AI generated scams and phishing in 2026
Monday, January 5, 2026 by Austin Harris
David Stonehill, CTO, NetLib Security offers his insight into what 2026 will hold for us in the way of AI scams.
By 2026, AI-generated scams and phishing will be virtually indistinguishable from legitimate apps, storefronts, and communications making detection alone unreliable. App developers will need to design for breach resilience using MFA, passkeys, AI-driven se...
Airline data breach hits WestJet exposing over 1M passengers
Thursday, October 30, 2025 by Russ Scritchfield
Canada’s second-largest airline, WestJet, disclosed that a data breach earlier this year compromised the personal information of approximately 1.2 million passengers. The airline reported the incident in a filing with Maine’s attorney general, confirming that 240 residents in the state were affected.
Details of the information compromised
The informati...
Russian airport hacked as St. Petersburg website reports cyberattack
Monday, October 6, 2025 by Trey Abbe
Pulkovo airport, the primary international gateway for St. Petersburg, reported that its official website had been compromised in a cyberattack. The airport serves millions of passengers annually, making secure digital operations essential for timely flight information and passenger services. Officials confirmed that the attack temporarily disrupted access to the websit...
Push for FTC to Investigate Microsoft
Monday, September 22, 2025 by Austin Harris
U.S. Senator Ron Wyden has formally requested the Federal Trade Commission to examine Microsoft for what he describes as significant cybersecurity shortcomings. The request cites repeated security incidents and raises questions about the company’s role in safeguarding critical infrastructure.
Senator highlights cybersecurity risks
In a letter addressed to FT...
Salesforce data breach linked to Tenable via Salesloft Drift
Friday, September 12, 2025 by Richard Harris
A recent Salesforce data breach involving the Salesloft Drift integration has affected multiple organizations, including cybersecurity company Tenable. The company confirmed that limited customer contact and support case data were exposed but emphasized that no core product data was compromised.
Scope of exposed information
Tenable reported that information access...
Hackers steal cryptocurrency using fake job offers report reveals
Tuesday, September 9, 2025 by Trey Abbe
A recent investigation reveals that North Korean hacking groups are using elaborate fake job offers to steal cryptocurrency from blockchain professionals and investors. The scams, identified in a joint report by cybersecurity firms SentinelOne and Validin, include posing as recruiters for major crypto companies and directing applicants to download malicious software or ...
Salesforce breach let hackers steal Google customer data
Monday, August 25, 2025 by Richard Harris
In June, one of Google’s corporate Salesforce instances was affected by activity consistent with the UNC6040 campaign described in the post. Google responded by conducting an impact analysis and implementing mitigation steps. The affected instance stored contact information and related notes for small and medium-sized businesses. Investigators confirmed that data ...
KNP ransomware attack
Wednesday, August 6, 2025 by Russ Scritchfield
One of the UK's oldest transport companies, KNP Logistics Group, collapsed under the weight of a ransomware attack that began with a single guessed password. The company, founded in 1865 and known primarily through its “Knights of Old” fleet, had survived world wars, economic upheavals, and generational shifts in the freight industry. But it could not su...
CoinDCX launches bounty after security breach
Friday, August 1, 2025 by Richard Harris
CoinDCX, one of the largest cryptocurrency exchanges in India, has issued an official statement following a sophisticated security incident on July 19, 2025, which affected one of its internal operational accounts used solely for liquidity provisioning on a partner exchange. The company emphasized that no customer funds were impacted and that all assets remain secure in...
DataKrypto launches new AI models
Friday, May 9, 2025 by Richard Harris
DataKrypto launched a new solution that protects AI models and the data of businesses using them. Based on the company’s patented FHE technology, the solution, FHEnom for AI, addresses a critical security gap and delivers unprecedented AI protection.
FHEnom for AI is a zero-knowledge framework that safeguards both customized open-source AI models (adapted for s...
NetLib Security predictions 2025
Thursday, January 2, 2025 by Richard Harris
The leading prediction for 2025 will sound familiar: Generative AI directly affects your privacy rights. In many ways, this is a twist on the typical cybersecurity problem. Rather than a hacker or a bad actor breaking in to steal your data, we are being asked to hand our keys to the companies we often trust the most: Microsoft, Apple, Dropbox, and Google!
NetLib Secu...
DevOps threats report released from GitProtect io
Monday, August 12, 2024 by Brittany Hainzinger
Outages, human errors, cyberattacks, data breaches, ransomware, security vulnerabilities,
and, as a result, data loss are the reality that DevSecOps teams have to face...even every
few days.
