Category: Help Net Security

Federal authorities have seized 13 internet domains allegedly used to target current and former U.S. government employees and military personnel with access to classified and sensitive information. The post FBI seizes 13 websites linked to alleged Chinese intelligence-gathering effort appeared…

Read more →

Online fraud is becoming harder to distinguish from legitimate activity as AI-generated messages, voices, photos, reviews, and identities become more convincing. Nearly nine in ten adults say they can no longer tell what is real from AI-generated content, according to…

Read more →

Check Point has announced a major expansion of its Managed Service Provider (MSP) platform, designed to help MSPs secure AI adoption, streamline operations and simplify managed security delivery. The announcement brings together three strategic innovations under a single MSP vision:…

Read more →

IDnow has announced the launch of the IDnow Trust Platform, designed to help regulated organisations orchestrate identity verification, fraud prevention, biometric authentication, and qualified digital trust services throughout the customer lifecycle. “The identity industry is entering its biggest transformation since…

Read more →

Companies keep most of their data and applications in cloud platforms that anyone can reach with the right login. That setup turns each employee holding those credentials into a security variable, and members of the cybercrime underground have built methods…

Read more →

Making companies that store personal data in cloud key-value databases handle deletion requests by running the operation and confirming the job is complete. The people making those requests and the regulators overseeing them have had limited means to confirm the…

Read more →

A backdoor sat on PyPI for three hours in March 2026. Nearly 47,000 downloads occurred during the window. The compromised package, LiteLLM, serves as the language-model gateway for CrewAI, DSPy, Microsoft GraphRAG, and dozens of other AI agent frameworks. Anyone…

Read more →

Companies building robots for physical work spend large amounts of time and money operating machines by hand to gather training examples. Each session with a physical robot produces a small number of demonstrations per day, which slows the growth of…

Read more →

Organizations have limited visibility into AI activity on mobile devices despite security leaders expressing confidence in their AI governance, according to Lookout’s “Solving for the Mobile AI Blind Spot: Executive Confidence Meets Technical Reality” report. Mobile AI visibility gaps Enterprises…

Read more →

For a growing number of victims, identity theft no longer ends with a fraudulent charge or a compromised account. More than one in four people who contacted the Identity Theft Resource Center during the reporting period were dealing with multiple…

Read more →

Drata has introduced AI Agent Governance, a new security category focused on managing the risks and oversight requirements of AI agents, while extending its trust platform to support enterprise adoption of autonomous AI systems. While McKinsey finds 57% of business…

Read more →

AISLE has introduced AISLE Snapshot, a new offering that gives regulated and security-sensitive enterprises access to frontier-class vulnerability detection inside their own environments, at a fraction of the cost, with source code and security data that never leave their control.…

Read more →

Ivanti has patched two critical vulnerabilities (CVE-2026-10520 and CVE-2026-10523) in Ivanti Sentry and has urged customers to implement the fix right away. Though the vulnerabilities are not known to be actively exploited, security researchers have already released technical details about…

Read more →

Intel 471 has announced its new Cyber Threat Intelligence (CTI) Maturity Pulse Check, a free, lightweight self-assessment for practitioners based on the Cyber Threat Intelligence Capability Maturity Model (CTI-CMM v1.3). The CTI Maturity Pulse Check offers a quick, structured way…

Read more →

A new Browser-in-the-Browser (BitB) phishing campaign is targeting Microsoft 365 users with fake login popups designed to closely mimic legitimate browser authentication windows, according to Palo Alto Networks Unit 42. The attack relies on a fake browser window embedded within…

Read more →

Developers spend much of their working time in the terminal, generating commands, debugging issues, and running scripts close to their systems. Repeated terminal work tends to pile up small steps such as re-running the same commands, re-explaining context, and translating…

Read more →

Microsoft marked its largest-ever Patch Tuesday this month, by shipping fixes for nearly 200 vulnerabilities. Within hours, “Nightmare Eclipse”, the researcher behind weeks of escalating Windows exploit releases, dropped a proof-of-concept exploit for a new zero-day: “RoguePlanet”, which abuses a…

Read more →

Apple is bringing its Private Cloud Compute (PCC) platform to Google Cloud, expanding the infrastructure behind Apple Intelligence to third-party data centers. Introduced in 2024, PCC provides cloud-based processing for AI workloads that exceed the capabilities of on-device models while…

Read more →

Rubrik has unveiled Autonomous Business Recovery (ABR) for Cloud Applications, the agentic cyber resilience solution that recovers cloud applications from data to network, identity and configurations. The end result is a rebuild of an organization’s Minimum Viable Business (MVB) at…

Read more →

Days after publishing research on how advanced AI systems could amplify cyber operations in the wrong hands, Anthropic released Claude Fable 5, a Mythos-class model for general use. “Releasing a model this capable comes with risks. Without safeguards, Fable 5’s…

Read more →