<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>Help Net Security</title>
	<atom:link href="https://www.helpnetsecurity.com/feed/" rel="self" type="application/rss+xml" />
	<link>https://www.helpnetsecurity.com/</link>
	<description>Daily information security news with a focus on enterprise security.</description>
	<lastBuildDate>Mon, 13 Jul 2026 16:34:55 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.9.4</generator>

<image>
	<url>https://img.helpnetsecurity.com/wp-content/uploads/2019/09/09093400/cropped-hns2-32x32.png</url>
	<title>Help Net Security</title>
	<link>https://www.helpnetsecurity.com/</link>
	<width>32</width>
	<height>32</height>
</image> 
	<item>
		<title>Hackers breach Lidl&#8217;s IT service provider, steal customer data</title>
		<link>https://www.helpnetsecurity.com/2026/07/13/lidl-data-breach-customer-data/</link>
		
		<dc:creator><![CDATA[Sinisa Markovic]]></dc:creator>
		<pubDate>Mon, 13 Jul 2026 16:34:55 +0000</pubDate>
				<category><![CDATA[News]]></category>
		<category><![CDATA[breach]]></category>
		<category><![CDATA[data breach]]></category>
		<category><![CDATA[retail]]></category>
		<guid isPermaLink="false">https://www.helpnetsecurity.com/?p=377668</guid>

					<description><![CDATA[<p>German discount supermarket chain Lidl has notified customers in Germany, Belgium, and the Netherlands that customer data was stolen after attackers breached one of its IT service providers. In notices published on its support websites in Belgium and the Netherlands, Lidl said it was informed of the incident last week. “Despite high IT security standards, unidentified individuals were briefly able to access a separately stored file containing customer data and steal some of it. The &#8230; <a href="https://www.helpnetsecurity.com/2026/07/13/lidl-data-breach-customer-data/" rel="nofollow">More <span class="meta-nav">&#8594;</span></a></p>
<p>The post <a href="https://www.helpnetsecurity.com/2026/07/13/lidl-data-breach-customer-data/">Hackers breach Lidl&#8217;s IT service provider, steal customer data</a> appeared first on <a href="https://www.helpnetsecurity.com">Help Net Security</a>.</p>
]]></description>
		
		
		
			</item>
		<item>
		<title>EU and UK blacklist Russia&#8217;s cyber operators over efforts to destabilize Europe</title>
		<link>https://www.helpnetsecurity.com/2026/07/13/eu-uk-russia-cyber-activity-sanctions/</link>
		
		<dc:creator><![CDATA[Sinisa Markovic]]></dc:creator>
		<pubDate>Mon, 13 Jul 2026 14:52:51 +0000</pubDate>
				<category><![CDATA[News]]></category>
		<category><![CDATA[cyber espionage]]></category>
		<category><![CDATA[EU]]></category>
		<category><![CDATA[Russian Federation]]></category>
		<category><![CDATA[UK]]></category>
		<guid isPermaLink="false">https://www.helpnetsecurity.com/?p=377638</guid>

					<description><![CDATA[<p>The EU and the UK jointly sanctioned dozens of Russian individuals and entities, accusing Moscow of coordinating a malicious cyber ecosystem targeting Europe, its member states, and international partners. The UK sanctioned 24 individuals and entities, while the EU imposed restrictive measures on nine individuals and four entities. &#8220;Cybercriminals, self-proclaimed hacktivists and private companies linked to Russia, including actors operating under its instructions, direction or control, have also carried out, enabled and facilitated a wide &#8230; <a href="https://www.helpnetsecurity.com/2026/07/13/eu-uk-russia-cyber-activity-sanctions/" rel="nofollow">More <span class="meta-nav">&#8594;</span></a></p>
<p>The post <a href="https://www.helpnetsecurity.com/2026/07/13/eu-uk-russia-cyber-activity-sanctions/">EU and UK blacklist Russia&#8217;s cyber operators over efforts to destabilize Europe</a> appeared first on <a href="https://www.helpnetsecurity.com">Help Net Security</a>.</p>
]]></description>
		
		
		
			</item>
		<item>
		<title>Tidal Cyber connects assets, vulnerabilities, and threats through Threat-Led Defense</title>
		<link>https://www.helpnetsecurity.com/2026/07/13/tidal-cyber-threat-led-asset-visibility/</link>
		