The State of DevOps threats report - teams affected every few days
GitProtect.io recently presented its studies on the most severe incidents affecting tools like GitHub...
Developers and brands must make mobile apps far more secure
Tuesday, January 17, 2023 by Austin Harris
The bad guys are still breaking digital windows and kicking down digital doors, so to speak, and will continue well into 2023 and beyond!
Consumers through experience or gut instinct will demand that their mobile app providers deliver key security features including trying to stop the increasingly prevalent "man-in-the-middle" attacks. The latest techn...
Protecting source code
Wednesday, October 6, 2021 by Nigel Thorpe
Earlier this year, EA (Electronic Arts), reported a cyberattack and the theft of some 780GB of source code for games such as FIFA 21 and the proprietary Frostbite game engine used for many other high-profile games such as Battlefield. The threat actors responsible for the EA data breach put the stolen data up for sale on an underground hacking forum for $28 million, pro...
SnykCon 2021 event lineup
Friday, September 24, 2021 by Randall Degges
We're only a few weeks away from SnykCon 2021, Snyk's free annual developer conference that helps you learn how to build applications securely running October 5-7. We have a packed agenda full of expert talks, hands-on workshops, helpful demos, product roadmaps, opportunities to interact with some of the smartest speakers and leaders of developer security i...
Faster customer integrations from HackerOne
Thursday, July 29, 2021 by Austin Harris
Tray.io has announced that HackerOne is using Tray Embedded to develop and deliver powerful customer integrations at scale. With Tray Embedded, HackerOne quadrupled its integration delivery speed to maximize developer efficiency and reduce the integration maintenance burden. Armed with seamless integrations, HackerOne customers can spend less time context-switching...
Not all security vulnerabilities are created equal
Tuesday, May 25, 2021 by Jack Mannino
Applications are the heart of employee and user productivity. There are billions of applications each with a specific function, value and, unfortunately, they also provide one of the easiest openings for cybercriminals and hackers to gain access to critical IT infrastructure and information assets. While most IT security professionals implicitly understand the concept o...
Six areas of focus for continuous security
Friday, April 16, 2021 by Jack Mannino
Applications are the heart of employee and user productivity. There are billions of applications each with a specific function and value and, unfortunately, they also provide one of the easiest openings for cyber criminals and hackers to gain access to critical IT infrastructure and information assets. While most IT security professionals implicitly understand the conce...
Denuvo has joined the PlayStation 5 Tools and Middleware program
Wednesday, March 10, 2021 by Brittany Hainzinger
As security and innovation collide, Denuvo by Irdeto announces it has joined the exclusive PlayStation®5 Tools and Middleware program. Denuvo offers its Anti-Cheat solution through this program to publishers and developers whose games are available on PlayStation®5.
Denuvo is at the forefront of games security with over 2 billion unique game installs pro...
DevSecOps will go mainstream this year
Tuesday, January 26, 2021 by Richard Harris
Cybercriminals love Shadow Code exploits because hacking a commonly used library or service can place the malicious code on hundreds or thousands of websites. For example, the widely used jQuery JavaScript library has been breached multiple times, leading to digital skimming attacks broadly across the e-commerce sector. Adding jQuery to an application without ...
5 mistakes businesses make in application development
Friday, October 23, 2020 by Mayur S Shah
5 Mistakes Businesses Make While Prioritizing Speed Over Security in Application Development
Earlier this year, the Democratic party in Iowa announced its plans to use a smartphone app to calculate and transmit their caucus results. One would think that by using technology to improve the speed of governance, what could possibly go wrong? A lot, apparently. The a...
HackNotice announces threat intelligence platform
Friday, September 18, 2020 by Brittany Hainzinger
HackNotice announced the launch of HackNotice Teams, a cybersecurity management platform powered by actionable threat intelligence and an industry solution to foster a company-wide culture of security. Built on HackNotice Premium’s technology, HackNotice Teams scours the dark web to alert employees of vulnerabilities, compromised information, and data breaches in ...
Datagran launches no-code platform
Tuesday, July 14, 2020 by Brittany Hainzinger
Datagran introduced its flagship platform. Designed to empower developers and growth hackers within data intensive companies, the Datagran platform allows companies to accelerate time-to-market for existing and new products and reduce the total number of tools needed to meet their business goals - without the need to write code and build APIs.
Many companies today ar...
One Identity Safeguard now supports Microsoft SQL Server
Friday, May 1, 2020 by Brittany Hainzinger
One Identity announced that its One Identity Safeguard solution now supports Microsoft SQL Server 2017 and SQL Server 2019 database environments. Microsoft was positioned as a Leader in the 2019 Gartner Magic Quadrant for Operational Database Management Systems*. With One Identity Safeguard, organizations can for the first time securely manage, monitor, record and audit...
