Category: Help Net Security

Codenotary has announced Codenotary Trust, a unified SaaS platform that uses AI to instantly detect, prioritize, and autonomously fix security, configuration, and performance issues, while also providing rollback capabilities. Importantly, the product is designed with the talent shortage in mind…

Read more →

Fideo Intelligence announced an expansion of its dark web monitoring and threat intelligence capabilities to help financial institutions, fintech companies, payment service providers (PSPs), and merchants detect fraud earlier and reduce payment risk. As payment credentials, identity data, and fraud…

Read more →

Push Security has announced new malicious browser extension detection and blocking capabilities within its browser-based security platform. The feature enables organizations to automatically block known-bad extensions from running in employee browsers. Attackers are increasingly turning to malicious browser extensions as…

Read more →

Reclaim Security has raised $26 million in total funding, including a recent $20 million Series A round led by Acrew Capital, with participation from QP Ventures and Ibex Investors. The funding will accelerate the company’s mission to eliminate what many…

Read more →

Cisco has confirmed that two Catalyst SD-WAN Manager vulnerabilities (CVE-2026-20128 and CVE-2026-20122) patched in late February 2025 are being exploited by attackers. The exploited vulnerabilities (CVE-2026-20128, CVE-2026-20122) CVE-2026-20128 is a bug in the Data Collection Agent (DCA) feature of Cisco…

Read more →

Malware increasingly travels through the infrastructure that delivers online advertising. The Media Trust’s Global Report on Digital Trust, Ad Integrity, and the Protection of People describes a digital ad ecosystem where scam campaigns, malicious redirects, and malware delivery appear alongside…

Read more →

Google is making changes to the Play Store after settling its legal fight with Epic Games, focusing on three areas: more billing options, lower fees with new programs for developers, and a program for registered app stores. The rollout begins…

Read more →

A newly discovered vulnerability (CVE-2026-28289) in the open-source help desk platform FreeScout could allow attackers to take over vulnerable servers by sending a specially crafted email to a FreeScout mailbox. CVE-2026-28289 exploitation FreeScout is a free, open-source help desk and…

Read more →

Beazley Security has announced its Exposure Management product, which delivers continuous, automated discovery and intelligence-driven exposure notifications to help security teams accelerate risk mitigation in an era where AI-assisted attackers have compressed the time between vulnerability disclosure, weaponization, and exploitation.…

Read more →

Tycoon 2FA, a phishing-as-a-service platform that allowed cybercriminals to bypass MFA and break into online accounts, has been disrupted by law enforcement agencies and cybersecurity partners. Takedown of the Tycoon 2FA phishing-as-a-service platform (Source: Europol) Active since August 2023, Tycoon…

Read more →

LeakBase, an open-web cybercrime forum facilitating the trade of leaked databases and “stealer logs” containing stolen credentials, has been taken down in an international law enforcement operation coordinated by Europol and involving authorities from 14 countries. Police in action (Source:…

Read more →

Bank details and intimate moments captured without people realizing they are being recorded are the new privacy nightmare behind the latest tech fashion hit, Meta Ray-Ban smart glasses. A joint investigation by Svenska Dagbladet and Göteborgs-Posten found that footage and…

Read more →

In this Help Net Security interview, Donald Kossmann, CTO at fintech company Chargebacks911, talks about the emerging security, fraud, and governance risks of “agentic commerce,” where AI agents can autonomously make purchasing decisions on behalf of users or organizations. He…

Read more →

AI agents have evolved from just chatbots, answering questions to executing actions using various integrated tools, often autonomously, and as such the traditional security models have become less efficient. I have seen that firsthand as a security lead for the…

Read more →

Tufin announced its latest AI-powered innovations, enabling customers to utilize its Unified Control Plane to accelerate issue resolution, reduce operational friction, and limit risk – even as network complexity continues to grow. Security teams face pressure to move faster while…

Read more →

Software security has reached an inflection point as AI development tools increase the volume and velocity of software releases, while AI is also powering the next generation of threat actors driving attack volume and sophistication to new heights. For security…

Read more →

A critical RCE vulnerability (CVE-2025-14500) in IceWarp, an EU-made business communication and collaboration platform, may be exploited by attackers to gain unauthorized access to exposed unpatched servers. According to the Shadowserver Foundation, there are currently over 1,200 internet-facing instances that…

Read more →

AI has become the most popular scapegoat in security. While the risk is real, the obsession is costly. Most security failures don’t start with AI. They start with people, access, and security workflows that don’t scale. This webinar aims to…

Read more →

Njordium Cyber Group has launched its Vendor Management System (VMS), a platform that eliminates the costly duplication of third-party assessments under Europe’s overlapping regulations. 70% of European organisations suffered a data breach in the past three years, and 77% of…

Read more →

Zenity Labs disclosed PleaseFix, a family of critical vulnerabilities affecting agentic browsers, including Perplexity Comet, that allow attackers to hijack AI agents, access local files, and steal credentials within authenticated user sessions. The vulnerabilities can be triggered through malicious content…

Read more →