The following content is brought to you by Lifehacker partners. If you buy a product featured here, we may earn an affiliate commission or other compensation.

Trying in vain to get your grocery costs down? Skimping at the fuel pump only to run out of gas a week later? You’re not alone. With everyday costs on the rise, it’s easy to feel like you just can’t get ahead of your finances.

Successful savers take a more practical approach to their finances. Rather than obsessing over daily expenses, they focus on trimming the bigger monthly bills.

The best place to start could be your car loan. Autopay takes the stress and time out of refinancing your auto loan, giving you a quick win that will motivate you to tackle your other big bills. Here are three reasons refinancing with Autopay is the go-to for savvy savers.

Autopay

Take the hassle out of refinancing your car loan. It's fast, simple, and could save you money.

You could save over $1,500 annually

When you refinance through Autopay, you’ll get access to their wide network of trusted lenders and financial institutions. This means you’ll be offered some of the most competitive interest rates in the industry and can review the terms of your loan to better suit your needs.

The average monthly payment savings for people who refinance their auto loan with Autopay is $129.49. That’s $1,553 annually, without making any sacrifices. Life as per usual, just cheaper.

Get it done online during the in-between moments

With Autopay’s simple three-step process, you can apply, review offers, and accept your new loan online during in-between moments like your morning commute, making those savings go even further. After all, time is money. Here’s how it works: 

1. Share some basic vehicle, loan, and financial details in Autopay’s secure portal 

2. Log in to review offers from multiple lenders, and select the offer that best aligns with your priorities

3. E-sign your loan documents with a few taps from your mobile device

It really is that easy, but if you have any questions about the process along the way, you’ll have access to a dedicated account manager who can guide you through every step. 

Options for every type of credit score

Autopay addresses the irony that those facing the greatest financial challenges often have the fewest resources. By catering to a broad spectrum of credit profiles, they offer solutions for individuals with poor credit or no established credit history.

Whatever state your credit is in, you’ll get the same Autopay perks, including fast, easy application and access to a dedicated account manager. You can also explore options like a cash-back refinance to help pay off a high-interest credit card or cover an unexpected cost that’s come your way. 

With Autopay, you can get back in the driver’s seat on your auto loan payments quickly. Apply today to start saving.

from Lifehacker https://ift.tt/CbiJR8M

After linking the Axios npm supply chain attack to North Korean hackers, Google researchers warned that “hundreds of thousands of stolen secrets could potentially be circulating” as a result of this and the Trivy, KICS, LiteLLM, and Telnyx supply chain attacks (linked to TeamPCP).

“This could enable further software supply chain attacks, software as a service (SaaS) environment compromises (leading to downstream customer compromises), ransomware and extortion events, and cryptocurrency theft over the near term,” they added.

TeamPCP exploits stolen secrets for cloud intrusions

Google-owned cloud security company Wiz has responded to multiple attacks being carried out by TeamPCP.

“[The Wiz Customer Incident Response Team (CIRT)] saw indications in Cloud, Code, and Runtime evidence that the credentials and secrets stolen in the supply chain compromises were quickly validated and used to explore victim [cloud] environments and exfiltrate additional data,” they said.

“While the speed at which they were used suggests that it was the work of the same threat actors responsible for the supply chain operations, we are not able to rule out the secrets being shared with other groups and used by them.”

Tech firm OwnCloud stated last week that it had been affected by the Trivy compromise and their ability to ship new builds of and patches for their software solutions “is temporarily suspended.”

Mercor, a startup that connects human experts with companies building AI, confirmed on Wednesday that it was affected by the LiteLLM supply chain attack.

The company said it is “one of thousands of companies” impacted and its security team and third-party forensics experts are still investigating the incident.

Though the Lapsus$ cyber extortion group claimed to have accessed the company’s databases and source code, Mercor has yet to disclose the extent of the impact/breach.

The connection between TeamPCP and Lapsus$ has been documented. Evidence from Lapsus$’s Telegram channel indicates they had prior knowledge of TeamPCP’s planned supply chain attacks.

TeamPCP has also apparently partnered with the Vect ransomware-as-a-service operation, and is professedly working on spinning up its own RaaS program called CipherForce.

Axios compromise affected organizations around the world

Axios is one of the most widely used JavaScript libraries out there, and the Axios npm supply chain compromise is expected to have a widespread impact.

