Category: Help Net Security

SolarWinds has fixed six critical and high-severity vulnerabilities in its popular Web Help Desk (WHD) support ticketing and asset management solution, and is urging customers to upgrade to v2026.1 as soon as possible. The vulnerabilities The WHD vulnerabilities fixed were…

Read more →

Dynatrace announced next-generation Real User Monitoring (RUM) capabilities that deliver unified insights across web and mobile applications. RUM has become essential to understanding how applications perform for real users. But as organizations shift to dynamic, cloud-native, and AI-driven architectures, including…

Read more →

Open source malware activity during 2025 concentrated on a single objective: executing code inside developer environments, according to Sonatype. The focus reflected a broader shift in supply chain attacks away from end users and toward the tools, machines, and pipelines…

Read more →

This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. OpenAEV: Open-source adversarial exposure validation platform OpenAEV is an open source platform designed to plan, run, and review cyber adversary simulation campaigns…

Read more →

Most hackers spend more time learning, testing, and comparing notes than breaking into systems. The work often happens alone or in small groups, shaped by curiosity, persistence, and a habit of examining how systems behave. Bugcrowd examined who these security…

Read more →

In this Help Net Security video, Shebani Baweja, CISO for Consumer, Private, Wealth & Business Banking at Standard Chartered, explains how security leaders should think about cyber resilience. She outlines why preparation for extreme events matters as much as day…

Read more →

ImmuniWeb has hit another all-time sales record in 2025, while successfully sustaining double-digit year-over-year (YoY) growth and remaining profitable. During 2025, the company announced 4 major updates to the ImmuniWeb AI Platform. All products for web, mobile, and API security…

Read more →

ESET researchers have identified an Android spyware campaign that uses romance scam tactics to target individuals in Pakistan. The operation relies on a malicious app disguised as a chat service that routes conversations through WhatsApp. Behind the romance lure, the…

Read more →

OPNsense, the open-source firewall and network security platform, reached version 26.1, adding a range of updates affecting management, traffic visibility, automation interfaces, and core services. Changes in firewall management and APIs Version 26.1, code-named Witty Woodpecker, introduces revisions to the…

Read more →

Veracode announced significant platform innovations introduced through the second half of 2025. Headlining the release is Package Firewall, a preventive control for software supply chains, advancing the company’s mission to help organizations run secure software from code to cloud. With…

Read more →

State-sponsored hackers and financially motivated attackers continue leveraging a critical WinRAR vulnerability (CVE-2025-8088) that’s been fixed over half a year ago. CVE-2025-8088 is a path traversal vulnerability that can be exploited via maliciously crafted RAR archives. “The exploit chain often…

Read more →

MIND announced DLP for Agentic AI, a data-centric approach to AI security designed to help organizations safely achieve the business value of agentic AI by ensuring sensitive data and AI systems interact safely and responsibly. Agentic AI can autonomously create,…

Read more →

Rein Security emerged from stealth to address blind spots in application and AI security. Building on an initial $8 million seed round led by Glilot Capital, Rein delivers a patent pending technology that provides real-time context and protection inside application…

Read more →

France intends to phase out non-European videoconferencing platforms such as Zoom and Microsoft Teams from its public administration, opting instead for a nationally developed solution due to security considerations. Ending the use of paid software licenses is expected to generate…

Read more →

Teams using automation platforms are starting to treat conversational AI as another operational interface. That change is reflected in a new feature from n8n, which has introduced a built-in Chat Hub designed to let users interact with AI models and…

Read more →

McAfee announced upgrades to Scam Detector that improve protection across common scam channels. The enhanced tool helps users check QR code safety and identify suspicious direct messages across apps. In 2025, according to McAfee’s 2026 State of the Scamiverse report,…

Read more →

Fortinet announced new enhancements to FortiCNAPP that help organizations better understand and prioritize cloud risk beyond what many CNAPP solutions offer. By correlating cloud configuration, identity exposure, vulnerabilities, network enforcement, data sensitivity, and runtime behavior within a single workflow, FortiCNAPP…

Read more →

Cloudbrink has expanded security and performance benefits for AI agents and online AI services. The new AI capabilities are available on the same platform as Cloudbrink’s secure connectivity, allowing companies to secure users, apps, and AI in a more unified…

Read more →

Volante Technologies announced the launch of its Multi-cloud Resiliency Service, engineered to keep financial institutions’ payment operations running seamlessly during major cloud provider outages. Built on Volante’s cloud-native payments platform, the service provides cross-cloud continuity, eliminating single-cloud/provider dependency for the…

Read more →

Yubico announced a significant expansion of YubiKey as a Service, introducing new capabilities that make modern organizations more agile and cyber resilient. With new Self-Service Ordering of YubiKeys enabled through a more streamlined Customer Portal, organizations can deliver phishing-resistance company-wide.…

Read more →