Category: Help Net Security

AI has moved into enterprise operations faster than many security programs expected. It is embedded in workflows, physical systems, and core infrastructure. Some AI tools reach hundreds of millions of users each week. Inference costs have fallen 280 fold, but…

Read more →

StackHawk is adding Business Logic Testing (BLT) to its AppSec offerings. StackHawk’s BLT automates the detection of critical authorization flaws that account for 34% of security breaches. Business logic flaws, such as broken object level authorization (BOLA) and broken function…

Read more →

Law enforcement agencies from several European countries have arrested twelve persons suspected of being involved in scamming victims across Europe, Eurojust announced today. “The fraudsters used various scams, such as posing as police officers to withdraw money using their victims’…

Read more →

Audio streaming service SoundCloud has suffered a breach and has been repeatedly hit by denial of service attacks, the company confirmed on Monday. In the days leading up to the confirmation, users accessing SoundCloud through VPNs reported connection failures and…

Read more →

In this Help Net Security interview, Scott Bachand, CIO/CISO at Ro, discusses how telehealth reshapes the flow of patient data and what that means for security. He explains why organizations must strengthen data classification and visibility as systems and vendors…

Read more →

Phishing is still a go-to tactic for attackers, which is why even small gains in user training are worth noticing. A recent research project from the University of Bari looked at whether LLMs can produce training that helps people spot…

Read more →

Security teams know the strain that comes from tightening authentication controls while keeping users productive. A new report from Okta suggests this strain is easing. Stronger authentication methods are gaining traction, and many of them let users move through sign…

Read more →

GlassWire is a free network monitoring and security application for Windows and Android. It lets you see how your system communicates over the internet and local network. The Windows version also offers a Premium tier with advanced features, while the…

Read more →

Cybersecurity Senior Manager Grant Thornton | USA | On-site – View job details As a Cybersecurity Senior Manager, you will lead and perform cybersecurity assessments, including capability, threat and risk, architecture, compliance, and configuration reviews. You will oversee technical security…

Read more →

The internet stayed busy, brittle, and under constant pressure in 2025. Cloudflare’s annual Radar Year in Review offers a wide view of how traffic moved, where attacks clustered, and what failed when systems were stressed. Cloudflare, which operates a large…

Read more →

Astra Security announced the launch of its Cloud Vulnerability Scanner, a new solution designed to help organizations continuously maintain validated cloud security. Cloud infrastructures change constantly as teams create new IAM roles, adjust network rules, and deploy new workloads. Quarterly…

Read more →

Apple has issued security updates with fixes for two WebKit vulnerabilities (CVE-2025-14174, CVE-2025-43529) that have been exploited as zero-days. Several days before the release of these updates, Google fixed CVE-2025-14174 in the desktop version of Chrome, though at the time…

Read more →

OffSec has released Kali Linux 2025.4, a new version of its widely used penetration testing and digital forensics platform. Most of the changes are related to appearance and usability: Kali’s GNOME desktop environment now organizes Kali tools into folders via…

Read more →

People are starting to hand more decisions to AI agents, from booking trips to sorting digital files. The idea sounds simple. Tell the agent what you want, then let it work through the steps. The hard part is what the…

Read more →

Prometheus is an open-source monitoring and alerting system built for environments where services change often and failures can spread fast. For security teams and DevOps engineers, it has become a common way to track system behavior, spot early warning signs,…

Read more →

Lost credentials and weak authentication controls still sit at the center of many security incidents. IT leaders and CISOs know this problem well. They also know that regulators watch how organizations protect passwords, track access, and document security decisions. That…

Read more →

Mobile security has long depended on tight control over how apps and services interact with a device. A new paper from the Center for Cybersecurity Policy and Law warns that this control may weaken as the European Union’s Digital Markets…

Read more →

Manufacturing leaders may feel that ransomware risk has settled, but new data shows the threat is shifting in ways that require attention, according to a Sophos report. A global survey of 332 IT and security leaders outlines how attackers are…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 40 open-source tools redefining how security teams secure the stack Open source security software has become a key way for teams to get flexibility, transparency,…

Read more →

ImmuniWeb has unveiled a major update to its ImmuniWeb AI Platform, based on ongoing research as well as valuable feedback from customers and partners in over 50 countries. This cumulative Q4 update builds on the Q3 update announced in early…

Read more →