Blog

Fortinet enhances SecOps with cloud SOC, AI automation, and managed services

Fortinet has announced major innovations across the Fortinet Security Operations (SecOps) Platform. The updates feature next-generation SecOps advancements, including expanded agentic AI capabilities, a preview of FortiSOC, managed services, and endpoint security enhancements delivered through FortiEndpoint. “As attackers weaponize AI to accelerate reconnaissance, exploit development, and social engineering, security operations must function with the same speed and coordination. Fortinet is advancing a unified, AI-powered security operations platform that provides a scalable operating architecture across our … More → The post Fortinet enhances SecOps with cloud SOC, AI automation, and managed services appeared first on Help Net Security.
http://news.poseidon-us.com/TRPnd7

Mend.io eliminates AI prompt weaknesses before production

Mend.io has launched System Prompt Hardening within Mend AI to detect, score, and automatically remediate weaknesses in AI system prompts. Hidden instructions in system prompts have emerged as a growing security concern that traditional AppSec tools do not fully address. System Prompt Hardening provides instant visibility into these behind-the-scenes instructions, identifies weaknesses, and automatically strengthens prompt logic to reduce risk before applications reach production. Powered by Mend.io’s proprietary AI Weakness Enumeration (AIWE), a framework modeled … More → The post Mend.io eliminates AI prompt weaknesses before production appeared first on Help Net Security.
http://news.poseidon-us.com/TRPlqr

Messenger can warn you about sketchy links without knowing what you clicked

Meta’s Advanced browsing protection (ABP) helps Messenger identify and warn users about potentially harmful websites they open from a chat. Malicious sites can try to steal passwords, collect personal information, or install malware. Advanced browsing protection (Source: Meta) “In its standard setting, Safe Browsing uses on-device models to analyze malicious links shared in chats. But we’ve extended this further with an advanced setting called Advanced Browsing Protection (ABP) that leverages a continually updated watchlist of … More → The post Messenger can warn you about sketchy links without knowing what you clicked appeared first on Help Net Security.
http://news.poseidon-us.com/TRPlqV

HR, recruiters targeted in year-long malware campaign

An attack campaign targeting HR departments and job recruiters has been stealthily compromising systems, Aryaka researchers have discovered. By avoiding analysis environments and leveraging a specialized module designed to kill antivirus and endpoint detection software, the Russian-speaking attacker(s) behind this campaign have managed to keep their activity largely under the radar. “We currently lack telemetry to determine how widespread the campaign is,” Aditya K. Sood, Aryaka’s VP of Security Engineering & AI Strategy, told Help … More → The post HR, recruiters targeted in year-long malware campaign appeared first on Help Net Security.
http://news.poseidon-us.com/TRPg18

Microsoft flips Windows Autopatch to default hotpatch security updates

Microsoft is changing the default behavior in Windows Autopatch so that hotpatch security updates are enabled automatically for eligible devices managed through Microsoft Intune or the Microsoft Graph API starting with the May 2026 Windows security update. Windows Autopatch is a Microsoft-managed service that automates updates for Windows and Office. It also lets IT administrators pause updates and roll them back if devices fail to meet performance targets after installation. Introduced about a year ago, … More → The post Microsoft flips Windows Autopatch to default hotpatch security updates appeared first on Help Net Security.
http://news.poseidon-us.com/TRPg17

Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts

Phishers are targeting AWS accounts holders with fake email security alerts and redirecting them to a high-fidelity clone of the AWS Management Console sign-in page, Datadog researchers have warned. The cloned AWS phishing page (Source: Datadog Security Labs) The campaign has been running since the end of February and possibly earlier. “In one observed case, the operator authenticated to a compromised AWS account within 20 minutes of credential submission,” the researchers noted. Fake AWS security … More → The post Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts appeared first on Help Net Security.
http://news.poseidon-us.com/TRPg0C

Terra Portal adds human-governed AI to live production pentesting

Terra Security has announced the launch of Terra Portal, its agentic desktop app that serves as an execution layer for pentesters to direct and oversee AI-driven testing in live production environments. Terra Portal reduces the discovery-to-fix cycle for vulnerabilities from the industry average of nearly three months to a matter of hours without sacrificing safety or compliance. As a result, customers can now remediate critical findings well within the Cybersecurity and Infrastructure Security Agency’s (CISA) … More → The post Terra Portal adds human-governed AI to live production pentesting appeared first on Help Net Security.
http://news.poseidon-us.com/TRPZc5