“With over 100 million weekly downloads across both [affected] branches [of Axios npm], the blast radius of a three-hour compromise window is significant,” Tenable researchers noted.

Palo Alto Networks reports that this supply chain compromise has affected organizations across the US, Europe, Middle East, South Asia and Australia, operating in a variety of industries: financial services, high-tech, retail, professional and legal services, insurance, higher education, customers service, and more.

The attack resulted in a remote access trojan being installed on Windows, macOS and Linux systems, allowing operators to perform system reconnaissance and drop and execute additional binary payloads and commands.

The North Korean group (UNC1069) behind the Axios breach is known for using social engineering to trick people – especially in crypto, DeFi, software, and VC firms – into installing malware, which matches how the Axios maintainer said his system was compromised.

Historically, they have been financially motivated.

“While UNC1069 has had a smaller impact on cryptocurrency heists compared to other groups like UNC4899 in 2025, it remains an active threat targeting centralized exchanges and both entities and individuals for financial gain,” Mandiant researchers noted earlier this year.

Subscribe to our breaking news e-mail alert to never miss out on the latest breaches, vulnerabilities and cybersecurity threats. Subscribe here!

from Help Net Security https://ift.tt/CJcGUoH

This is for new routers; you don’t have to throw away your existing ones:

The Executive Branch determination noted that foreign-produced routers (1) introduce “a supply chain vulnerability that could disrupt the U.S. economy, critical infrastructure, and national defense” and (2) pose “a severe cybersecurity risk that could be leveraged to immediately and severely disrupt U.S. critical infrastructure and directly harm U.S. persons.”

More information:

Any new router made outside the US will now need to be approved by the FCC before it can be imported, marketed, or sold in the country.

In order to get that approval, companies manufacturing routers outside the US must apply for conditional approval in a process that will require the disclosure of the firm’s foreign investors or influence, as well as a plan to bring the manufacturing of the routers to the US.

Certain routers may be exempted from the list if they are deemed acceptable by the Department of Defense or the Department of Homeland Security, the FCC said. Neither agency has yet added any specific routers to its list of equipment exceptions.

[…]

Popular brands of router in the US include Netgear, a US company, which manufactures all of its products abroad.

One exception to the general absence of US-made routers is the newer Starlink WiFi router. Starlink is part of Elon Musk’s company SpaceX.

Presumably US companies will start making home routers, if they think this policy is stable enough to plan around. But they will be more expensive than routers made in China or Taiwan. Security is never free, but policy determines who pays for it.

from Schneier on Security https://ift.tt/Nd3uAM2

We may earn a commission from links on this page.

Over the past few years, the Chinese-made Boox Palma e-reader has gained a cult following in the U.S. for its phone-like form factor, Android compatibility, and less-addictive grayscale screen—I've personally credited it with helping me spend more time reading and less time scrolling on my iPhone. But as much as I love it, I do still always need to carry my phone with me, because the Palma—even the newer Palma 2 Pro with mobile data—just isn't a good match for many of the tasks I use my phone for, including navigation and tap-to-pay.

Soon, though, there may be a dual-purpose device that will serve both masters. Bigme, another Chinese tech company best known for its e-ink devices like e-readers and digital notebooks, has announced plans to produce a smartphone with two displays—an LCD screen on one side, and a color e-ink screen on the other.

The "world's first" color e-ink/LCD smartphone

This new phone doesn't yet have a price tag or a release date, but it does have a placeholder product page on the Bigme website, which promises the "Hibreak Dual" will be the "world's first color e-ink + LCD = dual-screen smartphone." The company has also posted cryptic comments on Reddit, encouraging you to "reserve your front-row seat" by signing up for more information about the device when it becomes available.

While the tech sounds intriguing, I have some reservations. It's true that Bigme has a track record with e-ink smartphones—it has made a few of them, including the Hibreak Pro, which is generally recognized as the best e-ink smartphone in a (very) niche market. But I've tried it, and it has the same problem that plagues Bigme's e-readers: absolutely horrendous software. I imagine the "Hibreak Dual" will use a similar OS, with the added technical hurdle that it will have to be optimized for two display formats. So my interest is piqued, but I'm skeptical the user experience will be good enough to actually make me consider ditching iOS.

