Category: Help Net Security

Penetration testing engagements are organized as scheduled contracts with defined scope, set testing windows, and direct communication channels with client teams. Cobalt’s 2026 Pentester Profile Report describes growing preference for penetration testing as a service (PTaaS) and contract-based testing models.…

Read more →

Many cybercrime investigations end with arrests or indictments that reveal little about the people behind the operations. When authorities do disclose demographic details, the pattern that emerges does not match the common assumption that cyber offenders are mostly very young.…

Read more →

Associate Director Application Security BioNTech | Germany | On-site – View job details As an Associate Director Application Security, you will lead application security strategy, standardize security processes, and drive vulnerability management across development environments. You will enable secure-by-design practices…

Read more →

OpenAI are acquiring Promptfoo, an AI security platform that helps enterprises identify and remediate vulnerabilities in AI systems during development. Once the acquisition is finalized, OpenAI will integrate Promptfoo’s technology directly into OpenAI Frontier, their platform for building and operating…

Read more →

Russian state hackers are trying to break into Signal and WhatsApp accounts used by diplomats, military staff, and government officials worldwide, Dutch intelligence agencies warned. They believe journalists and other people who attract attention from Moscow may also be affected.…

Read more →

iProov the iProov Workforce Solution Suite, designed to protect enterprises from deepfakes and other identity attacks while improving operational efficiency. It enables organizations to verify genuine human presence and stop attackers. The suite supports remote hiring and onboarding, shared device…

Read more →

The White House released “President Trump’s Cyber Strategy for America,” a policy framework outlining the administration’s priorities for maintaining U.S. leadership in cyberspace. The seven-page cyber strategy commits to a coordinated, government-wide response to cyber threats that extends beyond cyberspace…

Read more →

OpenWrt 25.12.0 is now available for download. The release incorporates over 4,700 commits since branching from OpenWrt 24.10. Package manager changes One of the most significant structural changes in 25.12.0 is the replacement of the opkg package manager with apk,…

Read more →

Users looking for Anthropic’s Claude Code agentic AI coding tool are being tricked via fake Claude Code install pages into running malware, Push Security researchers have warned. The attackers behind this scheme are faithfully cloning Anthropic’s installation page, hosting it…

Read more →

Workflows built around multiple AI agents and constant tool switching are adding cognitive strain across large enterprises. A recent Harvard Business Review analysis describes this pattern as “AI brain fry,” a form of mental fatigue tied to intensive use and…

Read more →

Augur has announced a $15 million seed round led by Plural, with participation from First Kind, SNR, Flix, and Tiny VC. The funding will support the deployment of Augur’s technology as governments, operators, and venue owners across Europe face rising…

Read more →

OpenAI introduced Codex Security⁠, an AI agent that reviews codebases to find, verify, and help fix software vulnerabilities. The launch comes a few weeks after rival Anthropic unveiled its Claude Code Security tool. The feature is available in research preview…

Read more →

Stu Hirst was already a CISO when he started to go deaf. It was 2023, and the hearing loss crept in over months, enough for him to adapt, to lean on hearing aids and captions, to quietly reorganize his calendar…

Read more →

Autonomous AI agents running on developer workstations execute shell commands, fetch URLs, and write files with little or no inspection of what they are doing. Open-source project Sage inserts an interception layer between an AI agent and those operations, checking…

Read more →

Speaker diversity in cybersecurity has been a talking point for over a decade, with panels, pledges, and dedicated conference tracks failing to produce change. Stages still skew heavily male, even as women represent millions of qualified professionals in the field.…

Read more →

Phones, laptops, smart TVs, cameras, and smart home equipment all use the same network. Knowing what’s connected helps users manage performance and security. Fing Desktop provides tools that identify devices, test connectivity, and analyze network activity. Creating an account is…

Read more →

The cables running along the ocean floor carry the overwhelming majority of the world’s cross-border data traffic, and for most of their operational history they have attracted little strategic attention. That is changing. A new sector report from Capacity Insights…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: BlacksmithAI: Open-source AI-powered penetration testing framework BlacksmithAI is an open-source penetration testing framework that uses multiple AI agents to execute different stages of a security…

Read more →

Microsoft plans to add a new Teams feature that lets meeting admins identify and control third-party bots before they join. According to the Microsoft 365 Roadmap, the feature is scheduled to begin rolling out in May 2026 on Desktop, Mac,…

Read more →

An Iran-linked hacking group has been active inside the networks of several US organizations since early February, raising concerns that the activity could precede broader cyber operations connected to escalating geopolitical tensions in the Middle East. New backdoors used by…

Read more →