Category: Help Net Security

Attackers who probe large language models rarely give up after one refusal. They reframe, build context across turns, adopt personas, and escalate gradually. New research from Cisco’s AI threat intelligence team finds that the safety benchmarks used across the industry…

Read more →

Nudge Security announced that its AI security platform offers discovery of shadow AI agents via the browser, extending its agent discovery capabilities to cover platforms that do not provide a public API for agent identity and inventory. The new browser-based…

Read more →

Presented here is a curated selection of noteworthy open-source cybersecurity solutions that have drawn recognition for their ability to enhance security postures across diverse settings. Pipelock: Open-source AI agent firewall AI coding agents run with shell access, environment variables containing…

Read more →

70% of organizations use GenAI in live environments, and 64% have AI agents in pilot or production deployments. Some of those agents have privileged access to core systems, according to Check Point’s 2026 Cloud Security Report. Confirmed and suspected AI…

Read more →

Canonical released Workshop, a tool that launches sandboxed development environments on Ubuntu with a single command. Environments are configured once and reproduced on different machines, giving teams consistent setups across development workstations and deployment pipelines. A terminal showing the output…

Read more →

Cybercriminals are using AI chatbot interactions alongside poisoned search results to direct users to malicious download sites in an active cryptojacking campaign, Microsoft has warned. The campaign impersonates legitimate software tools such as CrystalDiskInfo, HWMonitor, Display Driver Uninstaller (DDU), FurMark,…

Read more →

The Silent Ransom Group (SRG) is targeting law firms using social engineering techniques and an unusual tactic for cybercriminals: showing up at victims’ offices in person while posing as IT staff, the FBI warns. The group, also known as Luna…

Read more →

Google Cloud introduced AI Threat Defense, an automated cybersecurity platform that combines several of the company’s security assets to find, prioritize, and patch software vulnerabilities at machine speed. The product is aimed at enterprises contending with attackers who use AI…

Read more →

Cogent has launched two new platform capabilities designed to reduce the time between vulnerability disclosure and confirmed remediation. Zero Day Response identifies exposure within minutes of public disclosure, without waiting for scanner signatures. Autonomous Remediation determines the right fix, assesses…

Read more →

Anthropic introduced a security-guidance plugin for Claude Code that reviews code changes for common vulnerabilities and helps Claude identify and fix issues during the same development session. The company says the plugin is designed to catch issues such as injection…

Read more →

eSentire has unveiled new preempt, detect, and respond capabilities within the Atlas Platform, a unified agentic AI platform with purpose-built AI Operatives that work together in a continuous security lifecycle. Controlled autonomy SecOps The Atlas Platform delivers purpose-built and adaptive…

Read more →

Ping Identity announced new capabilities that extend the Ping Identity Platform for the agentic enterprise, where AI agents, automation, and developers increasingly shape how access is managed, governed, and secured across organizations. AI agents are changing both sides of the…

Read more →

Attackers are hosting counterfeit installers and plugins on GitHub and SourceForge that pose as widely used software, including ChatGPT, Claude, AutoTune, Kontakt, Ableton Live, and ZENOLOGY. The downloads deliver a backdoor called DinDoor, which then loads a remote access Trojan…

Read more →

Apple has published its post-quantum cryptography implementations in corecrypto, together with mathematical proofs and verification tools for independent expert evaluation, allowing external researchers to review the work and reproduce the company’s analysis. Post-quantum cryptography is designed to protect encrypted data…

Read more →

Jetico has announced the extension of BestCrypt Data Shelter to include centrally managed enterprise data access control for sensitive files. The solution allows security teams to define and enforce policies governing which applications, processes and users can access protected files.…

Read more →

Franklin Access has launched a three-layer security system integrated into its Wi-Fi routers, delivering enterprise-grade protection for consumers and small businesses. The system runs automatically in the background, blocking millions of malicious websites in real time to protect families, children,…

Read more →

AppOmni has launched Marlin AI to transform how enterprise organizations defend complex SaaS applications. Marlin AI delivers autonomous AI-powered SaaS security that leverages AppOmni’s deep SaaS application observability. It actively correlates SaaS security indicators, performs deep investigations, and guides security…

Read more →

Novee has announced Agentic Fix, an enhancement to its AI penetration testing platform that helps teams move from validating security findings to deploying fixes in a single step. Agentic Fix extends Novee’s platform by generating remediation guidance from the same…

Read more →

Crypto payment firms sit near the top of the target list for advanced persistent threat groups, and the workload on their security leaders keeps growing. Malcolm Portelli, CISO at Coinflow, runs the company’s security program from Malta. Coinflow is headquartered…

Read more →

Vigolium, an open-source vulnerability scanner that combines deterministic scanning with AI-driven auditing, launched its initial open-source release this month. The project ships 235+ scanner modules and an in-process agent runtime called olium that handles autonomous endpoint discovery, attack planning, and…

Read more →