Category: Help Net Security

Cybersecurity has long suffered from a people problem, but not in the way we often hear about. As industry that is based on enabling communication across the globe via the internet and many types of devices, many of us practitioners…

Read more →

In this Help Net Security video, Jay Miller, CISO at Paessler, explains how security leaders can communicate technical risk to executives and board members in terms they understand. The focus is on business impact: financial loss, compliance fines, reputation damage,…

Read more →

Presented here is a curated selection of noteworthy open-source cybersecurity solutions that have drawn recognition for their ability to enhance security postures across diverse settings. BlacksmithAI: Open-source AI-powered penetration testing framework BlacksmithAI is an open-source penetration testing framework that uses…

Read more →

Android Malware Research Director Alice | Israel | On-site – View job details As an Android Malware Research Director, you will establish operational processes, workflows, and quality standards for the team, while integrating the function into existing infrastructure. You will…

Read more →

RSAC 2026 Conference marked a return to form, more vibrant and better attended than any show I can recall over the past decade. The audience was distinctly international, with strong representation from North America, Europe and Latin America, and it…

Read more →

TeamPCP’s destructive run of supply chain breaches has stopped, for now: it has been three days since the group published malicious versions of Telnyx’s SDK on PyPI, and there haven’t been reports of new open-source project compromises. Partnership with emerging…

Read more →

Diligent launched of Third-Party Risk Intel, an agentic due diligence and intelligence solution that automates the most time-consuming steps of third-party reviews, delivering up to 80% time savings for compliance, legal, and procurement teams. The launch builds on the company’s…

Read more →

Coro has announced new Model Context Protocol (MCP) capabilities that extend its AI-driven security platform beyond the Coro interface, allowing users to access, analyze, and take action on security data directly from tools like ChatGPT, Claude, and other AI environments.…

Read more →

IPVanish launched Threat Protection Pro, a new feature for Windows and macOS that is designed to provide always-on digital security. Threat Protection Pro is powered by cybersecurity technology from VIPRE, bringing over 25 years of threat intelligence and security expertise…

Read more →

A critical SQL injection vulnerability (CVE-2026-21643) in Fortinet FortiClient Endpoint Management Server (EMS), a management server for FortiClient endpoint agents on various platforms, is under active exploitation. The warning comes from Defused Cyber, which helps organizations deploy honeypots/fake assets, and…

Read more →

The European Commission confirmed that a cyberattack impacted cloud infrastructure hosting its web presence on the Europa.eu platform. Authorities said the cyberattack was discovered on 24 March, and early findings from the ongoing investigation suggest data were taken from the…

Read more →

The European Commission confirmed that a cyberattack impacted cloud infrastructure hosting its web presence on the Europa.eu platform. Authorities said the cyberattack was discovered on 24 March, and early findings from the ongoing investigation suggest data were taken from the…

Read more →

Google introduced a suite of location privacy features in Android 17 Beta 3 to give users more control and provide developers with tools for data minimization and product safety. Location button overview Android 17 introduces a new UI element called…

Read more →

Bootable Linux recovery environments occupy a specific niche in the systems administration and incident response toolkit. SystemRescue, an Arch-based live distribution built for repairing unbootable systems and recovering data from damaged drives, has shipped version 13.00 with a new long-term…

Read more →

I have been in security rooms for years, from military operations centers to corporate boardrooms. In all those years I can tell you that the hardest mission that most security leaders will face is not identifying a threat, but getting…

Read more →

Security teams have long relied on a mix of shell scripts, cron jobs, and loosely connected tools to chain reconnaissance and vulnerability scanning work together. ShipSec Studio, an open-source security workflow automation platform from ShipSec AI, aims to replace that…

Read more →

Container sandboxes are part of routine AI agent testing and deployment. Agents use them to run code, edit files, and interact with system resources without direct access to the host. The SandboxEscapeBench benchmark, developed by researchers at the University of…

Read more →

People are filling their homes with internet-connected cameras, speakers, locks, and routers. When one of those devices is compromised, the next steps are often unclear. Researchers reviewing government cybersecurity advice in 11 countries found that most guidance focuses on prevention,…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: NIST updates its DNS security guidance for the first time in over a decade DNS infrastructure underpins nearly every network connection an organization makes, yet…

Read more →

A critical unauthenticated remote code execution vulnerability (CVE-2025-53521) in F5’s BIG-IP Access Policy Manager (APM) solution is under active exploitation, the US Cybersecurity and Infrastructure Security Agency warned on Friday. CISA added the flaw to its Known Exploited Vulnerabilities catalog…

Read more →