Category: Help Net Security

AppGate announced the launch of Agentic AI Core Protection, a new capability within AppGate ZTNA designed to secure AI workloads deployed in enterprise core environments across on-prem and cloud venues. This innovation enables organizations to embrace AI-driven transformation while maintaining…

Read more →

Miggo Security has released a new report that examines how web application firewalls are used across real-world security programs. The research outlines the role WAFs play as foundational infrastructure and evaluates their effectiveness against critical vulnerabilities, CVEs, and AI-driven threats.…

Read more →

ESET Research has identified a previously undocumented China-aligned advanced persistent threat group that uses Windows Group Policy to deploy malware and move through victim networks. The group, tracked as LongNosedGoblin, has targeted government institutions in Southeast Asia and Japan with…

Read more →

Concentric AI announced expanded Private Scan Manager functionality in its Semantic Intelligence data security governance platform. Customers now have the ability to deploy Semantic Intelligence within their own private Microsoft Azure cloud. This follows an announcement earlier this year where…

Read more →

Push Security announced the release of a new feature designed to tackle one of the fastest-growing cyber threats: ClickFix-style attacks. The company’s latest innovation, malicious copy-and-paste detection, blocks users from copying malicious scripts in their web browser, preventing them from…

Read more →

In this Help Net Security interview, Øystein Thorvaldsen, CISO at KSAT, discusses how adversaries view the ground segment as the practical way to reach space systems and why stations remain a focal point for security efforts. He notes that many…

Read more →

Regulatory limits on explicit targeting have not stopped algorithmic profiling on the web. Ad optimization systems still adapt which ads appear based on users’ private attributes. At the same time, multimodal LLMs have lowered the barrier for turning these hidden…

Read more →

If you’re looking for holiday gift ideas, books remain one of the simplest ways to spark curiosity and support someone’s growth. Whether the person on your list is exploring cybersecurity, AI, engineering, or career development, these titles offer something useful…

Read more →

AI use is expanding faster than the infrastructure that supports it, and that gap is starting to matter for security, resilience, and access. A new position paper argues that access to AI should be treated as an intergenerational civil right,…

Read more →

A suspected Chinese-nexus threat group has been compromising Cisco email security devices and planting backdoors and log-purging tools on them since at least late November 2025, Cisco Talos researchers have shared. “Our analysis indicates that appliances with non-standard configurations (…)…

Read more →

SonicWall has patched a local privilege escalation vulnerability (CVE-2025-40602) affecting its Secure Mobile Access (SMA) 1000 appliances and is urging customers to apply the provided hotfix, as the flaw is being leveraged by attackers. “This vulnerability was reported to be…

Read more →

Attackers are exploiting a recently revealed vulnerability (CVE-2025-59718) to bypass authentication on Fortinet’s FortiGate firewalls, and are leveraging the achieved access to export their system configuration files, Arctic Wolf researchers warned on Tuesday. Configuration files can expose information about the…

Read more →

XM Cyber announced an update to its platform that connects External Attack Surface Management with internal risk validation, closing the gap between what’s exposed outside and what exists inside. By bridging these two worlds, XM Cyber now allows security teams…

Read more →

Trellix announced Trellix NDR innovations, strengthening OT-IT security with integrated visibility across complex environments, enhanced detection capabilities, and automated investigation and response to reduce the threat detection-to-response gap. “We know cybercriminals are increasingly targeting the OT-IT boundary, where threats can…

Read more →

Vectra AI redefines hybrid attack resilience across the full attack lifecycle by unifying controls pre-and-post compromise within the Vectra AI Platform. Vectra AI’s control philosophy empowers defenders with continuous control through proactive threat exposure management, 360 degree response, and posture…

Read more →

Hadrian launched the latest iteration of its offensive Agentic AI Platform, designed to take an offensive approach to find external exposures and test them for exploitability. Instead of waiting for attacks to happen, Hadrian’s AI agents act like hackers themselves,…

Read more →

Security teams keep sending vulnerability notifications, and the same pattern keeps repeating. Many alerts land, few lead to fixes. A new qualitative study digs into what happens after those reports arrive and explains why remediation so often stops short. The…

Read more →

Criminals are moving money across borders faster, and financial institutions are feeling the squeeze. Compliance teams feel this strain every day as they try to keep up with schemes that shift through accounts, intermediaries, and digital channels. A new academic…

Read more →

Zabbix is an open source monitoring platform designed to track the availability, performance, and integrity of IT environments. It monitors networks along with servers, virtual machines, applications, services, databases, websites, and cloud resources. For cybersecurity professionals, this visibility matters because…

Read more →

In this Help Net Security video, Larry Slusser, VP of Strategy at SixMap, explains why endpoint detection and response is only part of the security story. Drawing on his work as an incident responder, engagement manager, and ransomware negotiator, he…

Read more →