Category: Help Net Security

Attackers are constantly finding ways to take over accounts and push malicious packages to the npm registry, the (GitHub-operated) online repository for JavaScript and Node.js packages. But in this month alone, we witnessed the compromise of popular code packages after…

Read more →

Progress Software has released Flowmon ADS 12.5, an anomaly detection system set up to help organizations accelerate threat detection and provide visibility into network activity using AI-driven capabilities. Security teams are dealing with growing challenges, including rising network traffic, alert…

Read more →

The U.S. Secret Service has broken up a network of electronic devices spread across the New York tristate area that officials say posed an imminent threat to national security. The devices were being used to launch telecommunications attacks and to…

Read more →

Obsidian Security has launched a SaaS AI agent defense, providing enterprises with a purpose-built solution to govern how AI agents access data in SaaS environments. With SaaS now one of the most targeted layers of the enterprise stack, Obsidian is…

Read more →

Dragos released Dragos Platform 3.0, providing capabilities that enable industrial defenders to act faster and more confidently against intensifying cyber threats. The Dragos Platform’s new Insights Hub consolidates risk-based vulnerability, asset, and threat alerts into a single prioritized view, while…

Read more →

SonicWall has released new firmware for its Secure Mobile Access (SMA) 100 series appliances, adding file-checking capabilities that help users remove known rootkit malware. The malware in question is the OVERSTEP user-mode rootkit, deployed by threat group UNC6148. The campaign…

Read more →

Outpost24 launched new pen test reporting, giving customers a consolidated view of all penetration testing results within a single platform. This eliminates the need to manage multiple reports from different sources, saving time and improving operational efficiency. Security teams can…

Read more →

Blackdot Solutions unveiled Videris Automate, a platform that delivers new AI capabilities to automate investigations and screening processes. The launch marks a step-change in how organizations can detect risks, uncover hidden connections, and accelerate decision-making at scale. Videris Automate helps…

Read more →

Regardless of their size, all law firms hold valuable data, including client communications, financial records, and confidential legal strategies. That data has never been more at risk. Cybercriminals are targeting law firms by exploiting vulnerabilities, weak passwords, outdated systems, and…

Read more →

Practical Purple Teaming is a guide to building stronger collaboration between offensive and defensive security teams. The book focuses on how to design and run effective purple team exercises that improve detection and response and strengthen trust between teams. About…

Read more →

By 2030, preemptive cybersecurity solutions will account for 50% of IT security spending, up from less than 5% in 2024, replacing standalone detection and response (DR) solutions as the preferred approach to defend against cyberthreats, according to Gartner. Preemptive security…

Read more →

The financial stakes of downtime are climbing, and IT leaders are being pushed to rethink how they monitor complex systems. According to the 2025 Observability Forecast from New Relic, the median cost of a high-impact outage has reached $2 million…

Read more →

Application Security Engineer PayPal | USA | On-site – View job details As an Application Security Engineer, you will apply security best practices to enhance and optimize systems, ensuring protection and efficiency, while beginning to understand and align security solutions…

Read more →

MacOS users looking to download popular software such as LastPass, 1Password, After Effects, Gemini, and many others are in danger of getting saddled with the Atomic infostealer instead, LastPass has warned. The malware delivery campaign is ongoing and widespread To…

Read more →

Stellar Cyber announced Stellar Cyber 6.1, designed to help customers and partners advance toward a human-augmented autonomous SOC. With Stellar Cyber 6.1, organizations gain new levels of visibility, speed, and control. Powered by multi-layer AI, the platform is open and…

Read more →

If you’re running Fortra’s GoAnywhere managed file transfer solution and you haven’t updated to the latest available version for a while, do so now or risk getting your instance compromised via CVE-2025-10035. About CVE-2025-10035 CVE-2025-10035 is a critical deserialization vulnerability…

Read more →

In this Help Net Security interview, Mirko Rinaldini, Head of ICT at Juventus Football Club, discusses the club’s approach to cyber risk strategy. Juventus has developed a threat-led, outcomes-driven program that balances innovation with protections across matchdays, e-commerce, and digital…

Read more →

Cybersecurity AI (CAI) is an open-source framework that helps security teams build and run AI-driven tools for offensive and defensive tasks. It’s designed for anyone working in security, including researchers, ethical hackers, IT staff, and organizations that want to use…

Read more →

Kubernetes has moved well past its early adoption phase. The new Komodor 2025 Enterprise Kubernetes Report shows that technical teams are shifting their focus from running containers to managing a growing mix of AI workloads and advanced automation practices like…

Read more →

In this Help Net Security video, Brittany Allen, Senior Trust and Safety Architect at Sift, explores how the rise of AI agents is creating new fraud risks. She explains how these agents, while designed to assist users, can unintentionally help…

Read more →