Help Net Security

Cisco FMC flaw was exploited by Interlock weeks before patch (CVE-2026-20131)

Zeljka Zorz — Fri, 20 Mar 2026 13:21:35 +0000

A critical vulnerability (CVE-2026-20131) in Cisco Secure Firewall Management Center (FMC) that Cisco disclosed and patched in early March 2026 has been exploited as a zero-day by the Interlock ransomware gang, Amazon CISO and VP of Security Engineering CJ Moses revealed. “Our research [using Amazon’s MadPot system of honeypots] found that Interlock was exploiting this vulnerability 36 days before its public disclosure, beginning January 26, 2026,” he said on Wednesday. CVE-2026-20131 exploited as zero-day for … More →

The post Cisco FMC flaw was exploited by Interlock weeks before patch (CVE-2026-20131) appeared first on Help Net Security.

Google slows Android sideloading to trip up scammers

Anamarija Pogorelec — Fri, 20 Mar 2026 12:37:31 +0000

Google’s advanced flow for Android changes how apps from unverified developers are installed, adding steps to reduce scam-driven sideloading. The feature is aimed at experienced users and allows sideloading through a controlled, one-time setup. It addresses scam scenarios where attackers pressure individuals to install malicious software. In these cases, scammers often stay on the phone and guide victims step by step, pushing them to bypass security warnings and disable protections before they can pause or … More →

The post Google slows Android sideloading to trip up scammers appeared first on Help Net Security.

Terminated contract led to $2.5 million cyber extortion scheme

Sinisa Markovic — Fri, 20 Mar 2026 12:24:12 +0000

A federal jury convicted Cameron Curry, 27, a Charlotte resident, of carrying out an extensive cyber extortion scheme targeting a Washington, D.C.-based international technology company. He faces up to two years in prison on each of the six charges. Curry, who worked as a data analyst for about six months with the victim company and had access to its data files and internal personnel and corporate information, began the scheme after learning his contract would … More →

The post Terminated contract led to $2.5 million cyber extortion scheme appeared first on Help Net Security.

Rapid7 enhances Exposure Command with runtime validation and DSPM for risk analysis

Industry News — Fri, 20 Mar 2026 10:50:44 +0000

Rapid7 has unveiled new cloud security capabilities within Exposure Command. The introduction of runtime validation and Data Security Posture Management (DSPM) enables organizations to identify, validate, and prioritize exploitable risks based on real-world attack paths and business impact. As organizations scale hybrid and multi-cloud environments, security programs must move beyond reactive models built on assessment alone. With runtime validation and DSPM, Rapid7 advances Exposure Command from continuous assessment to continuous validation, enabling proactive exposure reduction … More →

The post Rapid7 enhances Exposure Command with runtime validation and DSPM for risk analysis appeared first on Help Net Security.

Authorities disrupt four IoT botnets behind record DDoS attacks

Sinisa Markovic — Fri, 20 Mar 2026 10:38:21 +0000

The U.S. Justice Department and international partners have disrupted four IoT botnets linked to DDoS attacks that reached 30 terabits per second, among the largest ever recorded.

The post Authorities disrupt four IoT botnets behind record DDoS attacks appeared first on Help Net Security.

Fake AI songs streamed billions of times, netting fraudster $10 million

Anamarija Pogorelec — Fri, 20 Mar 2026 10:17:06 +0000

Michael Smith, 54, of Cornelius, North Carolina, has pleaded guilty in federal court to running a scheme that exploited music streaming platforms and diverted royalty payments from artists. He admitted to one count of conspiracy to commit wire fraud, which carries a maximum sentence of five years in prison, and agreed to forfeit $8,091,843.64. According to U.S. Attorney for the Southern District of New York Jay Clayton, Smith used AI to generate hundreds of thousands … More →

The post Fake AI songs streamed billions of times, netting fraudster $10 million appeared first on Help Net Security.

Unpatched ScreenConnect servers open to attack (CVE-2026-3564)

Zeljka Zorz — Fri, 20 Mar 2026 09:37:55 +0000

ConnectWise has patched a critical vulnerability (CVE-2026-3564) that could enable attackers to hijack ScreenConnect sessions by abusing ASP.NET machine keys to forge trusted authentication. About CVE-2026-3564 The ScreenConnect remote access platform is popular with managed service providers, IT departments, and technology solution providers. They can opt for the cloud-hosted version or can deploy it on their own servers or in their private cloud. CVE-2026-3564 stems from improper verification of cryptographic signature, can be exploited remotely … More →

The post Unpatched ScreenConnect servers open to attack (CVE-2026-3564) appeared first on Help Net Security.

Semgrep Multimodal brings AI reasoning and rule-based analysis to code security

Industry News — Fri, 20 Mar 2026 07:47:21 +0000

Semgrep announced Semgrep Multimodal, a system that combines AI reasoning with rule-based analysis for detection, triage, and remediation. Its detection finds up to 8x more true positives while cutting noise by 50% compared to foundation models alone, and has already discovered dozens of zero-days at customers. Multimodal is built on Semgrep Workflows, a framework for autonomous code security – using deterministic tools and AI so security teams can encode their processes once and scale them … More →

The post Semgrep Multimodal brings AI reasoning and rule-based analysis to code security appeared first on Help Net Security.

ConductorOne unveils AI Access Management to accelerate secure, compliant AI adoption

Industry News — Fri, 20 Mar 2026 07:39:47 +0000

ConductorOne has announced its AI Access Management product extension, a unified control plane for managing access to AI tools, agents, and MCP connections across the enterprise. The platform enables organizations to accelerate AI adoption while maintaining full visibility, policy enforcement, and compliance. As AI tools proliferate across the enterprise, organizations face a critical challenge: 75% of knowledge workers use AI tools today, and 78% bring their own, creating massive shadow AI risk. Meanwhile, only 18% … More →

The post ConductorOne unveils AI Access Management to accelerate secure, compliant AI adoption appeared first on Help Net Security.

Bonfy ACS 2.0 helps organizations control data use in AI environments

Industry News — Fri, 20 Mar 2026 07:28:46 +0000

Bonfy.AI announced Bonfy Adaptive Content Security (Bonfy ACS) 2.0, a platform built to secure enterprise content across all systems, applications, and AI agents – anywhere data moves, resides, or is processed. As organizations race to deploy copilots, custom AI apps, and increasingly autonomous AI agents, security leaders are struggling with blind spots around how these systems access, transform, and share sensitive data, gaps that legacy DLP and DSPM tools were never designed to handle. By … More →

The post Bonfy ACS 2.0 helps organizations control data use in AI environments appeared first on Help Net Security.