Category: Help Net Security

Meta’s Advanced browsing protection (ABP) helps Messenger identify and warn users about potentially harmful websites they open from a chat. Malicious sites can try to steal passwords, collect personal information, or install malware. Advanced browsing protection (Source: Meta) “In its…

Read more →

Mend.io has launched System Prompt Hardening within Mend AI to detect, score, and automatically remediate weaknesses in AI system prompts. Hidden instructions in system prompts have emerged as a growing security concern that traditional AppSec tools do not fully address.…

Read more →

Microsoft is changing the default behavior in Windows Autopatch so that hotpatch security updates are enabled automatically for eligible devices managed through Microsoft Intune or the Microsoft Graph API starting with the May 2026 Windows security update. Windows Autopatch is…

Read more →

An attack campaign targeting HR departments and job recruiters has been stealthily compromising systems, Aryaka researchers have discovered. By avoiding analysis environments and leveraging a specialized module designed to kill antivirus and endpoint detection software, the Russian-speaking attacker(s) behind this…

Read more →

Phishers are targeting AWS accounts holders with fake email security alerts and redirecting them to a high-fidelity clone of the AWS Management Console sign-in page, Datadog researchers have warned. The cloned AWS phishing page (Source: Datadog Security Labs) The campaign…

Read more →

Terra Security has announced the launch of Terra Portal, its agentic desktop app that serves as an execution layer for pentesters to direct and oversee AI-driven testing in live production environments. Terra Portal reduces the discovery-to-fix cycle for vulnerabilities from…

Read more →

ESET researchers have traced the resurgence of Sednit through a modern toolkit built around two complementary implants, BeardShell and Covenant, each relying on a separate cloud provider to ensure operational resilience. This dual-implant architecture has enabled sustained surveillance of Ukrainian…

Read more →

Seven minors who distributed online programs designed to facilitate DDoS attacks have been identified by Poland’s Central Bureau for Combating Cybercrime (CBZC). They were between 12 and 16 at the time of the crime. CBZC officer during a cybercrime investigation…

Read more →

Armadin has raised $189.9 million in Seed and Series A funding. Led by Accel, with participation from Google Ventures, Kleiner Perkins, Menlo Ventures, In-Q-Tel, and follow-on investment from 8VC and Ballistic Ventures, this marks the largest combined Seed and Series…

Read more →

Mimecast has announced that its complete email security protection stack is now available through API deployment, eliminating a fundamental trade-off in the market. Standalone integrated cloud email security (ICES) solutions offered fast deployment but came at a cost: they were…

Read more →

Anthropic’s Claude Code Review is a new tool, available as a research preview beta for Team and Enterprise plans, that sends a team of AI agents to examine every pull request. “We needed a reviewer we could trust on every…

Read more →

The FBI is warning about a phishing scheme in which cybercriminals impersonate city and county officials to solicit fraudulent payments for planning and zoning permits. Criminals mine publicly available permit data to find likely targets and make their outreach appear…

Read more →

Escape has raised $18 million in Series A funding to automate the entire security lifecycle with AI agents. The round, led by Balderton Capital with participation from Uncorrelated Ventures and existing investors Iris Capital and Y Combinator, will help lean…

Read more →

Datadog has announced the general availability of its MCP Server. For developers embedding AI agents into development and operational workflows, the Datadog MCP Server provides access to live observability data, enabling teams to debug with their preferred AI coding agents…

Read more →

SailPoint announced significant advancements to its AI-powered SailPoint Platform, introducing the first in a series of capabilities that advance its adaptive identity vision, an approach designed to address the critical security challenges of IT environments. New features include: Privilege: SailPoint…

Read more →

Singulr AI has announced the launch of Agent Pulse, extending its Unified AI Control Plane to autonomous AI agents and model context protocol (MCP) servers. Agent Pulse delivers enforceable runtime governance, contextual discovery, and measurable oversight for the agentic enterprise.…

Read more →

OneTrust has announced the expansion of its solution to include real‑time monitoring and enforcement capabilities across agents, models, and data. Designed for data, risk, and AI teams, these enhancements empower organizations to shift AI governance from static compliance workflows to…

Read more →

Pascal Andrei, CSO at Airbus, knows that the aerospace and defense sector is facing a threat environment that is evolving faster than most organizations can track. From sub-tier suppliers quietly becoming entry points for state-backed attackers, to satellites emerging as…

Read more →

Penetration testing engagements are organized as scheduled contracts with defined scope, set testing windows, and direct communication channels with client teams. Cobalt’s 2026 Pentester Profile Report describes growing preference for penetration testing as a service (PTaaS) and contract-based testing models.…

Read more →

Many cybercrime investigations end with arrests or indictments that reveal little about the people behind the operations. When authorities do disclose demographic details, the pattern that emerges does not match the common assumption that cyber offenders are mostly very young.…

Read more →