Category: Help Net Security

Trend Micro has released a critical patch fixing several remotely exploitable vulnerabilities in Apex Central (on-premise), including a flaw (CVE-2025-69258) that may allow unauthenticated attackers to achieve code execution on affected installations. The three vulnerabilities were unearthed and privately reported…

Read more →

Security and operations teams often work with firewall platforms that require frequent tuning or upgrades to meet evolving network demands. IPFire has released its 2.29 Core Update 199, aimed at network and protection teams that manage this open source firewall…

Read more →

Phishing-as-a-Service (PhaaS) kits lower the barrier to entry, enabling less-skilled attackers to run large-scale, targeted phishing campaigns that impersonate legitimate services and institutions, according to Barracuda Networks. Phishing kits grow more sophisticated and scalable Barracuda threat analysts found that in…

Read more →

Security teams spend a lot of time stitching together checks across container images, running workloads, and deployment pipelines. The work often happens under time pressure, with engineers trying to keep clusters stable while meeting internal policy requirements. The StackRox open…

Read more →

Most PCI DSS failures do not start with malware or a targeted attack. They start with everyday behavior. Reused passwords. Credentials stored in spreadsheets. Shared logins are passed around during busy periods. For CISOs, password hygiene remains one of the…

Read more →

In this Help Net Security video, Ashley Rose, CEO at Living Security, discusses how AI is changing insider risk. AI is now built into daily work across departments, which shifts how risk shows up and how security teams should respond.…

Read more →

Many voice protection tools promise to block cloning by adding hidden noise to speech. Researchers at a Texas university found that widely used voice protection methods can be stripped away, restoring speaker identity and allowing fake voices to pass automated…

Read more →

The UK has announced a new Government Cyber Action Plan aimed at making online public services more secure and resilient, and has allocated £210 million (approximately $283 million) to implement it. Setting up a Government Cyber Unit “Cyber attacks can…

Read more →

The Debian Project is asking for volunteers to step in after its Data Protection Team became inactive. All three members of the team stepped down at the same time, leaving no dedicated group to handle privacy and data protection work.…

Read more →

Suspected Russian attackers are targeting the hospitality sector with fake Booking.com emails and a fake “Blue Screen of Death” to deliver the DCRat malware. The malware delivery campaign starts with phishing emails that feature room charge details in euros, which…

Read more →

World Wide Technology (WWT) announced its AI Readiness Model for Operational Resilience (ARMOR), a vendor-agnostic solution, delivered by WWT, leveraging a jointly developed framework with NVIDIA. Refined with real-world feedback from The Texas A&M University System, ARMOR is among the…

Read more →

Hexnode has launched Hexnode XDR, its new extended detection and response platform, taking an important step toward making enterprise-level security more accessible for IT teams of all sizes. The platform brings detection, investigation, and response together in one place, laying…

Read more →

Exabeam announced it is the first to deliver a connected system of AI-driven security workflows to protect organizations from the risks of AI usage and AI agent activity. This release extends the company’s user and entity behavior analytics (UEBA) to…

Read more →

Keysight Technologies introduced Keysight AI Software Integrity Builder, a new software solution designed to transform how AI-enabled systems are validated and maintained to ensure trustworthiness. As regulatory scrutiny increases and AI development becomes increasingly complex, the solution delivers transparent, adaptable,…

Read more →

System level risks can arise when AI agents interact over time, according to new research that examines how collective behavior forms inside multi agent systems. The study finds that feedback loops, shared signals, and coordination patterns can produce outcomes that…

Read more →

European security and compliance teams spend a lot of time talking about regulation. A new forecast report from Kiteworks suggests the harder problem sits elsewhere. According to the report, many European organizations have strong regulatory frameworks on paper, driven by…

Read more →

Security teams track activity that moves well beyond traditional SaaS platforms, with employees interacting daily with generative AI tools, personal cloud services, and automated systems that exchange data without direct human input. These patterns shape how sensitive information moves across…

Read more →

Identity security planning is becoming more focused on scale, governance, and operational strain, according to the Identity Security Outlook 2026 report. The ManageEngine research draws on responses from 515 identity and security leaders in the United States and Canada and…

Read more →

Firewall rules often begin as a sentence in someone’s head. A team needs access to an application. A service needs to be blocked after hours. Translating those ideas into vendor specific firewall syntax usually involves detailed knowledge of zones, objects,…

Read more →

Blokada is a network privacy and ad-blocking application available on Android, iOS, Windows, macOS, and Linux. It is designed to reduce ads, block trackers, and limit unwanted network connections at the system level. Getting started Blokada’s interface is simple. A…

Read more →