Tag: Help Net Security

Adobe has pushed out an emergency security update for Adobe Acrobat Reader, patching a zero-day vulnerability (CVE-2026-34621) exploited in the wild since November 2025. About CVE-2026-34621 CVE-2026-34621 is a critical prototype pollution vulnerability – a type of vulnerability that occurs…

Read more →

Siemens will present the next generation of its Industrial Automation DataCenter, a custom-configured data center for IT needs in production, expanding its turnkey solution into an AI-ready platform. Structure of the Siemens Industrial Automation DataCenter and its Remote Industrial Operations…

Read more →

On April 7 and 8, Dutch police arrested eight suspects in a nationwide operation targeting users of the VerifTools platform as part of an identity fraud investigation. The suspects, all men aged 20 to 34, are accused of identity fraud,…

Read more →

ZeroID is an open-source identity platform that implements an identity and credentialing layer specifically for autonomous agents and multi-agent systems. The attribution problem The core issue ZeroID targets is attribution in agentic workflows. When an orchestrator agent spawns sub-agents to…

Read more →

In this Help Net Security interview, Art Manion, Deputy Director at Tharros, examines why vulnerability data across repositories stays inconsistent and hard to trust. The problem starts with systems not designed to collect or manage that data well. They introduce…

Read more →

Financial fraud losses in the United States reached $16.6 billion in 2024, up from $4.2 billion in 2020. Behind those numbers is a structural problem: the teams responsible for stopping fraud, fraud investigators and cybersecurity analysts, have historically operated separately,…

Read more →

In this video, John Murray, Senior Vice President of Sales at GlobalSign, explains what’s changing in the certificate industry and what companies need to do about it. Certificate validity periods are shrinking, which means companies will need to rotate certificates…

Read more →

In this Help Net Security interview, Archit Lohokare, CEO of AppViewX, explains how the rise of AI marked a turning point where machine and AI agent identities began converging into a single problem. Drawing on his experience across IBM and…

Read more →

Trisquel GNU/Linux, a free operating system aimed at home users, small enterprises, and educational centers, released version 12.0. The release, codenamed Ecne, is declared production-ready and builds on the previous version, Aramo, with changes to packaging, the kernel, security, and…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Cloudflare moves up its post-quantum deadline as researchers narrow the path to Q-Day Cloudflare announced it is targeting 2029 to complete post-quantum security across its…

Read more →

Security researchers at Jamf have uncovered a new ClickFix-style attack targeting Mac users via a fake Apple-themed webpage offering instructions on how to “reclaim disk space on your Mac”. The malicious page (Source: Jamf) ClickFix for everybody ClickFix is a…

Read more →

A financially motivated hacking group is targeting Canadian employees with a sophisticated campaign designed to covertly redirect their salary payments into attacker-controlled bank accounts, Microsoft researchers discovered. SEO poisoning and malvertising + phishing + AiTM The group, which Microsoft tracks…

Read more →

Google has expanded Gmail client-side encryption to Android and iOS devices, allowing users to engage with their organization’s most sensitive data on mobile devices while ensuring data remains compliant with sovereignty and compliance requirements. This feature is available for Enterprise…

Read more →

Cookie theft follows a well-established pattern. Infostealer malware infiltrates a device, extracts authentication cookies, and exfiltrates them to an attacker-controlled server. Because cookies often have extended lifetimes, attackers can access accounts without passwords, then bundle and sell the stolen credentials.…

Read more →

The Apiiro CLI brings the Apiiro platform to your terminal and to your AI coding assistants, giving them six native security capabilities: scanning, risk management, remediation, an AI security analyst (via Apiiro Guardian Agent), AI Threat Modeling, and prompt enrichment.…

Read more →

Network monitoring on Linux has long been a gap for users who want per-process visibility into outbound connections. Existing tools either operate at the command line or were designed for server security rather than desktop privacy. Objective Development, the Austrian…

Read more →

I just blinked and the first quarter of the year is GONE. Where does the time go? I looked back at my article from last month where I touched on the use of AI and some of the vulnerabilities associated…

Read more →

In this Help Net Security interview, Aqsa Taylor, Chief Security Evangelist, Exaforce, explains vibe hunting, an AI-driven approach to threat detection that inverts traditional hypothesis-driven methods. Instead of analysts defining attack vectors upfront, the AI scans datasets for anomalous patterns…

Read more →

Lead generation websites that offer health insurance quotes collect sensitive personal data and sell it to multiple buyers within seconds of a user clicking submit. A study by researchers at UC Davis, Stanford University, and Maastricht University mapped this process…

Read more →

Instant messaging has been around for decades, but it became widely adopted with the emergence of smartphones. Earlier, communication was limited to basic text messages. Messaging expanded to include photos, videos, and video calls without relying on telecom networks, as…

Read more →