Category: Help Net Security

An out-of-the-box setting in Cursor, a popular AI source-code editor, could be leveraged by attackers to covertly run malicious code on users’ computers, researchers have warned. An exploitable vulnerability in the Cursor AI editor Cursor is an AI-augmented fork of…

Read more →

Cynomi has launched its Third-Party Risk Management (TPRM) module. Delivered as an add-on to the Cynomi vCISO Platform, the new capability integrates vendor risk management into existing service providers’ workflows. The global third-party risk management market, valued at $7.42 billion…

Read more →

Hush Security has raised $11 million in seed funding led by Battery Ventures and YL Ventures. As agentic AI expands, Hush replaces legacy vaults and secrets across the enterprise with just-in-time, policy-driven access controls enforced at runtime. This approach eliminates…

Read more →

You type your email address into a website form but never hit submit. Hours later, a marketing email shows up in your inbox. According to new research, that is not a coincidence. A team of researchers from UC Davis, Maastricht…

Read more →

To succeed in the risk environment, risk, audit, and compliance leaders need to focus on what Gartner calls “reflexive risk ownership.” This is a future state where business leaders don’t just identify and manage risks after they occur, but instinctively…

Read more →

In this Help Net Security video, John Wilson, Senior Fellow, Threat Research at Fortra, explores the state of DMARC adoption across the top 10 million internet domains. He explains how SPF, DKIM, and DMARC work together to prevent email spoofing,…

Read more →

AI is being adopted across industries, but many organizations are hitting the same obstacles, according to Tines. IT leaders say orchestration is the key to scaling AI. They point to governance, visibility, and collaboration as the critical areas executives need…

Read more →

In this Help Net Security interview, Gregory Richardson, Vice President, Advisory CISO Worldwide, at BlackBerry, talks about the growing risks to communications networks. He explains why attackers focus on these networks and how their motivations range from corporate espionage to…

Read more →

Coro announced the latest version of its platform. Coro 3.6 leverages AI to transform complex security into easy-to-use security for resource-constrained SMBs. Today, SMBs require a solution to enhance their security posture. Coro’s unified platform ensures that everything works together…

Read more →

Lookout introduces Smishing AI, an AI-powered solution designed to protect enterprises from the growing threat of SMS phishing (smishing) attacks. SMS phishing, commonly called “smishing,” is a cyberattack where fraudsters send misleading text messages to trick people into giving up…

Read more →

On September 2025 Patch Tuesday, Microsoft has released patches for 80+ vulnerabilities in its various software products, but the good news is that none of them are actively exploited. Among the critical and important vulnerabilities patched by Microsoft this time…

Read more →

Most organizations run an annual network penetration test, remediate the issues it uncovers, and move on. But attackers are probing networks every day, using publicly available tools to exploit common misconfigurations and overlooked vulnerabilities. A new report, based on over…

Read more →

Xage Security has released zero trust platform designed to secure AI environments. Built on the same proven zero trust principles Xage uses to protect critical infrastructure, the platform delivers control over AI data access, tool usage, and multi-agent workflows, eliminating…

Read more →

Perforce Software has expanded its software testing and synthetic data offerings with the introduction of AI-powered synthetic data generation. Delphix AI introduces a new language model embedded into the Delphix DevOps Data Platform, allowing teams to automatically deliver synthetic data…

Read more →

Gigamon has released Gigamon Insights, an agentic AI application purpose-built for network-derived telemetry that will deliver instant guidance for security and IT operations teams. Launching with integrations into SIEM and observability platforms from Elastic and Splunk and cloud services from…

Read more →

DataLocker introduces DL GO, a secure and easy-to-use encrypted USB flash drive, alongside MySafeConsole, a lightweight cloud console that gives individuals and small teams centralized control, without enterprise cost. DL GO safeguards data with AES-256 XTS (FIPS 197) hardware encryption…

Read more →

LLMs can make mistakes, leak data, or be tricked into doing things they were not meant to do. Garak is a free, open-source tool designed to test these weaknesses. It checks for problems like hallucinations, prompt injections, jailbreaks, and toxic…

Read more →

Deception and media manipulation have always been part of warfare, but AI has taken them to a new level. Entrust reports that deepfakes were created every five minutes in 2024, while the European Parliament estimates that 8 million will circulate…

Read more →

Organizations often operate as if their security controls are fully effective simply because they’re deployed, configured, and monitored. Firewalls are in place, endpoints are protected, and SIEM rules are running. All good, right? Not so fast. Appearances can be deceiving.…

Read more →

Breaches continue to grow in scale and speed, yet the weakest point remains unchanged: people. According to Dune Security’s 2025 CISO Risk Intelligence Survey, over 90 percent of incidents still originate from user behavior rather than technical flaws. The survey…

Read more →