Network Security | Breaking Cybersecurity News | The Hacker News

Most of the commentary on Anthropic's Claude Mythos Preview has gone in one of two directions: one camp treats it as the civilizational inflection point, the other as marketing dressed up as a research result. Neither read is particularly useful for a security leader who still has a program to run on Monday. The AISLE team's technical response to the Mythos announcement made a fair point worth sitting with: much of what was demonstrated is recoverable on smaller, open-weight models, particularly on the discovery side. Early testing results of OpenAI's GPT 5.5 show CTF performance close to or slightly superior to Mythos; the exclusivity framing is arguable, but the accelerated model improvement in offensive security is undisputable. The UK AI Security Institute found that Mythos can autonomously execute a complete corporate network takeover, succeeding in 30% of its attempts on a complex attack range — a task AISI estimates would require roughly 20 hours for a human e...

For years, cybersecurity has operated on a simple premise: detect malware, stop the attack. That model is starting to break down. Attackers are no longer relying primarily on malicious files or obvious payloads. Instead, they're increasingly turning to what already exists inside your environment — trusted tools, native binaries, and legitimate administrative utilities. These are used to move laterally, escalate privileges, and maintain persistence, often without triggering traditional security alerts. The problem? Most organizations don't recognize this exposure until after the damage is already done. To better understand how this risk manifests in real environments, Bitdefender offers a complimentary free Internal Attack Surface Assessment — a practical, low-friction way to uncover where trusted tools may be working against you. Here's what's really happening inside modern environments — and why attackers prefer to use your own tools against you. 1. Attacks Are Designed Not to ...

For decades, the firewall was the most trusted enforcement point in enterprise security. Every packet crossed it. Every policy lived on it. If you wanted to secure the network, you started there. Then work moved somewhere the firewall couldn't follow. Today, the average enterprise employee spends most of their day inside a browser — navigating SaaS applications, collaborating in cloud platforms, running queries through AI tools, and sharing files through web interfaces. All of it travels over HTTPS. All of it looks identical at the network layer: port 443, encrypted, and opaque. The firewall sees a connection. It doesn't see a ChatGPT prompt containing customer PII. It doesn't see a browser extension silently harvesting credentials. It doesn't see the SaaS file-sharing that just moved sensitive data outside the organization's control. This is the visibility gap that defines enterprise security in 2026. SSE Was the Right Answer — Deployed the Wrong Way Securi...

For decades, organizations operated under the assumption that vulnerability management could be slotted into predictable maintenance windows. Monthly patch cycles, quarterly review periods, and planned outages became the standard rhythm of IT operations. Yet, in today's environment, where exploit code emerges within hours of a disclosure and attackers weaponize vulnerabilities on an industrial scale, those rhythms are dangerously outdated. The modern reality is that continuous patch management and end-to-end vulnerability lifecycle governance are no longer aspirational, they are the bare minimum. Security must be measured not by the comfort of predictability, but by the ability to remediate as close to real time as possible. The Problem with Periodic Maintenance Windows Exploitation Outpaces Response: exploits are increasingly released at or before vendor patch availability. A monthly or even bi-weekly patch cadence leaves systems exposed during the critical first days when atta...

Enterprises are spending more than ever on DDoS defense, but despite the increased investment, organizations are still suffering damaging downtime. MazeBolt's new DDoS Defense survey , produced in collaboration with Global Surveyz, quizzed 300 CISOs and security directors across the US and Europe, and uncovered some surprising perspectives. The following is a sneak preview from the report. Inside the Survey MazeBolt surveyed senior security leaders at banking, financial services, and insurance companies with between 500 and 25,000 employees and annual revenues of at least $250 million. These are organizations where business continuity is critical and where a single outage can cause severe financial and reputational damage. Attacks Keep Coming – and They're Costly Respondents reported an average of 3.85 damaging DDoS incidents in the past year. 60% said they suffered between 2 and 5 such attacks. Larger companies faced the most serious consequences, with enterprises of more than 1...

