Category: Help Net Security

Corelight has expanded its Open NDR platform to include native network performance monitoring and passive asset classification capabilities. The release adds asset visibility to its existing anomaly detection foundation, helping security teams defend against AI-powered threats that can discover and…

Read more →

Flip has announced Frontline Identity and Flip Fusion, two new offerings that help organizations securely connect frontline employees to enterprise systems, applications and AI-powered workflows. Flip’s new products expand the platform beyond employee communications, helping organizations provide secure digital identity,…

Read more →

Tenable has announced extended continuous security control and validation capabilities within the Tenable One Exposure Management Platform. With security control visibility and evidence-based, contextualized insights, Tenable One confirms which cyber exposures are accessible and exploitable for more precise prioritization and…

Read more →

Legit Security has launched new remediation agents that independently prioritize issues, generate fixes, open pull requests, and confirm results using context learned from each organization’s distinct codebase. As AI allows attackers to exploit vulnerabilities faster than ever, rapid remediation becomes…

Read more →

ArmorCode has announced new Cyber Resilience Act (CRA) capabilities within the ArmorCode Agentic AI Platform. The capabilities help manufacturers of products with digital elements (PDEs) prepare for the European Union’s cybersecurity regulation that will impact all sellers of these solutions…

Read more →

VelocityEHS has announced the launch of QR Codes for Incident Management, a new feature designed to eliminate friction in safety reporting and help organizations surface incidents and near misses, identify risks, and take action. By enabling instant, mobile access to…

Read more →

Microsoft has acknowledged the local elevation of privilege issue in Microsoft Defender that can be triggered via the “RoguePlanet” exploit, and is “working to provide a high quality security update that addresses this vulnerability.” The vulnerability, which has been assigned…

Read more →

The Android 17 rollout has started for supported Pixel devices, delivering new security and privacy capabilities before expanding to other devices later this year. Security and privacy updates Google has improved location privacy features so users can choose to share…

Read more →

Chainguard launched Athena, an industry coalition that pools open source vulnerability findings and remediates them under embargo before public disclosure. The group went live with more than two dozen member organizations. Founding members include BNY, Chainguard, Cisco, Cloudflare, Corridor, DepthFirst,…

Read more →

Apple will unify the email domains used by Sign in with Apple and iCloud+ Hide My Email under a shared domain, private.icloud.com, later this summer. Hide My Email is a service included with iCloud+, Apple’s subscription service. It allows users…

Read more →

Ukraine can now call on emergency cyber support from the European Union during large-scale cybersecurity incidents. The move follows a decision by the Council of the European Union to add the country to the EU Cybersecurity Reserve. The Reserve operates…

Read more →

Fortinet has announced the availability of FortiSOC, a unified, cloud-delivered security operations center (SOC) platform. FortiSOC brings together six security operations functions into a single Software-as-a-Service (SaaS) experience and embeds agentic AI to autonomously investigate and correlate alerts across assets…

Read more →

AI has settled into security operations centers faster than any earlier wave of technology. Around four in five practitioners report reaching for AI or machine learning tools in their daily work. The catch shows up one layer down. Roughly a…

Read more →

AntiSSRF is an open-source code library from Microsoft that validates URLs and network connections to reduce server-side request forgery (SSRF) risks in web applications. It supports .NET and Node.js applications and is distributed under the MIT license. The library works…

Read more →

Norton 360 Deluxe combines device security, scam detection, web protection, and VPN privacy in a single subscription that covers up to five devices. It is available for Windows, macOS, Android, and iOS. Setup and first impressions After downloading the app…

Read more →

In this Help Net Security video, Rick Goud, Global Field CTO at Kiteworks, discusses how to handle SEC, NIS2, and DORA disclosure timelines during a security incident. He opens with a 3.47 a.m. call: the team cannot confirm whether customer…

Read more →

An asset owner can meet major federal cyber compliance standards and still run equipment that lacks the engineering to withstand an attack or a failure. New research from George Mason University examines how United States cyber policy defines reasonable care…

Read more →

Attackers have been spotted exploiting three vulnerabilities (CVE-2026-39813, CVE-2026-39808, CVE-2026-25089) in FortiSandbox, a platform that other Fortinet security products depend on for threat verdicts to enforce blocking decisions and trigger automated responses. The warning came on Monday from threat intelligence…

Read more →

The DragonForce ransomware group used a custom malware called Backdoor.Turn to hide command-and-control traffic inside Microsoft Teams relay infrastructure during an intrusion at a U.S. services company, according to Symantec. DragonForce is a ransomware-as-a-service operation that has been active since…

Read more →

A critical vulnerability (CVE-2026-48558) in SimpleHelp, a popular remote monitoring and management (RMM) tool, can be exploited remotely by unauthenticated attackers to create a new “Technician” account and use it to remote into managed endpoints, execute scripts, and more. Maliciously…

Read more →