Category: Help Net Security

Journalists, elected officials, researchers, and political dissidents have spent years adapting their accounts to phishing-resistant authentication on consumer platforms. ChatGPT now joins that list. OpenAI has introduced Advanced Account Security, an opt-in setting that strips password-based sign-in from ChatGPT and…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: The AI criminal mastermind is already hiring on gig platforms Labor-hire platforms let anyone with a credit card post a task and pay a stranger…

Read more →

Pentesting remains one of the most effective ways to identify real-world weaknesses, but the method for delivering results hasn’t evolved. Manual workflows involving static documents and email threads introduce delays, create inefficiencies, and diminish the value of the work. This…

Read more →

Between one-fifth and one-third of workers use AI outside the influence and governance of the IT function, according to a global survey of 6,000 full-time employees at enterprise organizations. Researchers found a widening gap between employee AI adoption and the…

Read more →

Enterprise developers routinely send prompts to external large language models that contain customer emails, support transcripts, and other identifying information, often without a sanitization layer between the application and the API. Dataiku has released Kiji Privacy Proxy, an open-source local…

Read more →

Teleport CEO Ev Kontsevoy makes the case that distributed infrastructure, across cloud, Kubernetes, databases, and servers, can’t be secured by layering more tools on top of fragmented identity systems. He argues for fewer credentials, fewer entry points, and a single…

Read more →

Here’s a look at the most interesting products from the past month, featuring releases from Advenica, Aptori, Axonius, Broadcom, GlobalSign, Intruder, IP Fabric, Mallory, Secureframe, Siemens, Sitehop, and Virtue AI. Mallory brings contextual threat intelligence to security operations Mallory is…

Read more →

AI workflows need storage that supports repeated movement across the model lifecycle. Large datasets are ingested, transformed, exported for training, pulled back for evaluation, and refreshed as models evolve. Backblaze’s Q1 2026 Network Stats report says this creates a shift…

Read more →

A critical authentication bypass vulnerability (CVE-2026-41940) in cPanel, a popular web-based control panel for managing web hosting accounts, is being exploited by attackers in the wild. What’s more, attackers didn’t have to wait for watchTowr security researchers to release technical…

Read more →

Enterprises pulling models from Hugging Face and other open repositories rarely keep records of how those models are altered after download, leaving organizations with little ability to confirm what they are running in production. The State of AI Security 2026…

Read more →

Ukrainian police detained three suspects accused of hacking into Roblox accounts and reselling the data on Russian websites, with payments made in cryptocurrency. Police raid (Source: The Prosecutor General’s Office of Ukraine) “Prosecutors of the Lviv region, together with the…

Read more →

Proxmox Backup Server 4.2 is a maintenance and feature update built on Debian 13.4 “Trixie” that adds S3-compatible object storage as a supported backend and introduces parallel processing for sync jobs. The server ships the new version with Linux kernel…

Read more →

The Oak Ridge National Laboratory (ORNL) has developed a portable detector that identifies GPS spoofing in real time, including during motion, to help protect transportation systems. Spoofing involves transmitting counterfeit signals that imitate authentic GPS transmissions and produce false information…

Read more →

Security researchers at Theori have disclosed a high-severity local privilege escalation (LPE) vulnerability (CVE-2026-31431) in the Linux kernel. The flaw, nicknamed “Copy Fail”, has affected virtually every major Linux distribution shipped since 2017, and a working proof-of-concept (PoC) exploit is…

Read more →

London police officers have been warned by the Metropolitan Police Federation to watch their backs after the force deployed controversial AI software to investigate misconduct. The staff association, representing more than 30,000 officers in London, reported it had not been…

Read more →

Attackers are exploiting CVE-2026-32202, a zero-click Windows Shell spoofing vulnerability that causes victims’ systems to authenticate the attacker’s server, CISA and Microsoft have warned. About CVE-2026-32202 CVE-2026-32202 stems from an incomplete patch for CVE-2026-21510, a vulnerability that, in conjunction with…

Read more →

Microchip Technology is expanding its portfolio of Trust Shield, PQC‑ready devices with the TS1800 Platform Root of Trust controller and the TS50x secure boot controller. The devices are designed to help system architects address emerging cybersecurity mandates, including the European…

Read more →

amazee.ai has announced the launch of amazeeClaw, a managed OpenClaw hosting platform that enables developers and enterprises to deploy production-ready AI agents with data sovereignty and regional control without having to set up their own infrastructure. As adoption of AI…

Read more →

DigitalOcean has introduced the AI-Native Cloud, an end-to-end platform built for the inference and agentic era. Spanning infrastructure, core cloud, inference, data, and managed agents, it already supports production workloads at Higgsfield AI, Hippocratic AI, ISMG, Bright Data, and LawVo.…

Read more →

Kaseya has introduced an agentic IT management platform powered by Kaseya Intelligence, combining unified data across IT operations, cybersecurity, and resilience with an execution layer that autonomously triages tickets, contains threats, verifies backups, and optimizes workflows. This is the core…

Read more →