Category: Help Net Security

Most organizations running Microsoft 365 rely on native email controls as their primary line of defense. According to Mimecast research, 38% of organizations depend exclusively on those native controls for collaboration security, and 64% say those controls are insufficient against…

Read more →

Generative AI tools have brought the cost of deepfake production low enough that criminals and state-sponsored actors now use them routinely against financial institutions. A joint paper from the American Bankers Association, the Better Identity Coalition, and the Financial Services…

Read more →

Machine learning models built to catch malware on Windows systems are typically evaluated on data that closely resembles their training set. In practice, the malware arriving on enterprise endpoints looks different, comes from different sources, and in many cases has…

Read more →

Google’s latest research suggests the cryptocurrency industry may have less time than expected to prepare for quantum computing. In a whitepaper, Google examines risks to elliptic curve cryptography, the system securing most blockchain networks. The researchers revisit earlier assumptions about…

Read more →

Pondurance announced MDR Essentials, MDR Essentials, an MDR service providing an autonomous SOC that reduces the time from threat detection to containment by 90%. Threat actors today use AI to attack at machine-speed, making it difficult for traditional cybersecurity solutions…

Read more →

Amazon’s latest AI capabilities bring on-demand penetration testing through the AWS Security Agent, alongside the AWS DevOps Agent. “These agents are changing the way we secure and operate software. AWS Security Agent compresses penetration testing timelines from 2-6 weeks to…

Read more →

DoControl announced new capabilities that provide visibility, monitoring, and automated control for Google Gemini Gems, a newly introduced feature within Google Gemini that enables teams to create customizable AI GPTs. With this launch, DoControl is the first platform to provide…

Read more →

Codenotary launched AgentMon, an enterprise-grade monitoring designed specifically for agentic networks, providing organizations with real-time visibility into the security, performance and cost of AI-driven agents operating across the enterprise. As adoption of AI accelerates, agentic systems, semi-autonomous software agents that…

Read more →

Security researchers report a notable increase in device code phishing activity aimed at Microsoft 365 users, and have attributed this rise to the availability of EvilTokens, a new, specialized phishing toolkit that’s being offered as-a-service via Telegram. What is device…

Read more →

Foxit Software introduced a new capability designed to uncover hidden security risks inside PDFs as part of its latest PDF Editor 2026.1 release for Windows and macOS. The update is led by PDF Action Inspector, a new tool that proactively…

Read more →

Bitdefender has announced the Bitdefender Internal Attack Surface Assessment, a complimentary evaluation that helps organizations identify and reduce hidden internal cyber risks caused by unnecessary user access to applications, tools, and operating system utilities commonly exploited in attacks. The assessment…

Read more →

US prosecutors have charged a Maryland man in connection with two hacks of the Uranium Finance cryptocurrency exchange that led to losses exceeding $50 million. Jonathan Spalletta, also known as “Cthulhon” and “Jspalletta,” is accused of abusing vulnerabilities in Uranium…

Read more →

New research from the 2026 SANS Identity Threats & Defenses Survey shows that 55% of organizations experienced an identity-related compromise last year, while 26% reported MFA fatigue as a factor in identity attacks. Download the report to learn: Why identity…

Read more →

Apple has added a new security feature in macOS Tahoe 26.4 that warns users before they enter commands in Terminal that could cause harm. The goal is to stop ClickFix attacks, a social engineering trick that gets users to run…

Read more →

Microsoft released Windows 11 Insider Preview Build 29558.1000 to the Canary Channel, part of the optional 29500 build series. The build carries a set of changes focused on the Windows Console, a handful of bug fixes, and small improvements to…

Read more →

An unknown attacker has compromised the GitHub and npm accounts of the main developer of Axios, a widely used HTTP client library, and published npm packages backdoored with a malicious dependency that triggered the installation of droppers and remote access…

Read more →

To help prevent malicious actors from spreading harmful apps while hiding behind anonymity, Google is rolling out developer verification to all Android developers. The company is also introducing app registration, which links apps to verified developer identities. Developers can still…

Read more →

Intel engineers have published a centralized repository of data center performance knowledge on GitHub, giving practitioners direct access to tuning guides, configuration recommendations, and optimization recipes that previously required hunting across forums and scattered documentation. The repository, called Optimization Zone,…

Read more →

The open-source spam filtering platform Rspamd released version 4.0.0, delivering infrastructure changes across its scan protocol, memory model, hash storage, and configuration system. Several of the changes are breaking, and at least one requires a migration step before upgrade. A…

Read more →

To help organizations minimize the impact of malware attacks on personal computers, Google launched ransomware detection and file restoration in beta in September 2025. These features are now generally available. End user alert in Drive for desktop when ransomware is…

Read more →