Category: Help Net Security

Over 1 billion users wear devices for tracking steps, sleep, heart rate, and other personal metrics. These devices collect a continuous stream of sensitive data, often tied to detailed user profiles and companion apps. New Clutch survey data show that…

Read more →

Ivanti has released provisional patches that fix two critical code injection vulnerabilities in Endpoint Manager Mobile (EPMM), one of which (CVE-2026-1281) has been exploited in zero-day attacks and has been added to CISA’s Known Exploited Vulnerabilities catalog. Investigating potential compromise…

Read more →

Google has disrupted Ipidea, a massive residential proxy network consisting of user devices that are being used as the last-mile link in cyberattack chains. “In a single seven day period in January 2026, GTIG observed over 550 individual threat groups…

Read more →

The update infrastructure for eScan antivirus, a product of Indian cybersecurity company MicroWorld Technologies, has been compromised by unknown attackers to deliver a persistent downloader to enterprise and consumer endpoints. The supply chain compromise also resulted in the eScan antivirus…

Read more →

Virtue AI announced AgentSuite, a multi-layer security and compliance platform for enterprise AI agents. Organizations worldwide are deploying agents that modify databases, trigger payments, and access systems containing sensitive information. AgentSuite is the AI-native platform built specifically for this new…

Read more →

France data protection authority CNIL has fined public employment agency France Travail €5 million for failing to ensure the security of personal data of job seekers. Attackers gained access to the organization’s systems through social engineering techniques that targeted accounts…

Read more →

Druva announced the launch of Threat Watch, a zero-touch, automated cloud-native solution for proactive threat monitoring of backup data. Threat Watch is designed to continuously scan backup snapshots to identify dormant threats and indicators of compromise (IOCs), empowering IT and…

Read more →

N-able announced enhanced AI capabilities across its platform to help organizations operate securely, efficiently, and resiliently as AI reshapes both cyberthreats and IT complexity. As AI accelerates the speed, scale, and sophistication of cyberattacks, businesses are struggling to defend themselves.…

Read more →

Microsoft will change how Conditional Access policies are enforced in Microsoft Entra starting March 27, 2026, with a phased rollout continuing through June 2026. The change affects sign-ins through client applications that request only OIDC scopes or a limited set…

Read more →

cside announced the launch of VPN Detection. The new solution enables businesses to detect and manage traffic originating from virtual private networks. As verification laws and content distribution agreements tighten, cside VPN Detection helps address compliance requirements while protecting organizations…

Read more →

Sumsub announced the launch of its AI Agent Verification solution, an approach to controlling AI-driven automation by binding it to a real, verified human identity within Sumsub’s Know Your Agent (KYA) framework. As AI agents and browser-based automation grow in…

Read more →

Tosi customers worldwide gain access to the Tosi Platform, which unifies connectivity, visibility, and security across operational technology environments in every industry, regardless of size or complexity. At the heart of the platform is Tosi Control, a cloud-based console that…

Read more →

Google agrees to pay $135 million to settle a proposed class action lawsuit brought by Android smartphone users over alleged unauthorized cellular data transmissions. After fees and administrative costs are deducted, the remaining settlement funds would be divided among eligible…

Read more →

Our phones hold our most personal details, and we use them everywhere. On the bus, in elevators, and while waiting in line, screens are often visible to people nearby. The closer phones align with daily habits, the more persistent privacy…

Read more →

SolarWinds has fixed six critical and high-severity vulnerabilities in its popular Web Help Desk (WHD) support ticketing and asset management solution, and is urging customers to upgrade to v2026.1 as soon as possible. The vulnerabilities The WHD vulnerabilities fixed were…

Read more →

Dynatrace announced next-generation Real User Monitoring (RUM) capabilities that deliver unified insights across web and mobile applications. RUM has become essential to understanding how applications perform for real users. But as organizations shift to dynamic, cloud-native, and AI-driven architectures, including…

Read more →

Open source malware activity during 2025 concentrated on a single objective: executing code inside developer environments, according to Sonatype. The focus reflected a broader shift in supply chain attacks away from end users and toward the tools, machines, and pipelines…

Read more →

This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. OpenAEV: Open-source adversarial exposure validation platform OpenAEV is an open source platform designed to plan, run, and review cyber adversary simulation campaigns…

Read more →

Most hackers spend more time learning, testing, and comparing notes than breaking into systems. The work often happens alone or in small groups, shaped by curiosity, persistence, and a habit of examining how systems behave. Bugcrowd examined who these security…

Read more →

In this Help Net Security video, Shebani Baweja, CISO for Consumer, Private, Wealth & Business Banking at Standard Chartered, explains how security leaders should think about cyber resilience. She outlines why preparation for extreme events matters as much as day…

Read more →