Though there are no indication of what it might cost, the Hibreak Dual is likely to be on par with the entry level iPhone 17e at the very least—the existing Hibreak Pro costs between $400 and $430, depending on the model and the current promotions Bigme is offering.

Bigme HiBreak Pro

$386.00 at Amazon

$439.00 Save $53.00

$386.00 at Amazon

$439.00 Save $53.00

Not truly the first dual-screen device

While Bigme may be technically correct that the Hibreak Dual would be the first phone with both an LCD screen and color e-ink, it's not quite the innovation it seems: Yota, a now-defunct Russian mobile phone manufacturer, debuted the "Yotaphone" way back in 2012. That device had a 4.2-inch LCD screen on the front and a black-and-white e-ink display on the back. Though a few different models were introduced over the years, it was never widely available internationally, however, and Yota went out of business in 2019.

from Lifehacker https://ift.tt/HRsxl80

The software supply chain attack that resulted in the compromise of npm packages of Axios, an extremely popular HTTP client library, is believed to be the work of financially-motivated North Korean attackers.

Links to UNC1069

On March 31, 2026, unknown attackers managed to publish two backdoored Axios npm packages after gaining access to a maintainer’s npm account.

The malicious versions introduced a hidden dependency containing a post-install script, and this script executed automatically during installation and attempted to download and run additional payloads from the attacker-controlled infrastructure.

The goal was to deploy malware capable of remote access and system compromise, potentially allowing attackers to steal sensitive data or move laterally within affected environments.

The stealth and sophistication of the attack pointed to skilled attackers. The injected code was minimal and designed to evade detection and the malicious behavior was offloaded to the external dependency and remote payload, which made it harder for developers or automated tools to quickly identify the compromise.

The attribution of the attack was made by Google Threat Intelligence Group (GTIG) researchers and Mandiant analysts, based on the backdoor that was deployed on victim systems and the command and control (C2) infrastructure used.

“The platform-specific payloads ultimately deploy variants of a backdoor tracked by GTIG as WAVESHAPER.V2, a backdoor written in C++ that targets macOS to collect system information, enumerate directories, or execute additional payloads and that connects to the C2 provided via command-line arguments,” the researchers noted.

Additional variants of WAVESHAPER.V2 have been written in PowerShell and Python to target Windows and Linux environments, respectively. The backdoor acts as a remote access trojan and is capable of system reconnaissance, file system enumeration, and code execution.

Previous versions of the backdoor were used by a North Korea-nexus threat actor GTIG calls UNC1069, which has been active since at least 2018 and is known for targeting organizations to steal cryptocurrency.

“Analysis of the C2 infrastructure (sfrclak[.]com resolving to 142.11.206.73) revealed connections from a specific AstrillVPN node previously used by UNC1069. Additionally, adjacent infrastructure hosted on the same ASN has been historically linked to UNC1069 operations,” they added.

Further breaches expected

The exposure window was short – the malicious Axios npm versions were available less than three hours before being removed – but even such a short-lived compromise is expected to have a wide impact.

“This compromise is particularly significant because Axios is a widely used library and is often included as a transitive dependency across millions of applications,” noted Andres Ramos, Senior Threat Intelligence Researcher at Arctic Wolf.

“Organisations that install npm packages in CI/CD pipelines may have automatically pulled the malicious versions into build environments during the ~3-hour window Even systems that did not directly install Axios could be indirectly impacted if another package in the environment depended on the compromised versions, highlighting the broader downstream risk across modern JavaScript ecosystems.”

Various security companies have offered remediation advice for potentially affected developers and organizations, as well as threat detection rules, and advice aimed at preventing similar attacks affecting them in the future.

Similarly, many companies have provided advice for those affected by the other supply chain attacks that happened in the last few days and targeted open-source projects like the Trivy security scanner, the LiteLLM library, and Telnyx on PyPI.

Those attacks have all been attributed to the financially-motivated TeamPCP – or, as GTIG calls them, UNC6780 – and there’s reports that the secrets harvested in those attacks will be used by “partnering” groups like the Vect ransomware-as-a-service (RaaS) and extortion groups like Lapsus$.

