Tag: Help Net Security

The Android 17 rollout has started for supported Pixel devices, delivering new security and privacy capabilities before expanding to other devices later this year. Security and privacy updates Google has improved location privacy features so users can choose to share…

Read more →

Chainguard launched Athena, an industry coalition that pools open source vulnerability findings and remediates them under embargo before public disclosure. The group went live with more than two dozen member organizations. Founding members include BNY, Chainguard, Cisco, Cloudflare, Corridor, DepthFirst,…

Read more →

Apple will unify the email domains used by Sign in with Apple and iCloud+ Hide My Email under a shared domain, private.icloud.com, later this summer. Hide My Email is a service included with iCloud+, Apple’s subscription service. It allows users…

Read more →

Ukraine can now call on emergency cyber support from the European Union during large-scale cybersecurity incidents. The move follows a decision by the Council of the European Union to add the country to the EU Cybersecurity Reserve. The Reserve operates…

Read more →

Fortinet has announced the availability of FortiSOC, a unified, cloud-delivered security operations center (SOC) platform. FortiSOC brings together six security operations functions into a single Software-as-a-Service (SaaS) experience and embeds agentic AI to autonomously investigate and correlate alerts across assets…

Read more →

AI has settled into security operations centers faster than any earlier wave of technology. Around four in five practitioners report reaching for AI or machine learning tools in their daily work. The catch shows up one layer down. Roughly a…

Read more →

AntiSSRF is an open-source code library from Microsoft that validates URLs and network connections to reduce server-side request forgery (SSRF) risks in web applications. It supports .NET and Node.js applications and is distributed under the MIT license. The library works…

Read more →

Norton 360 Deluxe combines device security, scam detection, web protection, and VPN privacy in a single subscription that covers up to five devices. It is available for Windows, macOS, Android, and iOS. Setup and first impressions After downloading the app…

Read more →

In this Help Net Security video, Rick Goud, Global Field CTO at Kiteworks, discusses how to handle SEC, NIS2, and DORA disclosure timelines during a security incident. He opens with a 3.47 a.m. call: the team cannot confirm whether customer…

Read more →

An asset owner can meet major federal cyber compliance standards and still run equipment that lacks the engineering to withstand an attack or a failure. New research from George Mason University examines how United States cyber policy defines reasonable care…

Read more →

Attackers have been spotted exploiting three vulnerabilities (CVE-2026-39813, CVE-2026-39808, CVE-2026-25089) in FortiSandbox, a platform that other Fortinet security products depend on for threat verdicts to enforce blocking decisions and trigger automated responses. The warning came on Monday from threat intelligence…

Read more →

The DragonForce ransomware group used a custom malware called Backdoor.Turn to hide command-and-control traffic inside Microsoft Teams relay infrastructure during an intrusion at a U.S. services company, according to Symantec. DragonForce is a ransomware-as-a-service operation that has been active since…

Read more →

A critical vulnerability (CVE-2026-48558) in SimpleHelp, a popular remote monitoring and management (RMM) tool, can be exploited remotely by unauthenticated attackers to create a new “Technician” account and use it to remote into managed endpoints, execute scripts, and more. Maliciously…

Read more →

TekStream has announced the launch of TekStream Proactive Cyber Defense, a new expert-operated security service powered by Cosmos, the company’s cyber defense intelligence platform. The launch comes as organizations face a rapidly changing threat landscape shaped by AI-accelerated attacks, autonomous…

Read more →

AppViewX has announced Agent Identity Security, a new product within the AppViewX platform that discovers, governs, secures, and monitors AI agents across the entire enterprise. Agent Identity Security extends AppViewX’s platform, built on a decade of machine identity and PKI…

Read more →

Radware has announced AI Xploit Shield, a new service that provides organizations with protection for their applications and APIs from exploitation of newly discovered vulnerabilities. As emerging frontier AI models like Mythos from Anthropic accelerate vulnerability discovery, organizations face a…

Read more →

Teleport has announced the debut of two foundational capabilities of its Agentic Identity Framework in the public beta of Beams: LLM Proxy and Delegated Identity. These capabilities address a critical gap in how organizations deploy AI agents: the lack of…

Read more →

Scammers behind cryptocurrency investment schemes are dispatching couriers to pick up cash from victims in person, the FBI warns. According to the agency, scammers usually approach victims through social media, text messages, or fake investment personas, luring them into cryptocurrency…

Read more →

Cisco has revealed another Catalyst SD-WAN Manager vulnerability (CVE-2026-20262) that its Product Security Incident Response Team observed being exploited by attackers. But the associated security advisory also states that “the vulnerability was found during internal security testing”, raising the question…

Read more →

Software supply chain visibility is becoming part of product security work as the EU Cyber Resilience Act (CRA) moves toward application in December 2027. ENISA’s SBOM Adoption State of Play 2026 shows organizations preparing for CRA obligations through SBOM tooling,…

Read more →