		<dc:creator><![CDATA[Industry News]]></dc:creator>
		<pubDate>Mon, 13 Jul 2026 13:44:39 +0000</pubDate>
				<category><![CDATA[Industry news]]></category>
		<category><![CDATA[Tidal Cyber]]></category>
		<guid isPermaLink="false">https://www.helpnetsecurity.com/?p=377631</guid>

					<description><![CDATA[<p>Tidal Cyber has announced Threat-Led Asset Visibility and Vulnerability Prioritization, new innovations extending the company&#8217;s Threat-Led Defense platform. The announcement marks a significant advancement in defensive security, shifting the industry beyond static asset inventories, CVSS scoring, and disconnected exposure management toward an execution-centric model built on how adversaries actually execute attacks across the kill chain. At Tidal Cyber, adversary procedures are not another data point. They are the organizing principle that connects threats, assets, vulnerabilities, &#8230; <a href="https://www.helpnetsecurity.com/2026/07/13/tidal-cyber-threat-led-asset-visibility/" rel="nofollow">More <span class="meta-nav">&#8594;</span></a></p>
<p>The post <a href="https://www.helpnetsecurity.com/2026/07/13/tidal-cyber-threat-led-asset-visibility/">Tidal Cyber connects assets, vulnerabilities, and threats through Threat-Led Defense</a> appeared first on <a href="https://www.helpnetsecurity.com">Help Net Security</a>.</p>
]]></description>
		
		
		
			</item>
		<item>
		<title>Cloudflare Precursor uses continuous behavioral analysis to stop advanced bots</title>
		<link>https://www.helpnetsecurity.com/2026/07/13/cloudflare-precursor/</link>
		
		<dc:creator><![CDATA[Industry News]]></dc:creator>
		<pubDate>Mon, 13 Jul 2026 13:28:04 +0000</pubDate>
				<category><![CDATA[Industry news]]></category>
		<category><![CDATA[Cloudflare]]></category>
		<guid isPermaLink="false">https://www.helpnetsecurity.com/?p=377622</guid>

					<description><![CDATA[<p>Cloudflare has announced the general availability of Precursor, a next-generation, continuous behavioral validation engine for bot management. Precursor runs seamlessly inside web browsers to monitor entire user sessions in order to detect bot automation. Unlike static CAPTCHAs, it analyzes ongoing interactions in real time to catch advanced bots, improving detection precision without interrupting legitimate users. For the first time, automated bot traffic has eclipsed human activity on the Internet, now generating roughly 57% of all &#8230; <a href="https://www.helpnetsecurity.com/2026/07/13/cloudflare-precursor/" rel="nofollow">More <span class="meta-nav">&#8594;</span></a></p>
<p>The post <a href="https://www.helpnetsecurity.com/2026/07/13/cloudflare-precursor/">Cloudflare Precursor uses continuous behavioral analysis to stop advanced bots</a> appeared first on <a href="https://www.helpnetsecurity.com">Help Net Security</a>.</p>
]]></description>
		
		
		
			</item>
		<item>
		<title>Lumen expands managed detection and response with Cortex XSIAM integration</title>
		<link>https://www.helpnetsecurity.com/2026/07/13/lumen-defender-amdr/</link>
		
		<dc:creator><![CDATA[Industry News]]></dc:creator>
		<pubDate>Mon, 13 Jul 2026 13:17:25 +0000</pubDate>
				<category><![CDATA[Industry news]]></category>
		<category><![CDATA[Lumen]]></category>
		<guid isPermaLink="false">https://www.helpnetsecurity.com/?p=377609</guid>

					<description><![CDATA[<p>Lumen Technologies has announced Lumen Defender Advanced Managed Detection and Response (AMDR) for Palo Alto Networks Cortex XSIAM. Attackers are increasingly operating earlier in the lifecycle while AI is accelerating threat speed. This expanded service will bring together Lumen’s managed detection and response capabilities and Lumen Defender Threat Feed powered by Lumen’s Black Lotus Labs network-embedded threat intelligence with Palo Alto Networks Cortex XSIAM AI-driven SOC platform to help enterprises modernize security operations, reduce alert &#8230; <a href="https://www.helpnetsecurity.com/2026/07/13/lumen-defender-amdr/" rel="nofollow">More <span class="meta-nav">&#8594;</span></a></p>
<p>The post <a href="https://www.helpnetsecurity.com/2026/07/13/lumen-defender-amdr/">Lumen expands managed detection and response with Cortex XSIAM integration</a> appeared first on <a href="https://www.helpnetsecurity.com">Help Net Security</a>.</p>
]]></description>
		