“Hundreds of thousands of stolen secrets could potentially be circulating as a result of these recent attacks. This could enable further software supply chain attacks, software as a service (SaaS) environment compromises (leading to downstream customer compromises), ransomware and extortion events, and cryptocurrency theft over the near term,” GTIG researchers warned.

“Defenders should pay close attention to these campaigns, and enterprises should initiate dedicated efforts to assess the existing impact, remediate compromised systems, and harden environments against future attacks.”

Subscribe to our breaking news e-mail alert to never miss out on the latest breaches, vulnerabilities and cybersecurity threats. Subscribe here!

from Help Net Security https://ift.tt/W5DpYdr

Exabeam has announced the expansion of Exabeam Agent Behavior Analytics (ABA). Without direct visibility into how employees use AI assistants, what they query, what data they share, how frequently they interact, and from where, organizations cannot establish a baseline for normal AI behavior, investigate potential misuse, or detect emerging agentic insider threats.

New support to detect agent behavior in OpenAI ChatGPT and Microsoft Copilot, alongside existing visibility into Google Gemini, transforms these agentic services into rich sources of behavior telemetry that feed directly into Exabeam threat detection, investigation, and response (TDIR) workflows.

“AI agents are evolving from simple chatbots into autonomous digital workers,” said Steve Wilson, Chief AI and Product Officer at Exabeam. “They authenticate, access systems, and execute real business processes. When compromised, their activity will often look legitimate. Guardrails designed to catch prompt injection or hallucinations do not address that risk. Securing digital workers requires deep visibility into baseline behavior and the ability to detect subtle deviations before they become material incidents.”

“AI is rapidly reshaping how organizations operate, compete and grow, creating a new, digital workforce that helps them move faster and at scale,” said Pete Harteveld, CEO at Exabeam. “As this transformation accelerates leaders are compelled to understand how these systems operate inside the enterprise. Our expansion of Agent Behavior Analytics helps organizations stay protected from emerging risks while adopting AI with confidence and maintaining the oversight and accountability required to proliferate these capabilities across an enterprise.”

To address these, Exabeam has delivered five new capabilities that work together to provide coverage of the agentic attack surface:

• AI behavior baselining. Exabeam builds dynamic behavior profiles for users and their AI agents, tracking patterns across request volumes, token usage, tool invocations, web sessions, and outbound activity. When behavior deviates from established norms, such as sudden spikes in API calls or token consumption. Exabeam flags the anomaly, helping security teams detect misuse before it escalates.
• Prompt and model abuse detection. Exabeam detects prompt injection, model manipulation, and tool exploitation before attacks escalate. A new detection library, five times larger than the previous version, covers the full threat spectrum: prompt manipulation, and shadow AI activity. All surfaced at the point of entry, not after the damage is done.
• Identity and privilege monitoring. While baselining tracks how agents behave, identity and privilege monitoring governs what they’re allowed to do. Exabeam detects anomalies across AI platform roles, users, and permissions — including first-time role assignments, unexpected privilege escalations, and unusual permission changes, ensuring AI identities are governed with the same rigor as traditional enterprise identities.
• Agent lifecycle monitoring. Exabeam provides full visibility into the creation, modification, and usage of AI agents, surfacing first-agent-creation and invocation events as discrete, auditable signals. Security teams can now track the complete lifecycle of every agent operating in their environment, closing the governance gap that has made agent activity invisible to most organizations.
• Coverage for OWASP Top 10 for agentic AI. Exabeam monitors agent behavior against the OWASP Top 10 for agentic AI, bringing measurable coverage to a threat category that previously lacked a defined framework. This alignment establishes a benchmark for governing and defending AI agents in the enterprise.

“As we move deeper into the agentic era, the rapid adoption of AI agents — including a growing ecosystem of enterprise-grade AI tools across our organization — is transforming the risk landscape,” said Nithin Reddy, Global VP of Cybersecurity at Dayforce.

“Security teams now operate in a world where both humans and autonomous agents interact with systems and data at a massive scale. Traditional detection models weren’t built for this reality. What we need is clear behavior visibility and a simple way to quantify risk. Exabeam gives us that clarity — helping us focus on the risks that actually matter instead of chasing thousands of benign signals and enabling us to put the right guardrails in place while continuing to accelerate AI innovation across the business,” Reddy continued.