To encrypt or not encrypt legacy devices no longer a choice
Thursday, March 19, 2020 by Austin Harris
Encryption forms a strong layer of protection for our data and a last line of defense against cybercrime. By deploying encryption, users can render their data unreadable if it is compromised. Whether that means hackers intruding into the network, or an employee unwittingly exposing sensitive information, the data will be useless to any unauthorized agents who happe...
Dangers of quantum hacking
Tuesday, February 11, 2020 by Richard Harris
Active Cypher has built a password-hacking quantum computer to demonstrate the dangers of quantum hacking.
Using $600 worth of hardware parts easily purchased online or at a local electronics store, Active Cypher’s founder and CTO, Dan Gleason, created a portable quantum computer dubbed QUBY (named after qubits, the basic unit of quantum information). QUBY runs...
Microsoft DART team tracks 77k active web shells
Thursday, February 6, 2020 by Brittany Hainzinger
In a blog post promoting the capabilities of its commercial security platform, Microsoft said that on a daily basis the company's security team detects and tracks on average around 77,000 active web shells, spread across 46,000 infected servers.
According to ZDNet, these numbers are staggering, since the 77,000 figure is far larger than any previous reports about...
StrandHogg Android vulnerability identified
Thursday, December 5, 2019 by Austin Harris
Promon, a Norwegian app security company, has identified tangible evidence of a dangerous Android vulnerability that allows malware to pose as any legitimate app, granting hackers access to private SMS’ and photos, steal victims’ log-in credentials, track movements, make and/or record phone conversations, and spy through a phone’s camera and microphone...
Threat of quantum computing hackathon to award $100,000
Monday, November 25, 2019 by Richard Harris
Communique Laboratory Inc. launched its quantum hackathon tackling the threat of quantum computing. Cybersecurity companies, computer science students and hackers have begun challenging the Company’s ‘quantum-safe’ encryption in a $100,000 hackathon.
The Company hosted an innovation celebration event with technology presentations from industry...
API Manager 3 from WSO2 released
Monday, November 18, 2019 by Richard Harris
APIs are the essential building blocks of digital businesses—assembling data, events and services from within the organization, throughout ecosystems, and across devices. This is driving new demands for organizations to create and monetize APIs and API products; maximize adoption and reuse across internal and external portals and API marketplaces; and ensure API s...
What Render announced at TechCrunch Disrupt SF's Startup Battlefield
Thursday, October 3, 2019 by Austin Harris
Render announced three major additions to its platform - Disks, Infrastructure as Code in the form of render.yaml and Deploy To Render button - onstage at TechCrunch Disrupt SF’s Startup Battlefield. Startup Battlefield showcases the most promising early-stage and fundamentally disruptive startups.
When it comes to hosting applications in the cloud, developers ...
IBM's z15 launches with Data Privacy Passports
Friday, September 13, 2019 by Austin Harris
Against a backdrop of global privacy breaches, with the cost of each security breach in the U.S. clocking in on avg $8.2 million, IBM launched "z15", the enterprise platform that delivers the ability to fully manage the privacy of customer data across hybrid and multi-cloud environments.
As part of the launch, IBM is announcing Data Privacy Passports, ...
AIPowered protection for APIs
Thursday, June 20, 2019 by Richard Harris
The proliferation of APIs catalyzed by digital transformation initiatives is viewed as a virtual goldmine by hackers, who are hijacking tokens, cookies and keys, as well as targeting weaknesses in individual APIs. And all too often, static security controls fail to stop these attacks. Now, WSO2 and Ping Identity have partnered to protect APIs against cyber-attacks by co...
Acronis gives developers early access to new cyber platform
Monday, April 29, 2019 by Brittany Hainzinger
Acronis announced the opening of its core platforms, enabling broad, third-party developer access to the Acronis Cyber Platform to encourage expanded functionality and application integrations while expanding their opportunities in Acronis’ large ecosystem.
The Acronis Cyber Platform, which is the foundation of the company’s existing services, features a ...
WordPress plugin vulnerabilities are a hackers playground
Wednesday, April 10, 2019 by Bryan Becker
What do TechCrunch, BBC America, PlayStation and MTV News all have in common?
Each of their websites is powered by WordPress.
Over 74.6 million, or roughly 30 percent, of the world’s websites, depend on WordPress to power their online platforms. Every second there are over six new WordPress.com posts and over 47,000 plugins, with the number growing daily. Wh...
