Tag: Help Net Security

Qwiet AI has unveiled updates to its application security platform. These updates, which include expanded integrations across Azure DevOps, Azure Boards, and GitHub, and the introduction of new AI-powered AutoFix capabilities and an enhanced user experience, are set to revolutionize…

Read more →

Unit21 has launched its Build Your Own Agent (BYOA) for banks, credit unions, and fintechs. The product enables risk and compliance teams to automate fraud and AML tasks, turning hours of manual data gathering, sorting and sifting into just minutes…

Read more →

Over 300,000 internet-facing Plex Media Server instances are still vulnerable to attack via CVE-2025-34158, a critical vulnerability for which Plex has issued a fix for earlier this month, Censys has warned. About CVE-2025-34158 Plex Media Server (PMS) is software that…

Read more →

AI is moving faster than regulation, and that creates opportunities and risks for compliance teams. While governments work on new rules, businesses cannot sit back and wait. In this Help Net Security video, Matt Hillary, CISO at Drata, look at…

Read more →

A single prompt injection in a customer-facing chatbot can leak sensitive data, damage trust, and draw regulatory scrutiny in hours. The technical breach is only the first step. The real risk comes from how quickly one weakness in an AI…

Read more →

This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Buttercup: Open-source AI-driven system detects and patches vulnerabilities Buttercup is a free, automated, AI-powered platform that finds and fixes vulnerabilities in open-source…

Read more →

Doppel has introduced a new product called Doppel Simulation, which expands its platform for defending against social engineering. The tool uses autonomous AI agents to create multi-channel simulations that mirror how attackers operate across email, SMS, messaging apps, and soon…

Read more →

Both domestic and foreign technology companies collect vast amounts of Americans’ personal data through mobile applications, according to Incogni. Some apps leverage data for marketing and advertising purposes, feeding algorithms to calculate optimal prices based on consumer behavior, often leading…

Read more →

Three new vulnerabilities affecting (Citrix) NetScaler application delivery controller (ADC) and Gateway devices have been made public, one of which (CVE-2025-7775) has been targeted in zero-day attacks. “Exploits of CVE-2025-7775 on unmitigated appliances have been observed,” Citrix has confirmed, and…

Read more →

SpyCloud released the Consumer IDLink solution, designed to help financial institutions and other consumer-facing organizations reduce risk and prevent fraud stemming from consumer identity exposures. Consumer IDLink, delivered via API, uses SpyCloud’s proprietary identity matching analytics to unify fragmented identity…

Read more →

CVE-2025-48384, a recently patched vulnerability in the popular distributed revision control system Git, is being exploited by attackers. Details about the attacks are not public, but the confirmation of exploitation comes from the US Cybersecurity and Infrastructure Security Agency (CISA),…

Read more →

Agriculture is a connected, software-driven industry where cybersecurity is just as essential as tractors and harvesters. From embedded hardware in smart fleets to defending against advanced persistent threats, protecting the agricultural supply chain requires a layered, collaborative approach. In this…

Read more →

Anyone who has set up a smart home knows the routine: one app to dim the lights, another to adjust the thermostat, and a voice assistant that only understands exact phrasing. These systems call themselves smart, but in practice they…

Read more →

The energy sector remains a major target for cybercriminals. Beyond disrupting daily routines, a power outage can undermine economic stability and public safety. Rising demand for electricity, fueled by technology and digital growth, only adds to the sector’s vulnerability. A…

Read more →

In this Help Net Security video, Michael Burch, Director of Application Security at Security Journey, explains how organizations can build a secure AI culture. He highlights the risks of banning AI outright, the dangers of shadow AI, and practical steps…

Read more →

Sr. Cybersecurity Analyst Aecon Group Inc. | USA | On-site – View job details As a Sr. Cybersecurity Analyst, you will lead cybersecurity and compliance efforts within construction operations, particularly those involving federal contracts and infrastructure projects. Senior Manager, Technology…

Read more →

ScreenConnect cloud administrators across all region and industries are being targeted with fake email alerts warning about a potentially suspicious login event. The goal of the attackers is to grab the login credentials and MFA tokens of Super Admins: users…

Read more →

Cloudflare announced new capabilities for Cloudflare One, its zero trust platform, designed to help organizations securely adopt, build and deploy emerging generative AI applications. With these new features, Cloudflare is giving customers the ability to automatically understand, analyze and set…

Read more →

Criminals are taking advantage of macOS users’ need to resolve technical issues to get them to infect their machines with the Shamos infostealer, Crowdstrike researchers have warned. To prevent macOS security features from blocking the installation, the malware peddlers are…

Read more →

Insider threats are among the hardest attacks to detect because they come from people who already have legitimate access. Security teams know the risk well, but they often lack the data needed to train systems that can spot subtle patterns…

Read more →