These new capabilities are accompanied by a broad set of enhancements across the Exabeam New-Scale and LogRhythm Platforms, designed to improve the day-to-day experience for administrators and security analysts while continuing to deliver deep visibility and automated response that helps teams streamline workflows, reduce alert fatigue, and accelerate threat detection.

from Help Net Security https://ift.tt/fkv1K8G

The following CIS Benchmarks and CIS Build Kits have been updated or recently released. We've highlighted the major updates below. Each Benchmark and Build Kit includes a full changelog that references all changes.

CIS Benchmarks Updated Last Month

CIS Microsoft Windows 11 Enterprise Benchmark v5.0.0

We are excited to announce the publication of the updated CIS Microsoft Windows 11 Enterprise Benchmark v5.0.0.

Our team has devoted significant time and effort to enhance the content of this benchmark, ensuring it remains relevant and valuable to members.

Here's a quick overview of the key improvements we've made in this update:

• Added 9 new security settings
• Updated 23 settings
• Removed 18 settings
• Renamed 1 setting
• Moved, added, and removed sections due to updated ADMX templates

A change log detailing the modifications made is included in the Word Doc and PDF versions of the Benchmark.

A huge thank you to the CIS Windows Community and Windows Team for making this Benchmark happen. Special thanks to Haemish Edgerton and Aaron Margosis.

Download the CIS Microsoft Windows 11 Enterprise Benchmark v5.0.0 in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

CIS Oracle Cloud Infrastructure Foundations Benchmark v3.1.0

We are proud to announce the release of a minor update to the CIS Oracle Cloud Infrastructure Foundations Benchmark v3.1.0.Version 3.1.0 includes minor adjustments to maintain alignment with recent changes in the OCI platform’s user interface and event structures. These changes ensure continued accuracy and reliability of benchmark results, reflecting the current OCI experience. No other functionality or evaluation criteria are affected.

Thank you to Josh Hammer, for this update to keep the guidance current.

Download the CIS Oracle Cloud Infrastructure Foundations Benchmark v3.1.0 in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

CIS Apache Cassandra 5.0 Benchmark v1.1.0 

We are Excited to Announce the release of CIS Apache Cassandra 5.0 Benchmark v 1.1.0.

• This Benchmark includes support for Apache Cassandra 5.0.6
• All recommendations have been reviewed, tested, and validated to support v5.0.6

This Benchmark exemplifies the great things a community of users, vendors, and subject matter experts can accomplish through consensus collaboration.

The CIS community thanks the entire consensus team with special recognition to the following individuals who contributed greatly to the creation of this guide: Joeseph Testa, Tony Wilwerding, and Chriag Shah.

Download the CIS Apache Cassandra 5.0 Benchmark v1.1.0 in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

CIS Apache Cassandra 4.1 Benchmark v1.2.0 

We are Excited to Announce the release of CIS Apache Cassandra 4.1 Benchmark v 1.2.0!

• This Benchmark includes support for Apache Cassandra 4.1.10
• All recommendations have been reviewed, tested, and validated to support v4.1.10

The CIS community thanks the entire consensus team with special recognition to the following individuals who contributed greatly to the creation of this guide: Joeseph Testa, Tony Wilwerding, and Chriag Shah.

Download the CIS Apache Cassandra 4.1 Benchmark v 1.2.0 in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

CIS Apache Cassandra 4.0 Benchmark v1.3.0 

We are happy to announce the release of CIS Apache Cassandra 4.0 Benchmark v1.3.0!

• This Benchmark includes support for Apache Cassandra 4.0.19
• All recommendations have been reviewed, tested, and validated to support v4.0.19

The CIS community thanks the entire consensus team with special recognition to the following individuals who contributed greatly to the creation of this guide. Special thanks to Joeseph Testa, Tony Wilwerding, and Chriag Shah.

Download the CIS Apache Cassandra 4.0 Benchmark v 1.3.0 in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

CIS Microsoft Windows Server 2022 Benchmark v5.0.0 

We are excited to announce the publication of the updated CIS Microsoft Windows Server 2022 Benchmark v5.0.0.

Our team has devoted significant time and effort to enhance the content of this benchmark, ensuring it remains relevant and valuable to members.

