Category: Help Net Security

Open-source endpoint detection has long been split between Windows-focused tools built around Sysmon and Linux tools built around eBPF or auditd. Defenders running mixed environments have had to stitch together separate pipelines, separate rule sets, and separate maintenance burdens. Rustinel,…

Read more →

Jason Andress has refreshed his introductory security text for No Starch Press. He writes in the introduction that the term security now extends past data center servers to cloud resources, mobile devices, the Internet of Things, and AI. About the…

Read more →

The World Economic Forum white paper “Empowering Defenders: AI for Cybersecurity” identified AI as the biggest driver of change in cybersecurity for 94% of survey respondents. The paper found that 77% of organizations already use AI in cybersecurity, with much…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Your work apps are quietly handing 19 data points to someone Office work in 2026 relies on mobile apps used alongside personal tools like banking…

Read more →

A week after Copy Fail, another Linux local privilege escalation vulnerability dubbed “Dirty Frag” has been revealed, along with a PoC exploit. What is Dirty Frag In effect, Dirty Frag refers to two flaws: A xfrm-ESP Page-Cache Write vulnerability (CVE-2026-43284,…

Read more →

Ivanti has released fixes for 5 high-severity vulnerabilities in its Endpoint Manager Mobile (EPMM) solution, one of which (CVE-2026-6973) has being exploited as a zero-day by attackers. “We are aware of a very limited number of customers exploited with CVE-2026-6973,”…

Read more →

Google has expanded Play Policy Insights in Android Studio to help developers catch policy issues while coding, including warnings for common problems such as missing login credentials. Later this year, developers who connect their Play developer account directly to Android…

Read more →

Two U.S. nationals were sentenced to 18 months in prison for operating “laptop farms” that helped North Korean IT workers gain employment at nearly 70 American companies, generating more than $1.2 million for Pyongyang’s government. Although Matthew Issac Knoot of…

Read more →

OpenAI is rolling out GPT-5.5-Cyber, a variant of its latest AI model, in limited preview for verified cybersecurity professionals and organizations through its Trusted Access for Cyber program. Trusted Access for Cyber is OpenAI’s identity and trust-based access framework for…

Read more →

Securonix announced the Securonix Threat Research Agent and ThreatWatch for ThreatQ, expanding how security teams research threats, validate exposure, and turn intelligence into documented action. Built on the ThreatQ platform and connected to Securonix security operations workflows, the new capabilities…

Read more →

Avantra launched Avantra 26, an advancement in AI-driven operations, strengthening native integration with SAP Cloud ALM, and delivering automated visibility across SAP Business Technology Platform (BTP). Avantra also announced Avantra AIR Root Cause Analyzer, an AI-powered intelligence engine that automatically…

Read more →

Snyk has announced it is leveraging Anthropic’s Claude models to advance software security. Snyk has integrated Claude into the Snyk AI Security Platform, enabling automated vulnerability discovery, prioritization, and developer-ready fixes across code, dependencies, containers, and AI-generated artifacts. The threat…

Read more →

Roblox runs an automated chat filter at the scale of billions of messages per day. An independent audit of about two million chat messages from four of the platform’s most popular games shows that filter missing a wide range of…

Read more →

Project Glasswing. This is one of three major security industry changes I’ll cover today. The Anthropic Mythos vulnerability discovery model has already proven to be game changing in its ability to identify new vulnerabilities in software. Many of these vulnerabilities…

Read more →

Object First released Object First Fleet Manager, a cloud-based service that simplifies the management of distributed Ootbi backup storage deployments for Veeam Software environments. Built for enterprises and service providers with distributed backup storage infrastructures, Fleet Manager is available to…

Read more →

Transilience AI has announced the general availability of its Full Stack Security Operating System for the cloud, platform designed to solve one of enterprise security’s most persistent challenges: bridging the gap between detection and remediation. New platform replaces fragmented tool…

Read more →

NetGuard is a free, open-source firewall for Android phones and tablets that provides users with a simple way to block internet access. Android does not allow VPN services to be chained, so the app uses the Android VPN service to…

Read more →

People use mental health apps to talk about depression, trauma and suicidal thoughts in moments they may not share with anyone else. Many users likely assume those conversations carry protections similar to therapy sessions. In reality, mental health apps operate…

Read more →

Employee behavior once considered unacceptable is becoming tolerated across various industries, particularly in IT and telecommunications, and at all levels of seniority, including leadership. Cifas Workplace Fraud Trends research, based on a survey of 2,000 UK employees working at companies…

Read more →

Here’s a look at the most interesting products from the past week LastPass, Operant AI, Sysdig, and VIAVI. Operant AI Endpoint Protector secures AI agents and MCP tools Operant AI has launched Operant Endpoint Protector, a new addition to its…

Read more →