Category: Help Net Security

Attackers have a new favorite playground, and it’s not where many security teams are looking. According to fresh data from Bugcrowd, vulnerabilities in hardware and APIs are climbing fast, even as website flaws hold steady. The shift shows how attackers…

Read more →

In this Help Net Security interview, Tim Bramble, Director of Threat Detection and Response at OpenText, discusses how SOC teams are gaining value from AI in detecting and prioritizing threats. By learning what “normal” looks like across users and systems,…

Read more →

Nosey Parker is an open-source command-line tool that helps find secrets and sensitive information hidden in text files. It works like a specialized version of grep, focused on spotting things like passwords, API keys, and other confidential data. The tool…

Read more →

In this Help Net Security video, David Hardoon, Global Head of AI Enablement at Standard Chartered, discusses the role of ethics and safety in AI development. He explains why principles like fairness, accountability, and transparency must be built into AI…

Read more →

Software powers almost every part of business, which means attackers have more chances than ever to exploit insecure code. A new report from CMD+CTRL Security looks at how teams are building their defenses through cyber range training. Based on more…

Read more →

Attackers are constantly finding ways to take over accounts and push malicious packages to the npm registry, the (GitHub-operated) online repository for JavaScript and Node.js packages. But in this month alone, we witnessed the compromise of popular code packages after…

Read more →

Progress Software has released Flowmon ADS 12.5, an anomaly detection system set up to help organizations accelerate threat detection and provide visibility into network activity using AI-driven capabilities. Security teams are dealing with growing challenges, including rising network traffic, alert…

Read more →

The U.S. Secret Service has broken up a network of electronic devices spread across the New York tristate area that officials say posed an imminent threat to national security. The devices were being used to launch telecommunications attacks and to…

Read more →

Obsidian Security has launched a SaaS AI agent defense, providing enterprises with a purpose-built solution to govern how AI agents access data in SaaS environments. With SaaS now one of the most targeted layers of the enterprise stack, Obsidian is…

Read more →

Dragos released Dragos Platform 3.0, providing capabilities that enable industrial defenders to act faster and more confidently against intensifying cyber threats. The Dragos Platform’s new Insights Hub consolidates risk-based vulnerability, asset, and threat alerts into a single prioritized view, while…

Read more →

SonicWall has released new firmware for its Secure Mobile Access (SMA) 100 series appliances, adding file-checking capabilities that help users remove known rootkit malware. The malware in question is the OVERSTEP user-mode rootkit, deployed by threat group UNC6148. The campaign…

Read more →

Outpost24 launched new pen test reporting, giving customers a consolidated view of all penetration testing results within a single platform. This eliminates the need to manage multiple reports from different sources, saving time and improving operational efficiency. Security teams can…

Read more →

Blackdot Solutions unveiled Videris Automate, a platform that delivers new AI capabilities to automate investigations and screening processes. The launch marks a step-change in how organizations can detect risks, uncover hidden connections, and accelerate decision-making at scale. Videris Automate helps…

Read more →

Regardless of their size, all law firms hold valuable data, including client communications, financial records, and confidential legal strategies. That data has never been more at risk. Cybercriminals are targeting law firms by exploiting vulnerabilities, weak passwords, outdated systems, and…

Read more →

Practical Purple Teaming is a guide to building stronger collaboration between offensive and defensive security teams. The book focuses on how to design and run effective purple team exercises that improve detection and response and strengthen trust between teams. About…

Read more →

By 2030, preemptive cybersecurity solutions will account for 50% of IT security spending, up from less than 5% in 2024, replacing standalone detection and response (DR) solutions as the preferred approach to defend against cyberthreats, according to Gartner. Preemptive security…

Read more →

The financial stakes of downtime are climbing, and IT leaders are being pushed to rethink how they monitor complex systems. According to the 2025 Observability Forecast from New Relic, the median cost of a high-impact outage has reached $2 million…

Read more →

Application Security Engineer PayPal | USA | On-site – View job details As an Application Security Engineer, you will apply security best practices to enhance and optimize systems, ensuring protection and efficiency, while beginning to understand and align security solutions…

Read more →

MacOS users looking to download popular software such as LastPass, 1Password, After Effects, Gemini, and many others are in danger of getting saddled with the Atomic infostealer instead, LastPass has warned. The malware delivery campaign is ongoing and widespread To…

Read more →

Stellar Cyber announced Stellar Cyber 6.1, designed to help customers and partners advance toward a human-augmented autonomous SOC. With Stellar Cyber 6.1, organizations gain new levels of visibility, speed, and control. Powered by multi-layer AI, the platform is open and…

Read more →