Category: Help Net Security

Fortinet announced new enhancements to FortiCNAPP that help organizations better understand and prioritize cloud risk beyond what many CNAPP solutions offer. By correlating cloud configuration, identity exposure, vulnerabilities, network enforcement, data sensitivity, and runtime behavior within a single workflow, FortiCNAPP…

Read more →

Cloudbrink has expanded security and performance benefits for AI agents and online AI services. The new AI capabilities are available on the same platform as Cloudbrink’s secure connectivity, allowing companies to secure users, apps, and AI in a more unified…

Read more →

Volante Technologies announced the launch of its Multi-cloud Resiliency Service, engineered to keep financial institutions’ payment operations running seamlessly during major cloud provider outages. Built on Volante’s cloud-native payments platform, the service provides cross-cloud continuity, eliminating single-cloud/provider dependency for the…

Read more →

Yubico announced a significant expansion of YubiKey as a Service, introducing new capabilities that make modern organizations more agile and cyber resilient. With new Self-Service Ordering of YubiKeys enabled through a more streamlined Customer Portal, organizations can deliver phishing-resistance company-wide.…

Read more →

Teleport has unveiled the Teleport Agentic Identity Framework, an AI-centered framework that provides organizations with a roadmap for securely deploying agentic AI across production cloud and on-premises environments. The framework will evolve alongside the industry and community needs, defining the…

Read more →

To add an extra layer of protection to its end-to-end encryption, WhatsApp has begun rolling out a new privacy and security feature called Strict Account Settings. It is designed to help users protect their accounts from sophisticated cyberattacks. “We think…

Read more →

Pondurance launched RansomSnare, a new module for its MDR service that halts ransomware attacks at the moment the malicious process attempts to encrypt files and prevents threat actors from exfiltrating sensitive data. RansomSnare is a next-generation ransomware prevention capability that…

Read more →

Google announced updates to the Android theft protection features that expand existing safeguards and make stolen devices harder to use. These updates are available on Android 16 and later. One update builds on Failed Authentication Lock, a feature introduced in…

Read more →

CERT UEFI Parser, a new open-source security analysis tool from the CERT Coordination Center has been released to help researchers and defenders examine the structure of Unified Extensible Firmware Interface (UEFI) software and identify classes of vulnerabilities that are often…

Read more →

Once a secret enters Git, it’s expensive to remediate. But the real problem runs deeper than cost. Grégory Maitrallain, Solution Architect at Orange Business, discovered this reality during their implementation: “Once a secret is pushed to GitLab or GitHub, you…

Read more →

Security and risk teams often rely on documentation and audit artifacts that reflect how an AI system worked months ago. ETSI’s continuous auditing based conformity assessment specification (ETSI TS 104 008) describes a different approach, where conformity is evaluated through…

Read more →

A new study shows that some of the most widely used AI-powered browser extensions are a privacy risk. They collect lots of data and require a high level of browser access. The research was conducted by Incogni, which analyzed 442…

Read more →

Fortinet has begun releasing FortiOS versions that fix CVE-2026-24858, a critical zero-day vulnerability that allowed attackers to log into targeted organizations’ FortiGate firewalls. “This vulnerability was found being exploited in the wild by two malicious FortiCloud accounts, which were locked…

Read more →

Tenable announced general availability of Tenable One AI Exposure. With this release, the Tenable One Exposure Management Platform unifies AI protection, discovery and usage governance across the enterprise, including SaaS platforms, cloud services, APIs and agents. AI is deeply embedded…

Read more →

A malware delivery campaign detailed by Blackpoint researchers employs an impressive array of tricks to deliver an infostealer to employees without triggering enterprise defenses or close examination by security researchers. The attackers aim to get the Amatera Stealer installed on…

Read more →

NICE Actimize launched Actimize Insights Network, an intelligence network designed to give financial institutions real-time visibility into counterparty risk. Leveraging insights from its Fraud and Financial Crime network, the Actimize Insights Network delivers the scale and precision needed to prevent…

Read more →

Amazon Web Services has added IPv6 support to IAM Identity Center through new dual-stack endpoints. The update allows identity services to operate over IPv6 networks while continuing to support IPv4. The change applies to access portals, managed applications, and service…

Read more →

Microsoft Purview Data Security Investigations is now available. The tool is part of Microsoft Purview and is intended for scenarios such as data breach and leak investigations, credential exposure, internal fraud and bribery, sensitive data exposure in Teams, and inappropriate…

Read more →

HackerOne announced Agentic Pentest as a Service (Agentic PTaaS), delivering continuous security validation by combining autonomous agent execution with human expertise to ensure every finding reflects exploitable risk that security teams can trust and act on at scale. Enterprise security…

Read more →

NETSCOUT announced new capabilities that further enhance its observability solutions to address critical gaps in remote site management and risks stemming from expired SSL/TLS certificates. New nGeniusONE solution enhancements support real-time deep packet inspection (DPI) over Ethernet or Wi-Fi 7,…

Read more →