Help Net Security

Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858)

January 28, 2026 add comment
Fortinet has begun releasing FortiOS versions that fix CVE-2026-24858, a critical zero-day vulnerability that allowed attackers to log into targeted organizations’ FortiGate firewalls. “This vulnerability was found being exploited... Read more »

Attackers use Windows App-V scripts to slip infostealer past enterprise defenses

January 27, 2026 add comment
A malware delivery campaign detailed by Blackpoint researchers employs an impressive array of tricks to deliver an infostealer to employees without triggering enterprise defenses or close examination by security... Read more »

Tenable One AI Exposure delivers unified visibility and governance across AI, cloud and SaaS

January 27, 2026 add comment
Tenable announced general availability of Tenable One AI Exposure. With this release, the Tenable One Exposure Management Platform unifies AI protection, discovery and usage governance across the enterprise, including... Read more »

NICE Actimize Insights Network combats fraudulent transfers

January 27, 2026 add comment
NICE Actimize launched Actimize Insights Network, an intelligence network designed to give financial institutions real-time visibility into counterparty risk. Leveraging insights from its Fraud and Financial Crime network, the... Read more »

HackerOne brings Agentic PTaaS to continuous, expert-validated pentesting

January 27, 2026 add comment
HackerOne announced Agentic Pentest as a Service (Agentic PTaaS), delivering continuous security validation by combining autonomous agent execution with human expertise to ensure every finding reflects exploitable risk that... Read more »

Microsoft brings AI-powered investigations to security teams

January 27, 2026 add comment
Microsoft Purview Data Security Investigations is now available. The tool is part of Microsoft Purview and is intended for scenarios such as data breach and leak investigations, credential exposure,... Read more »

AWS adds IPv6 support to IAM Identity Center through dual-stack endpoints

January 27, 2026 add comment
Amazon Web Services has added IPv6 support to IAM Identity Center through new dual-stack endpoints. The update allows identity services to operate over IPv6 networks while continuing to support... Read more »

NETSCOUT adds Wi-Fi 7 observability and real-time SSL certificate monitoring

January 27, 2026 add comment
NETSCOUT announced new capabilities that further enhance its observability solutions to address critical gaps in remote site management and risks stemming from expired SSL/TLS certificates. New nGeniusONE solution enhancements... Read more »

Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509)

January 27, 2026 add comment
Microsoft released emergency Office security updates to fix a security feature bypass vulnerability (CVE-2026-21509) that its threat intelligence and security teams spotted being exploited in the wild in zero-day... Read more »

Zscaler expands AI security capabilities to deliver visibility, control, and governance

January 27, 2026 add comment
Zscaler has announced new AI security innovations designed to empower enterprises to secure the fast growing use of AI, while maintaining visibility, control, and governance. As organizations adopt generative... Read more »
Subscribe to our Newsletter