Category: Help Net Security

Owl Cyber Defense has announced the launch of its Incident Response Diode (IRD), a pocket-sized protocol filtering diode (PFD) designed for incident response and forensics teams. The Owl IRD was developed to help users securely move evidence from compromised endpoints…

Read more →

Operant AI has launched Operant Endpoint Protector, a new addition to its AI Defense Platform that enables enterprise IT and security teams to discover, detect, and defend against threats across every AI tool, coding agent, and Model Context Protocol (MCP)-connected…

Read more →

A targeted social engineering attack against DigiCert’s support channel led to the compromise of internal systems and the unauthorized issuance of EV Code Signing certificates. DigiCert is a global Certificate Authority (CA) providing digital trust services, specializing in TLS/SSL certificates,…

Read more →

Penske Logistics has announced the launch of Supply Chain Insight, a secure technology platform and mobile application that provides customers with a real-time view of their supply chain operations across transportation and warehousing. Supply chain leaders are under increased pressure…

Read more →

Progress Software has fixed a critical authentication bypass (CVE-2026-4670) and a privilege escalation (CVE-2026-5174) vulnerability in MOVEit Automation, exploitation of which “may lead to unauthorized access, administrative control, and data exposure.” The vulnerabilities were reported privately by Airbus researchers and…

Read more →

Claude Security, previously called Claude Code Security, is in public beta for Claude Enterprise customers. Available in Claude.ai, the capability scans codebases for security vulnerabilities and suggests targeted patches for review, helping teams identify and fix issues that might otherwise…

Read more →

French authorities have detained a 15-year-old suspected of involvement in a data breach at France Titres, the government agency responsible for issuing official documents. “Between 12 and 18 million data records were reportedly being offered for sale on cybercriminal forums…

Read more →

Lens by Mirantis has announced Lens Agents, a governed platform for running AI agents across enterprise systems, giving organizations a unified, policy-driven way to run, secure, and scale AI agents across desktop and cloud environments. Available in early access, Lens…

Read more →

Rust-based alternatives to traditional Unix shells continue to attract users who want bash compatibility alongside built-in features like syntax highlighting and history-based suggestions. Brush, a bash- and POSIX-compatible shell written in Rust, sits in that group, and version 0.4.0 brings…

Read more →

AI coding agents run with shell access, environment variables containing API keys, and unrestricted internet connectivity, creating a single point of failure where one compromised tool call can leak credentials to an attacker-controlled domain. Pipelock, an open-source security harness developed…

Read more →

Security operations centers are running into the same wall everywhere. Detection tools generate more alerts than analysts can work through, and the early stages of any investigation involve pulling together logs from several sources to decide whether something is worth…

Read more →

In this Help Net Security video, Jeffrey Wheatman, SVP and Cyber Strategist at Black Kite, discusses how organizations can identify and manage third-party cyber exposures before attackers exploit them. He argues that businesses should move beyond a data-loss mindset toward…

Read more →

Office work in 2026 runs through a stack of mobile apps that sit on the same phones people use for banking, messaging family, and tracking their location. Ten of the most common workplace apps in use across U.S. companies, including…

Read more →

Journalists, elected officials, researchers, and political dissidents have spent years adapting their accounts to phishing-resistant authentication on consumer platforms. ChatGPT now joins that list. OpenAI has introduced Advanced Account Security, an opt-in setting that strips password-based sign-in from ChatGPT and…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: The AI criminal mastermind is already hiring on gig platforms Labor-hire platforms let anyone with a credit card post a task and pay a stranger…

Read more →

Pentesting remains one of the most effective ways to identify real-world weaknesses, but the method for delivering results hasn’t evolved. Manual workflows involving static documents and email threads introduce delays, create inefficiencies, and diminish the value of the work. This…

Read more →

Between one-fifth and one-third of workers use AI outside the influence and governance of the IT function, according to a global survey of 6,000 full-time employees at enterprise organizations. Researchers found a widening gap between employee AI adoption and the…

Read more →

Enterprise developers routinely send prompts to external large language models that contain customer emails, support transcripts, and other identifying information, often without a sanitization layer between the application and the API. Dataiku has released Kiji Privacy Proxy, an open-source local…

Read more →

Teleport CEO Ev Kontsevoy makes the case that distributed infrastructure, across cloud, Kubernetes, databases, and servers, can’t be secured by layering more tools on top of fragmented identity systems. He argues for fewer credentials, fewer entry points, and a single…

Read more →

Here’s a look at the most interesting products from the past month, featuring releases from Advenica, Aptori, Axonius, Broadcom, GlobalSign, Intruder, IP Fabric, Mallory, Secureframe, Siemens, Sitehop, and Virtue AI. Mallory brings contextual threat intelligence to security operations Mallory is…

Read more →