Category: Help Net Security

Snowflake announced advancements that make data AI-ready by design, enabling enterprises to rely on data that is continuously available, usable, and governed as AI transitions from experimentation into real-world production systems. With new enhancements to Snowflake Postgres, the database now…

Read more →

Mozilla will add a set of controls in Firefox that let users manage and block GenAI features in the desktop browser. The controls will be included in Firefox version 148 on February 24, 2026. “We believe choice is more important…

Read more →

Software development relies on a steady flow of third-party code, automated updates, and fast release cycles. That environment has made the software supply chain a routine point of entry for attackers, with malicious activity blending into normal build and deployment…

Read more →

Boards of Directors (BoDs) do three things exceptionally well when cyber is framed correctly. They set risk appetite, they allocate capital, and they demand evidence that the business can withstand disruption without losing momentum. Why cyber keeps becoming a board…

Read more →

Application Security Engineer Liebherr Group | Germany | Hybrid – View job details As an Application Security Engineer, you will As an Application Security Engineer, you will implement and automate application security testing, perform vulnerability assessments and penetration testing, and…

Read more →

Online accounts usually rely on a password, but passwords alone can be weak if they’re reused, easily guessed, or stolen. Two-factor authentication (2FA) adds a second layer of verification, usually a six-digit code generated by an app on your phone.…

Read more →

Multi-factor authentication (MFA) is supposed to defend against phishing attacks, but threat actors operating under the ShinyHunters banner are using it as a pretext in ongoing social engineering attacks aimed at bypassing it. Among those successfully targeted in these latest…

Read more →

Malwarebytes announced Malwarebytes in ChatGPT, a new way for individuals and small businesses to get fast, trusted security assistance directly within ChatGPT. Users can ask Malwarebytes to check whether something is a scam or spam, tapping into the company’s deep…

Read more →

Suspected Chinese state-sponsored attackers hijacked the Notepad++ update mechanism by compromising the software project’s shared hosting server and intercepting and redirecting update traffic destined for notepad-plus-plus.org, the software’s maintainer Don Ho confirmed on Monday. The attack timeline In early December…

Read more →

With preparations well underway, Span Cyber Security Arena 2026 is set to return for its third edition, bringing together domestic and international experts in cyber security. As in previous years, the conference is designed for everyone involved in that area…

Read more →

Windows is shifting to a more secure authentication approach, moving away from New Technology LAN Manager (NTLM) and toward stronger, Kerberos-based options. NTLM has been part of Windows for decades and continues to appear in some environments, particularly where legacy…

Read more →

The NSA has published Phase One and Phase Two of its Zero Trust Implementation Guidelines, providing structured guidance for organizations working to implement zero trust cybersecurity practices. The documents are part of a larger series designed to support adoption of…

Read more →

AI has come a long way in the pentesting world. We are now seeing open-source tools that can genuinely mimic how a human tester works, not just fire off scans. I dug into three of them, BugTrace-AI, Shannon, and CAI,…

Read more →

In this Help Net Security video, Rishi Kaushal, CIO at Entrust, explains how security leaders should talk to the board about cyber risk. He focuses on what matters to board members and what does not. He links cryptography, certificates, and…

Read more →

Software teams building services in JavaScript are adding more layers of defense to handle untrusted file uploads. An open-source project called Pompelmi aims to insert malware scanning and policy checks directly into Node.js applications before files reach storage or business…

Read more →

Most organizations view AI identities through the same lens used for other non-human identities, such as service accounts, API keys, and chatbots, according to The State of Non-Human Identity and AI Security report by the Cloud Security Alliance. AI identities…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: When open science meets real-world cybersecurity In this Help Net Security interview, Matthew Kwiatkowski, CISO at Fermilab, America’s particle physics and accelerator laboratory, discusses where…

Read more →

Microsoft has updated the timeline for transitioning the Microsoft Sentinel experience from the Azure portal to the Microsoft Defender portal from July 1, 2026 to March 31, 2027. The updated schedule extends access by nearly nine months. Microsoft said the…

Read more →

A federal jury in California convicted former Google software engineer Linwei Ding, also known as Leon Ding, on seven counts of economic espionage and seven counts of theft of trade secrets tied to AI technology. Ding faces a maximum sentence…

Read more →

Arkose Labs announced Arkose Titan, a unified platform that protects enterprises from human and AI-powered fraud, scraping and bot attacks. Unlike fragmented point solutions, Arkose Titan provides defense-in-depth through intelligent detection and adaptive mitigation against both traditional and emerging AI…

Read more →