News – Help Net Security

Meta has expanded its Teen Accounts 13+ content settings globally on Instagram, Facebook, and Messenger. The safeguards are designed to help young users see age-appropriate content by default. The company also introduced Limited Content on Instagram for parents seeking stricter restrictions. Meta plans to roll out the feature on Facebook and Messenger later this year. Content settings (Source: Meta) What the 13+ setting includes Facebook’s 13+ content setting hides content in Feed and Reels that … More → The post Meta adds stricter guardrails for teen feeds appeared first on Help Net Security.

Atlas Menu, a cheat service for Grand Theft Auto V and Counter-Strike 2, has been added to the Have I Been Pwned database following a data breach that exposed tens of thousands of user records. The incident exposed approximately 64,000 accounts, including email addresses, usernames, IP addresses, support tickets, and passwords hashed with bcrypt. The attacker claimed to have compromised all Atlas systems before leaking the service’s database through a public GitHub repository. In a … More → The post 64,000 accounts exposed in breach of GTA V cheat service Atlas Menu appeared first on Help Net Security.

Office workers in the United States lose hours each week to email triage and to searching for files spread across disconnected systems. Roughly 40 percent of US labor, about 72 million people, works primarily with information such as analysis, documents, designs, and communication. Research from the McKinsey Global Institute puts the average knowledge worker at 28 percent of the workweek on email and close to 20 percent on hunts for internal information or for colleagues … More → The post Codex knowledge work expands into research, reports, and spreadsheets appeared first on Help Net Security.

Google has announced the June 2026 Android security updates, which fix a bucketload of vulnerabilities, including a high-severity vulnerability (CVE-2025-48595) in the Android Framework that “may be under limited, targeted exploitation.” About CVE-2025-48595 CVE-2025-48595 is an integer overflow vulnerability in the Android Framework, a set of APIs and system services that apps interact with directly. The flaw allows attackers to escalate privileges on a vulnerable device, and they may gain complete access to the device … More → The post Google fixes actively exploited Android vulnerability (CVE-2025-48595) appeared first on Help Net Security.

Microsoft has released multiple identity and network access capabilities for Entra, its family of identity and network access products that help organizations implement a zero trust security strategy, over the last 30 days. Features reaching general availability Identity and authentication updates Phishing-resistant MFA is now available on Linux desktops through the Microsoft identity broker. The feature supports Ubuntu 24.04 and 26.04, as well as RHEL 8, 9, and 10, bringing Linux support in line with … More → The post Microsoft Entra pushes passkeys, tightens identity security appeared first on Help Net Security.

A threat actor used AI technologies to build a malware-testing framework for developing and refining endpoint detection and response (EDR) evasion techniques, according to Sophos. The investigation began after an anomalous endpoint in a customer environment triggered alerts tied to malicious payloads originating from a testing directory. The files pointed to a broader framework focused on evading detection. The environment contained Cobalt Strike profiles designed to disguise beacon traffic as legitimate web requests, a Telegram-based … More → The post Sophos uncovers AI-powered malware lab built for EDR evasion appeared first on Help Net Security.

Unknown attackers have compromised 30+ Red Hat Cloud Services npm packages with malware that goes after credentials stored in developers’ build environment. What the malware stole and how it can spread further The compromised packages were published in two different GitHub source repositories on June 1, 2026, between 10:53 and 10:53:33 UTC and 13:44 and 13:46:47 UTC. According to Wiz Security, a specific Red Hat employee GitHub account was compromised and “pushed malicious orphan commits … More → The post Red Hat npm packages compromised in new Mini Shai-Hulud malware wave appeared first on Help Net Security.

KDE Linux, the in-progress operating system from the KDE community, removed several kernel modules and software packages after a security audit of the components shipped with the system. The work followed the discovery of multiple security issues in the upstream Linux kernel during the prior month. Kernel and module changes Three contributors examined insecure and unused software included in KDE Linux. The audit led to a return to the vanilla Linux kernel. The Zen kernel … More → The post KDE Linux security audit cuts kernel modules and unused packages appeared first on Help Net Security.

OpenAI frontier models and Codex are now available on AWS, giving customers access to OpenAI capabilities within AWS environments and the controls needed to move more quickly from evaluation to deployment. OpenAI capabilities on Amazon Bedrock These capabilities are available through OpenAI models on Amazon Bedrock, a platform for building generative AI applications and agents at production scale. The platform enables teams to build AI applications using AWS-native security and governance controls. Amazon Bedrock Managed … More → The post OpenAI brings frontier AI to existing AWS environments appeared first on Help Net Security.

The Spanish National Police arrested a man in Granada for allegedly leaking personal data belonging to members of several sensitive state institutions. According to police, the suspect published the information on multiple online platforms, exposing personnel associated with organizations including the National Cybersecurity Institute (INCIBE), the National Security Council, the National Police, the Civil Guard, the State Attorney General’s Office, the Ministry of Finance, and the Tax Agency. “The investigation, led by Madrid’s Court of … More → The post Sensitive government personnel data posted online, Spanish police arrest suspect appeared first on Help Net Security.