Category: Help Net Security

The CISO role has changed significantly over the past decade, but according to John White, EMEA Field CISO, Torq, the most disruptive shift is accountability driven by agentic AI. In this Help Net Security interview, White explains how security leaders…

Read more →

GitHub Security Advisories are used to distribute vulnerability information in open-source projects and security tools. A new study finds that only a portion of those advisories ever pass through GitHub’s formal review process. A large scale view of advisory data…

Read more →

Smart home devices in many homes collect audio, video, and location data. The apps that control those devices often focus on the account owner, even when the technology also captures guests, neighbors, and other people who never agreed to be…

Read more →

In this Help Net Security video, Tod Beardsley, VP of Security Research at runZero, explains what CISA’s Known Exploited Vulnerabilities (KEV) Catalog is and how security teams should use it. He shares his perspective as a former section chief for…

Read more →

A growing number of homelab builders and small server operators are testing an open source operating system that combines basic server management, storage control, and container services under a web interface. MOS is a free modular OS built on a…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: United Airlines CISO on building resilience when disruption is inevitable In this Help Net Security interview, Deneen DeFiore, VP and CISO at United Airlines, explains…

Read more →

The U.S. Department of Justice sentenced the CEO of a multi level marketing and bitcoin trading firm to 20 years in prison after a conviction for wire fraud and money laundering tied to a large scale Ponzi scheme. Court records…

Read more →

Attackers are exploiting a recently patched critical vulnerability (CVE-2026-1731) in internet-facing BeyondTrust Remote Support and Privileged Remote Access instances. “Attackers are abusing get_portal_info to extract the x-ns-company value before establishing a WebSocket channel,” Ryan Dewhurst, Head of Threat Intelligence at…

Read more →

Proofpoint has acquired Acuvity, strengthening its platform with AI-native visibility, governance, and runtime protection for AI and agent-driven workflows. As generative AI reshapes how work gets done, organisations are deploying AI copilots, autonomous agents, and model-connected applications across every function,…

Read more →

OpenAI has released a research preview of GPT-5.3-Codex-Spark, an ultra-fast model for real-time coding in Codex. It is available to ChatGPT Pro users in the latest versions of the Codex app, the command-line interface, and the VS Code extension. The…

Read more →

The Dutch National Police arrested a 21-year-old man from Dordrecht as part of a cybercrime investigation by Team Cybercrime Oost-Brabant. The suspect is believed to have distributed a tool known as JokerOTP, a bot used to intercept one-time passwords (OTPs)…

Read more →

Brutus is an open-source, multi-protocol credential testing tool written in pure Go. Designed to replace legacy tools that have long frustrated penetration testers with dependency headaches and integration gaps, Brutus ships as a single binary with zero external dependencies and…

Read more →

Industrial control system networks continue to run on legacy communication protocols that were built for reliability and uptime, not authentication or data integrity. In many environments, malicious actors with access to the OT network can impersonate devices, issue unauthenticated commands,…

Read more →

Security teams running Ubuntu in production often delay major OS upgrades until the next point release arrives with accumulated patches and newer hardware support. Ubuntu 24.04.4 LTS is now available as refreshed installation media for Noble Numbat, bundling the latest…

Read more →

Arctic Wolf has announced new endpoint security capabilities for its Managed Service Provider (MSP) partners. The addition of Aurora Managed Endpoint Defense, powered by the Arctic Wolf Aurora Platform, enables partners to deliver stronger customer protection, streamline service delivery, and…

Read more →

Edge computing is spreading fast, from factory floors to remote infrastructure. But many of these systems are hard to maintain once they are deployed. Devices may run old kernels, custom board support packages, or stacks that no one can rebuild…

Read more →

Threat actors are using AI across the attack lifecycle, increasing speed, scale, and adaptability, according to the 2026 State of Cybersecurity report by Ivanti. The study compares perceived threat levels across common attack types with organizational readiness to respond and…

Read more →

Private equity firms have spent years treating cybersecurity as an IT hygiene issue inside portfolio companies. That approach is getting harder to sustain as ransomware, data theft, and regulatory pressure interfere with value creation during the hold period. Has cybersecurity…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Armis, Black Duck, Portnox, and SpecterOps. Armis Centrix brings unified, AI-driven application security to the SDLC Armis has announced Armis Centrix for Application Security, which…

Read more →

Black Duck has announced the availability of a set of enhanced Black Duck Polaris Platform integrations across all major source code management (SCM) platforms, including GitHub, GitLab, Azure DevOps, and Bitbucket. The Polaris Platform is an integrated, software-as-a-service application security…

Read more →