As hybrid and multi-cloud environments become the standard, organizations are under growing pressure to deliver scalable and secure remote access. Traditionally, Virtual Private Networks (VPNs) have been the go-to solution for connecting remote users to corporate networks. While VPNs have been essential for remote access, they were originally designed for simpler, perimeter-based security models. Organizations that rely solely on VPNs face significant limitations, including weak access control, increased risk of lateral movement and poor visibility. Continue reading to learn the limitations of VPN-based access and how KeeperPAM® provides a strong, modern alternative for securing remote access. Why VPNs are no longer enough Although VPNs have been used to enable remote access within organizations, the limitations of VPNs are becoming increasingly clear as IT environments span across multiple on-premises, hybrid and remote systems. Relying on VPN-based access alone can actually make ...

These days, there are plenty of ways to run DDoS simulation testing and make sure you're protected against attacks. You can do it on your own using commercial software or open-source tools—whatever works best for you. That said, there are a few must-haves when it comes to running DDoS tests. For one, you'll need a platform that allows you to easily start and stop attack simulations as needed. Plus, don't forget to notify and get approval from relevant parties, such as your cloud provider or tool vendor, before you begin testing. Beyond these basics, there are some best practices that can help you get the most out of your  DDoS testing . 1 – Plan tests to validate the protection of your most critical assets  While it may be easier to run black box testing (basically launching attacks without looking at the internal structure, architecture, and configuration of your protection), a white box testing approach is much more effective when it comes to uncovering serious vulnera...

The past year has marked a decisive shift in the way Distributed Denial-of-Service (DDoS) attacks operate. DDoS used to mean, simply speaking, the overwhelming of targets with massive amounts of traffic. But now, DDoS attacks have evolved into precision-guided threats – and this transformation can be partly attributed to AI.  The acceleration is measurable. In the first quarter of 2025 alone, DDoS incidents surged by 358 percent compared to the same period in 2024, according to Cloudflare. Even more concerning, the proportion of attacks that caused actual production downtime rose by 53 percent. This is not just a spike. It is a sign that attackers are fundamentally changing how DDoS campaigns are planned, launched, and adapted in real time. The consequences are significant: organizations that rely on legacy DDoS defenses or irregular testing methods are finding themselves exposed, often without knowing it. How Attackers are Enhancing DDoS Attacks DDoS attacks historically reli...

Sub: GenAI is here to stay. The organizations that thrive will be those that understand its risks, implement the right safeguards, and empower their employees to harness it safely and responsibly. For many people, generative AI (GenAI) began as personal experimentation in homes and on personal devices. Now, however, AI has become deeply ingrained in workplace habits, creating productivity gains, but also exposing organizations to significant security gaps. Sensitive company data, inadvertently or otherwise, regularly finds its way into public AI systems, leaving IT and cybersecurity leaders scrambling to respond. Once proprietary data is processed by a public AI tool, it may become part of the model's training data, serving other users down the line. For example, in March 2023, a multinational electronics manufacturer was reported to have experienced several incidents of employees entering confidential data, including product source code, into ChatGPT. Generative AI applications, su...

With thousands of endpoints, cloud instances, remote users, and third-party integrations, securing the enterprise has become a massive target. Each change in the IT environment - whether driven by digital transformation, M&A activity, or routine system updates - creates new opportunities for adversaries to leverage. Yet, the network is the backbone of business operations. It must always be available to support production, collaboration, and growth.  In this article, we'll explore the specific challenges large enterprises face when validating their security posture and how leading security teams are evolving their testing strategies to match the scale, speed, and sophistication of large, multi-faceted IT networks.  The Challenges of Validating Enterprise Network Security Enormous attack surface - In large enterprises, the attack surface spans countless assets across on-prem, cloud, and hybrid environments, making comprehensive security validation incredibly complex. Ac...