Category: Help Net Security

A newly discovered vulnerability (CVE-2026-28289) in the open-source help desk platform FreeScout could allow attackers to take over vulnerable servers by sending a specially crafted email to a FreeScout mailbox. CVE-2026-28289 exploitation FreeScout is a free, open-source help desk and…

Read more →

Beazley Security has announced its Exposure Management product, which delivers continuous, automated discovery and intelligence-driven exposure notifications to help security teams accelerate risk mitigation in an era where AI-assisted attackers have compressed the time between vulnerability disclosure, weaponization, and exploitation.…

Read more →

Tycoon 2FA, a phishing-as-a-service platform that allowed cybercriminals to bypass MFA and break into online accounts, has been disrupted by law enforcement agencies and cybersecurity partners. Takedown of the Tycoon 2FA phishing-as-a-service platform (Source: Europol) Active since August 2023, Tycoon…

Read more →

LeakBase, an open-web cybercrime forum facilitating the trade of leaked databases and “stealer logs” containing stolen credentials, has been taken down in an international law enforcement operation coordinated by Europol and involving authorities from 14 countries. Police in action (Source:…

Read more →

Bank details and intimate moments captured without people realizing they are being recorded are the new privacy nightmare behind the latest tech fashion hit, Meta Ray-Ban smart glasses. A joint investigation by Svenska Dagbladet and Göteborgs-Posten found that footage and…

Read more →

In this Help Net Security interview, Donald Kossmann, CTO at fintech company Chargebacks911, talks about the emerging security, fraud, and governance risks of “agentic commerce,” where AI agents can autonomously make purchasing decisions on behalf of users or organizations. He…

Read more →

AI agents have evolved from just chatbots, answering questions to executing actions using various integrated tools, often autonomously, and as such the traditional security models have become less efficient. I have seen that firsthand as a security lead for the…

Read more →

Tufin announced its latest AI-powered innovations, enabling customers to utilize its Unified Control Plane to accelerate issue resolution, reduce operational friction, and limit risk – even as network complexity continues to grow. Security teams face pressure to move faster while…

Read more →

Software security has reached an inflection point as AI development tools increase the volume and velocity of software releases, while AI is also powering the next generation of threat actors driving attack volume and sophistication to new heights. For security…

Read more →

A critical RCE vulnerability (CVE-2025-14500) in IceWarp, an EU-made business communication and collaboration platform, may be exploited by attackers to gain unauthorized access to exposed unpatched servers. According to the Shadowserver Foundation, there are currently over 1,200 internet-facing instances that…

Read more →

AI has become the most popular scapegoat in security. While the risk is real, the obsession is costly. Most security failures don’t start with AI. They start with people, access, and security workflows that don’t scale. This webinar aims to…

Read more →

Njordium Cyber Group has launched its Vendor Management System (VMS), a platform that eliminates the costly duplication of third-party assessments under Europe’s overlapping regulations. 70% of European organisations suffered a data breach in the past three years, and 77% of…

Read more →

Zenity Labs disclosed PleaseFix, a family of critical vulnerabilities affecting agentic browsers, including Perplexity Comet, that allow attackers to hijack AI agents, access local files, and steal credentials within authenticated user sessions. The vulnerabilities can be triggered through malicious content…

Read more →

The Chrome browser is moving to a two-week release cycle, a change intended to give developers and users faster access to new features, performance improvements and bug fixes. The new schedule begins with the stable release of Chrome 153 on…

Read more →

ACI Worldwide has launched ACI Connetic for Cards, an integrated card payments suite within ACI Connetic, its cloud-native payments hub. The platform brings together account-to-account payments, card payments, and fraud prevention in one system. ACI’s acquiring, issuing, and ATM and…

Read more →

Arkose Labs has announced the latest release of Arkose Device ID, a solution within the new Arkose Titan platform. It layers AI-driven similarity analysis on top of exact-match identification, enabling recognition of the same device across evolving fingerprints while maintaining…

Read more →

ArmorCode has announced AI Exposure Management (AIEM), delivered on the ArmorCode Agentic AI Platform, as the newest solution in its unified exposure management suite. ArmorCode AIEM is a system of action that provides enterprises with comprehensive visibility and control over…

Read more →

Nitrux 6.0.0, released March 3, 2026, packages several components that security practitioners running Linux workstations will find worth examining: a new hypervisor orchestrator with IOMMU-enforced isolation, a rewritten update system with cryptographic verification, and a recovery mechanism that operates from…

Read more →

ImmuniWeb Discovery has been enhanced with a dedicated Cyber Threat Intelligence (CTI) offering. In addition to detecting customer-specific incidents on the dark web and other locations across the internet, the new CTI capability enables customers to stay continuously informed about…

Read more →

Cybersecurity professionals in the U.S. are working an average of 10.8 extra hours per week beyond their contracted schedules, according to survey data collected from 300 cybersecurity and IT leaders by Sapio Research. That figure effectively adds a sixth working…

Read more →