		
		
			</item>
		<item>
		<title>Ransomware negotiator who betrayed clients sentenced to 70 months in prison</title>
		<link>https://www.helpnetsecurity.com/2026/07/13/ransomware-negotiator-blackcat-sentence/</link>
		
		<dc:creator><![CDATA[Sinisa Markovic]]></dc:creator>
		<pubDate>Mon, 13 Jul 2026 12:22:17 +0000</pubDate>
				<category><![CDATA[News]]></category>
		<category><![CDATA[cybercrime]]></category>
		<category><![CDATA[law enforcement]]></category>
		<category><![CDATA[ransomware]]></category>
		<category><![CDATA[US DoJ]]></category>
		<category><![CDATA[USA]]></category>
		<guid isPermaLink="false">https://www.helpnetsecurity.com/?p=377579</guid>

					<description><![CDATA[<p>A former ransomware negotiator at incident response firm DigitalMint has been sentenced to 70 months in prison after admitting he shared confidential client information with the BlackCat ransomware group and later helped carry out ransomware attacks. Prosecutors say Angelo Martino, 41, abused his role at DigitalMint beginning in April 2023 by providing BlackCat operators with sensitive information gathered during ransomware negotiations. The information included victims&#8217; negotiating positions, insurance policy limits, and internal assessments, helping the &#8230; <a href="https://www.helpnetsecurity.com/2026/07/13/ransomware-negotiator-blackcat-sentence/" rel="nofollow">More <span class="meta-nav">&#8594;</span></a></p>
<p>The post <a href="https://www.helpnetsecurity.com/2026/07/13/ransomware-negotiator-blackcat-sentence/">Ransomware negotiator who betrayed clients sentenced to 70 months in prison</a> appeared first on <a href="https://www.helpnetsecurity.com">Help Net Security</a>.</p>
]]></description>
		
		
		
			</item>
		<item>
		<title>Fake OAuth client IDs are helping attackers slip past sign-in logs</title>
		<link>https://www.helpnetsecurity.com/2026/07/13/entra-id-oauth-client-id-spoofing/</link>
		
		<dc:creator><![CDATA[Mirko Zorz]]></dc:creator>
		<pubDate>Mon, 13 Jul 2026 12:10:50 +0000</pubDate>
				<category><![CDATA[Don't miss]]></category>
		<category><![CDATA[News]]></category>
		<category><![CDATA[authentication]]></category>
		<category><![CDATA[credentials]]></category>
		<category><![CDATA[cybercrime]]></category>
		<category><![CDATA[Microsoft]]></category>
		<category><![CDATA[Microsoft Entra ID]]></category>
		<category><![CDATA[OAuth]]></category>
		<category><![CDATA[Proofpoint]]></category>
		<category><![CDATA[spoofing]]></category>
		<guid isPermaLink="false">https://www.helpnetsecurity.com/?p=377563</guid>

					<description><![CDATA[<p>Attackers running account enumeration against Microsoft cloud tenants have added a step that keeps their probing out of the usual telemetry. They spoof the OAuth client ID, the globally unique identifier assigned to an application and passed as client_id in an authentication request. Microsoft Entra ID records that value as the application ID in its sign-in logs, and the way it handles unfamiliar identifiers opens a gap that operators have started to work through. Entra &#8230; <a href="https://www.helpnetsecurity.com/2026/07/13/entra-id-oauth-client-id-spoofing/" rel="nofollow">More <span class="meta-nav">&#8594;</span></a></p>
<p>The post <a href="https://www.helpnetsecurity.com/2026/07/13/entra-id-oauth-client-id-spoofing/">Fake OAuth client IDs are helping attackers slip past sign-in logs</a> appeared first on <a href="https://www.helpnetsecurity.com">Help Net Security</a>.</p>
]]></description>
		
		
		
			</item>
		<item>
		<title>Security threat prompts Progress to disable ShareFile accounts, tell customers to shut down servers</title>
		<link>https://www.helpnetsecurity.com/2026/07/13/progress-sharefile-security-threat/</link>
		
		<dc:creator><![CDATA[Zeljka Zorz]]></dc:creator>
		<pubDate>Mon, 13 Jul 2026 11:45:40 +0000</pubDate>
				<category><![CDATA[Don't miss]]></category>
		<category><![CDATA[Hot stuff]]></category>
		<category><![CDATA[News]]></category>
		<category><![CDATA[enterprise]]></category>
		<category><![CDATA[file sharing]]></category>
		<category><![CDATA[Progress]]></category>
		<category><![CDATA[threat]]></category>
		<guid isPermaLink="false">https://www.helpnetsecurity.com/?p=377565</guid>

