Category: Help Net Security

The OpenID Foundation (OIDF) has approved three Final Specifications, establishing the first global standards for real-time security event sharing across digital identity systems. The approved Final Specifications are: OpenID Shared Signals Framework 1.0 – Enables secure, real-time delivery of security…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Most enterprise AI use is invisible to security teams Most enterprise AI activity is happening without the knowledge of IT and security teams. According to…

Read more →

ImmuniWeb has released a free online tool that checks whether websites are protected by post-quantum cryptography (PQC). The tool analyzes SSL/TLS configurations and verifies their compliance with the latest quantum-resilient encryption standards from NIST. It also checks for adherence to…

Read more →

Astra Security has launched its API Security Platform, designed to identify undocumented, zombie, and shadow APIs that threaten infrastructure and expose sensitive PII. Instead of relying on reactive, siloed detection tools, Astra’s platform delivers proactive, automated protection against attackers exploiting…

Read more →

Tigera announced a new solution to secure AI workloads running in Kubernetes clusters. Due to the resource-intensive and bursty nature of AI workloads, Kubernetes has become the de facto orchestrator for deploying them. However AI workloads introduce security challenges, throughout…

Read more →

LLMs are moving fast from experimentation to daily use in cybersecurity. Teams are starting to use them to sort through threat intelligence, guide incident response, and help analysts handle repetitive work. But adding AI into the decision-making process brings new…

Read more →

ESET Research has discovered evidence of collaboration between the Gamaredon and Turla threat groups. Both groups are linked to Russia’s primary intelligence agency, the FSB, and were found working in tandem to target high-profile organizations in Ukraine. In these attacks,…

Read more →

Cyber-physical systems are getting harder to protect as the business landscape keeps shifting. Economic pressures, supply chain changes, and new regulations are creating more openings for attackers while complicating how organizations manage security. A new report from Claroty, based on…

Read more →

Security teams rely on threat reports to understand what’s out there and to keep their organizations safe. But a new report shows that these reports might only reveal part of the story. Hidden malware variants are quietly slipping past defenses,…

Read more →

In this Help Net Security video, Matt Cooper, Director of Governance, Risk, and Compliance at Vanta, discusses the EU’s Digital Operational Resilience Act (DORA) and its effects six months after it went into effect. DORA is the first EU-wide framework…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Absolute Security, Catchpoint, Nagomi Security, Neon Cyber, and QuSecure. Absolute Security Rehydrate restores compromised endpoints Rehydrate delivers business continuity endpoint restoration through a fully remote,…

Read more →

Between attackers exploiting 0-day and n-day vulnerabilities in the company’s firewalls and Secure Mobile Access appliances, SonicWall and its customers have had a tough year. And, unfortunately for them, the troubles are not over: unknown attackers have managed to brute-force…

Read more →

LinkedIn is making major changes to its User Agreement and Privacy Policy, effective November 3, 2025. Among the most notable updates, the company will now use member data by default to improve its generative AI models, unless users manually opt…

Read more →

Google has released a security update for the Chrome stable channel to fix a zero‑day vulnerability (CVE-2025-10585) reported by its Threat Analysis Group (TAG) on Tuesday. “Google is aware that an exploit for CVE-2025-10585 exists in the wild,” the company…

Read more →

Druva released Dru MetaGraph, a secure, tenant-specific, graph-powered foundation for real-time data intelligence, and two new DruAI Agents: Insights Agent and Lifecycle Agent. Together, these innovations can help customers uncover insights near-instantly, simplify decision-making, and act across cyber, compliance, and…

Read more →

QuSecure launched QuProtect R3, an integrated, production-ready PQC platform designed to simplify encryption modernization for everyone. With the platform’s Reconnaissance innovation, a complimentary module for qualified companies, QuProtect R3 delivers visibility into vulnerable encryption across modern, legacy and cloud systems.…

Read more →

Gurucul released its AI Insider Risk Management (AI-IRM) product, which extends autonomous triage, bias-free risk scoring, context-rich investigation, and human-AI collaboration to automate response workflows directly within insider risk operations. Organizations face a rise in insider threats, from employees, contractors…

Read more →

Catchpoint released two AI-powered capabilities designed to simplify digital resilience for critical applications: Catchpoint Root Cause Analysis (RCA) and Catchpoint Advisor, which improve monitoring posture and bring immediate insights into IT incidents, ending the guesswork. With IT teams facing challenges…

Read more →

Absolute Security released Rehydrate, empowering enterprises to recover from IT or cyber incidents remotely and at scale to minimize operational downtime. Enterprises with business operations that have been stopped by Windows PCs made inoperable by cyberattacks, ransomware strikes, and IT…

Read more →

Ping Identity announced a new AI framework designed to close the trust gap created by the rise of AI agents, along with AI-powered assistants that boost administrator productivity. This framework makes verifiable trust a foundation of every digital interaction, helping…

Read more →