the plug-and-play tool is designed to protect HDMI and DisplayPort links from potential cyberattacks. The NCSC warns that monitors are an attractive target for cyber attackers as they can process and store sensitive data, and are highly likely to be exploited to gain access … More →

The post If cyber espionage via HDMI worries you, NCSC built a device to stop it appeared first on Help Net Security.

Apple fixes iPhone bug that let FBI retrieve deleted Signal messages(CVE-2026-28950)

Zeljka Zorz — Thu, 23 Apr 2026 11:15:27 +0000

Apple has rolled out security updates for iPhones and iPads that fix CVE-2026-28950, a logging issue in Notification Services that made devices unexpectedly retain notifications marked for deletion. The vulnerability was patched following a recent report about the FBI accessing a suspect’s Signal message notification content on their iPhone, despite Signal being deleted from the device. As usual, Apple did not offer more details about the flaw; it just said that the issue was addressed … More →

The post Apple fixes iPhone bug that let FBI retrieve deleted Signal messages(CVE-2026-28950) appeared first on Help Net Security.

GopherWhisper APT group hides command and control traffic in Slack and Discord

Anamarija Pogorelec — Thu, 23 Apr 2026 09:00:10 +0000

Attackers continue to lean on everyday collaboration platforms to hide command and control traffic inside normal enterprise noise. A newly identified China-aligned APT group pushes that trend further, running its operations through Slack workspaces, Discord servers, Outlook drafts, and the file.io sharing service. GopherWhisper toolset overview ESET researchers have named the group GopherWhisper and tied it to an intrusion at a Mongolian governmental entity. The name draws on two elements: most of the group’s tooling … More →

The post GopherWhisper APT group hides command and control traffic in Slack and Discord appeared first on Help Net Security.

OpenAI tackles a bad habit people have when interacting with AI

Sinisa Markovic — Thu, 23 Apr 2026 08:42:44 +0000

Since people tend to paste personal data into AI tools such as ChatGPT, OpenAI has released Privacy Filter, an open-weight model designed to detect and redact personally identifiable information (PII) in text. The model is available under the Apache 2.0 license on Hugging Face and GitHub. “This release is part of our broader effort to support a more resilient software ecosystem by providing developers with practical infrastructure for building with AI safely, including tools and … More →

The post OpenAI tackles a bad habit people have when interacting with AI appeared first on Help Net Security.

A year in, Zoom’s CISO reflects on balancing security and business

Mirko Zorz — Thu, 23 Apr 2026 05:30:34 +0000

In this Help Net Security interview, Sandra McLeod, CISO at Zoom, reflects on her first year in the role. She talks about moving from reactive firefighting to business strategy, and what she heard from engineers, the board, and customers during her early months. McLeod discusses how she prepared for incident management, the dual job of handling crises and explaining them afterward, and her experience as a woman in technical leadership at Zoom. She closes with … More →

The post A year in, Zoom’s CISO reflects on balancing security and business appeared first on Help Net Security.

Scenario: Open-source framework for automated AI app red-teaming

Mirko Zorz — Thu, 23 Apr 2026 05:00:54 +0000

Enterprises running customer service bots, data analytics agents, and other AI-driven applications in production handle sensitive records and connect to core business systems every day. LangWatch has released Scenario, an open-source framework that runs automated red-team exercises against AI agents using multi-turn attack techniques that mirror how adversaries operate in the wild. Multi-turn attacks replace single-shot testing Single-prompt penetration tests have long been the standard approach for probing LLMs. Models often hold firm against a … More →

The post Scenario: Open-source framework for automated AI app red-teaming appeared first on Help Net Security.