					<description><![CDATA[<p>A &#8220;credible external security threat&#8221; targeting Progress Software&#8217;s ShareFile Storage Zone Controllers (SZC) &#8211; the on-premises, customer-managed server components where organizations store files shared via this popular enterprise platform &#8211; has spurred the company to disable access to ShareFile accounts that are using them. The warning was sent to customers via email on July 10, urging them to manually shut down the server that is hosting their Storage Zone Controllers. The initial email alert from &#8230; <a href="https://www.helpnetsecurity.com/2026/07/13/progress-sharefile-security-threat/" rel="nofollow">More <span class="meta-nav">&#8594;</span></a></p>
<p>The post <a href="https://www.helpnetsecurity.com/2026/07/13/progress-sharefile-security-threat/">Security threat prompts Progress to disable ShareFile accounts, tell customers to shut down servers</a> appeared first on <a href="https://www.helpnetsecurity.com">Help Net Security</a>.</p>
]]></description>
		
		
		
			</item>
		<item>
		<title>FastNetMon eliminates third-party bgp lookups with Netomics</title>
		<link>https://www.helpnetsecurity.com/2026/07/13/fastnetmon-netomics/</link>
		
		<dc:creator><![CDATA[Industry News]]></dc:creator>
		<pubDate>Mon, 13 Jul 2026 09:27:07 +0000</pubDate>
				<category><![CDATA[Industry news]]></category>
		<guid isPermaLink="false">https://www.helpnetsecurity.com/?p=377543</guid>

					<description><![CDATA[<p>FastNetMon is introducing Netomics, a self-hosted BGP routing intelligence platform that combines live routing data, registry information, RPKI validation, routing history and AI-assisted querying into a single application. Built for internet service providers (ISPs), cloud providers, Internet Exchange Points (IXPs) and enterprises operating large IP networks, Netomics provides complete visibility into global internet routing without relying on third-party lookup services. Network engineers often need to consult multiple public tools to investigate routing incidents, validate prefix &#8230; <a href="https://www.helpnetsecurity.com/2026/07/13/fastnetmon-netomics/" rel="nofollow">More <span class="meta-nav">&#8594;</span></a></p>
<p>The post <a href="https://www.helpnetsecurity.com/2026/07/13/fastnetmon-netomics/">FastNetMon eliminates third-party bgp lookups with Netomics</a> appeared first on <a href="https://www.helpnetsecurity.com">Help Net Security</a>.</p>
]]></description>
		
		
		
			</item>
		<item>
		<title>Claude Code users keep 50% higher limits until July 19</title>
		<link>https://www.helpnetsecurity.com/2026/07/13/claude-code-weekly-limits-promotion-extended/</link>
		
		<dc:creator><![CDATA[Anamarija Pogorelec]]></dc:creator>
		<pubDate>Mon, 13 Jul 2026 09:06:55 +0000</pubDate>
				<category><![CDATA[News]]></category>
		<category><![CDATA[Anthropic]]></category>
		<category><![CDATA[Claude Code]]></category>
		<guid isPermaLink="false">https://www.helpnetsecurity.com/?p=377531</guid>

					<description><![CDATA[<p>Anthropic has extended a limited-time promotion that increases weekly usage limits in Claude Code by 50% through July 19, 2026, at 11:59 PM PT. When the promotion ends, weekly usage limits will return to their standard levels without any changes to users&#8217; plans or billing. The promotion is available to Pro, Max, and Team plans, as well as legacy seat-based users on Enterprise plans. Free plans and consumption-based Enterprise seats are not eligible. What&#8217;s included &#8230; <a href="https://www.helpnetsecurity.com/2026/07/13/claude-code-weekly-limits-promotion-extended/" rel="nofollow">More <span class="meta-nav">&#8594;</span></a></p>
<p>The post <a href="https://www.helpnetsecurity.com/2026/07/13/claude-code-weekly-limits-promotion-extended/">Claude Code users keep 50% higher limits until July 19</a> appeared first on <a href="https://www.helpnetsecurity.com">Help Net Security</a>.</p>
]]></description>
		
		
		
			</item>
	</channel>
</rss>
