Category: Help Net Security

Veracode announced significant platform innovations introduced through the second half of 2025. Headlining the release is Package Firewall, a preventive control for software supply chains, advancing the company’s mission to help organizations run secure software from code to cloud. With…

Read more →

State-sponsored hackers and financially motivated attackers continue leveraging a critical WinRAR vulnerability (CVE-2025-8088) that’s been fixed over half a year ago. CVE-2025-8088 is a path traversal vulnerability that can be exploited via maliciously crafted RAR archives. “The exploit chain often…

Read more →

MIND announced DLP for Agentic AI, a data-centric approach to AI security designed to help organizations safely achieve the business value of agentic AI by ensuring sensitive data and AI systems interact safely and responsibly. Agentic AI can autonomously create,…

Read more →

Rein Security emerged from stealth to address blind spots in application and AI security. Building on an initial $8 million seed round led by Glilot Capital, Rein delivers a patent pending technology that provides real-time context and protection inside application…

Read more →

France intends to phase out non-European videoconferencing platforms such as Zoom and Microsoft Teams from its public administration, opting instead for a nationally developed solution due to security considerations. Ending the use of paid software licenses is expected to generate…

Read more →

Teams using automation platforms are starting to treat conversational AI as another operational interface. That change is reflected in a new feature from n8n, which has introduced a built-in Chat Hub designed to let users interact with AI models and…

Read more →

McAfee announced upgrades to Scam Detector that improve protection across common scam channels. The enhanced tool helps users check QR code safety and identify suspicious direct messages across apps. In 2025, according to McAfee’s 2026 State of the Scamiverse report,…

Read more →

Fortinet announced new enhancements to FortiCNAPP that help organizations better understand and prioritize cloud risk beyond what many CNAPP solutions offer. By correlating cloud configuration, identity exposure, vulnerabilities, network enforcement, data sensitivity, and runtime behavior within a single workflow, FortiCNAPP…

Read more →

Cloudbrink has expanded security and performance benefits for AI agents and online AI services. The new AI capabilities are available on the same platform as Cloudbrink’s secure connectivity, allowing companies to secure users, apps, and AI in a more unified…

Read more →

Volante Technologies announced the launch of its Multi-cloud Resiliency Service, engineered to keep financial institutions’ payment operations running seamlessly during major cloud provider outages. Built on Volante’s cloud-native payments platform, the service provides cross-cloud continuity, eliminating single-cloud/provider dependency for the…

Read more →

Yubico announced a significant expansion of YubiKey as a Service, introducing new capabilities that make modern organizations more agile and cyber resilient. With new Self-Service Ordering of YubiKeys enabled through a more streamlined Customer Portal, organizations can deliver phishing-resistance company-wide.…

Read more →

Teleport has unveiled the Teleport Agentic Identity Framework, an AI-centered framework that provides organizations with a roadmap for securely deploying agentic AI across production cloud and on-premises environments. The framework will evolve alongside the industry and community needs, defining the…

Read more →

To add an extra layer of protection to its end-to-end encryption, WhatsApp has begun rolling out a new privacy and security feature called Strict Account Settings. It is designed to help users protect their accounts from sophisticated cyberattacks. “We think…

Read more →

Pondurance launched RansomSnare, a new module for its MDR service that halts ransomware attacks at the moment the malicious process attempts to encrypt files and prevents threat actors from exfiltrating sensitive data. RansomSnare is a next-generation ransomware prevention capability that…

Read more →

Google announced updates to the Android theft protection features that expand existing safeguards and make stolen devices harder to use. These updates are available on Android 16 and later. One update builds on Failed Authentication Lock, a feature introduced in…

Read more →

CERT UEFI Parser, a new open-source security analysis tool from the CERT Coordination Center has been released to help researchers and defenders examine the structure of Unified Extensible Firmware Interface (UEFI) software and identify classes of vulnerabilities that are often…

Read more →

Once a secret enters Git, it’s expensive to remediate. But the real problem runs deeper than cost. Grégory Maitrallain, Solution Architect at Orange Business, discovered this reality during their implementation: “Once a secret is pushed to GitLab or GitHub, you…

Read more →

Security and risk teams often rely on documentation and audit artifacts that reflect how an AI system worked months ago. ETSI’s continuous auditing based conformity assessment specification (ETSI TS 104 008) describes a different approach, where conformity is evaluated through…

Read more →

A new study shows that some of the most widely used AI-powered browser extensions are a privacy risk. They collect lots of data and require a high level of browser access. The research was conducted by Incogni, which analyzed 442…

Read more →

Fortinet has begun releasing FortiOS versions that fix CVE-2026-24858, a critical zero-day vulnerability that allowed attackers to log into targeted organizations’ FortiGate firewalls. “This vulnerability was found being exploited in the wild by two malicious FortiCloud accounts, which were locked…

Read more →