Here's a quick overview of the key improvements we've made in this update:

• Added 3 new security settings
• Updated 16 settings
• Removed 15 settings
• Renamed 1 setting.
• Moved, added, and removed sections due to updated ADMX templates

A changelog detailing the modifications made is included in the Word Doc and PDF versions of the Benchmark. A huge thank you to the CIS Windows Community and Windows Team for making this Benchmark happen.

Download the CIS Microsoft Windows Server 2022 Benchmark v5.0.0 in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

CIS Microsoft Windows Server 2025 Benchmark v2.0.0

We are excited to announce the publication of the updated CIS Microsoft Windows Server 2025 Benchmark v2.0.0.

Our team has devoted significant time and effort to enhance the content of this Benchmark, ensuring it remains relevant and valuable to members.

 Here's a quick overview of the key improvements we've made in this update:

• Added 8 new security settings
• Updated 17 settings
• Removed 17 settings
• Renamed 1 setting
• Moved, added, and removed sections due to updated ADMX templates

A changelog detailing the modifications made is included in the Word Doc and PDF versions of the Benchmark.

A huge thank you to the CIS Windows Community and Windows Team for making this benchmark happen. Special thanks to Haemish Edgerton and Aaron Margosis.

Download the CIS Microsoft Windows Server 2025 Benchmark v2.0.0 in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

CIS GitHub Benchmark v1.2.0

We are pleased to announce the publication of CIS GitHub Benchmark V1.2.0. This release addresses GitHub versions up to and including V3.18.

This version includes updates and edits to:

• Authentication to access the build environment
• Ensuring Webhooks are secured
• Validating the recommendations are relevant to the latest version V3.18

Thanks to the community for providing recommendations, edits, and suggestions that have improved this Benchmark. Special thanks to Matt Reagan, Tony Wilwerding, and James Osborne.

Download the CIS GitHub Benchmark v1.2.0 in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

New CIS Benchmark Released Last Month

CIS Microsoft Defender Antivirus Benchmark v1.0.0

We are excited to announce the publication of the new CIS Microsoft Defender Antivirus Benchmark v1.0.0. Our team has devoted significant time and effort to enhance the content of this Benchmark, ensuring it remains relevant and valuable to members.

A huge thank you to the CIS Windows Community and Windows Team for making this benchmark happen. Special thanks to Haemish Edgerton, Aaron Margosis, Martin Himken, Johannes Kristjansson, and James Robinson.

Download the CIS Microsoft Defender Antivirus Benchmark v1.0.0 in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

CIS Microsoft Intune for Edge Benchmark v1.0.0

We are excited to announce the publication of the new CIS Microsoft Intune for Edge Benchmark v1.0.0. Our team has devoted significant time and effort to enhance the content of this benchmark, ensuring it remains relevant and valuable to members.

A huge thank you to the CIS Windows Community and Windows Team for making this Benchmark happen. Special thanks to Phil Chatham, Martin Himken, Johannes Kristjansson, JJ Milner, and James Robinson.

Download the CIS Microsoft Intune for Edge Benchmark v1.0.0 in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

New CIS Build Kit Released Last Month

• CIS Microsoft Windows 11 Enterprise Benchmark v5.0.0
• CIS Microsoft Intune for Edge Benchmark v1.0.0
• CIS Apple iOS 18.0 Benchmark v2.0.0
• CIS Apple iOS 26 Benchmark v1.0.0
• CIS Apple iPadOS 18.0 Benchmark v2.0.0
• CIS Apple iPadOS 26 Benchmark v1.0.0
• CIS Apple macOS 14.0 Sonoma Benchmark v3.0.0
• CIS Apple macOS 15.0 Sequoia Benchmark v2.0.0
• CIS Apple macOS 26 Tahoe Benchmark v1.0.0
• CIS Debian Linux 13 Benchmark v1.0.0
• CIS Microsoft Defender Antivirus v1.0.0
• CIS Microsoft Windows Server 2022 Benchmark v5.0.0
• CIS Microsoft Windows Server 2025 Benchmark v2.0.0

---

Get involved by helping us develop content, review recommendations, and test CIS Benchmarks. Join a community today!

If you're interested, please reach out to us at [email protected]. You can also learn more on the CIS Benchmarks Community page.

As of June 23, 2025, the MS-ISAC has introduced a fee-based membership. Any potential reference to no-cost MS-ISAC services no longer applies.

from Help Net Security https://ift.tt/KoDLjEz