Tag: Help Net Security

Vulnerabilities in Apple’s AirPlay Protocol, AirPlay Software Development Kits (SDKs), and the CarPlay Communication Plug-in could allow attackers to compromise AirPlay-enabled devices developed and sold by Apple and by other companies. “Because AirPlay is a fundamental piece of software for…

Read more →

Emails purportedly sent by rental property management firms are being used to steal money from people in France and Canada, Proofpoint researchers have warned. A BEC scam preying on renters “Most campaigns are sent from compromised mailboxes belonging to educational…

Read more →

Frontegg launched Frontegg.ai, an identity management platform purpose-built for developers building AI agents. As AI agents move beyond experiments to becoming critical internal and market-facing enterprise products, secure, scalable identity infrastructure becomes essential to achieve market-readiness. While standards like Anthropic’s…

Read more →

Legit Security has unveiled new functionalities that leverage AI to help security teams more quickly shore up gaps in their AppSec programs. Specifically, Legit now leverages AI to drive advanced discovery for code-to-cloud correlation, increased precision in issues prioritization and…

Read more →

Hewlett Packard Enterprise has announced expansions of HPE Aruba Networking and HPE GreenLake cloud to help enterprises modernize secure connectivity and hybrid cloud operations by blending multi-layered and zero trust approaches to protect against threats. These new expansions include: New…

Read more →

BigID launched AI Data Lineage, a new solution that provides organizations with visibility into how AI models access, process, and utilize data. As organizations increasingly integrate AI into their workflows, understanding the data lineage of AI interactions is critical for…

Read more →

Securonix announced the next phase of Securonix EON, introducing modular GenAI Agents. These specialized, decision-capable agents are designed to perform high-impact jobs to be done (JTBD) across the threat detection, investigation, and response (TDIR) lifecycle. These intelligent security agents represent…

Read more →

Skyhigh Security announced the expansion of its Skyhigh AI offering to include additional data protection solutions for Copilot for Microsoft 365 and ChatGPT Enterprise. This development follows the company’s earlier introduction of Skyhigh AI, an advanced suite of AI-powered capabilities…

Read more →

Torii unveiled Torii Eko, an agentic SaaS Management Platform, ushering in a new era of AI-powered execution for modern software management. Torii Eko includes three intelligent in-platform agents: Eko Assist, available now; and Eko Insight and Eko Act, both coming…

Read more →

Arkose Labs has announced the expansion of its security portfolio with two new offerings: Arkose Edge and Arkose Scraping Protection. These innovations address the growing challenges large enterprises face in securing their complex digital perimeters and protecting valuable content from…

Read more →

Saviynt launched AI-powered Identity Security Posture Management (ISPM) as part of its converged Identity Cloud platform. Saviynt’s ISPM provides actionable insights into an organization’s identity and access posture, offering an intelligent starting point to prioritizing and remediating risks. “As GE…

Read more →

The Ledger Flex is a hardware wallet designed for the secure storage of cryptocurrencies and NFTs. It combines security features with a user-friendly interface, making it suitable for both beginners and more experienced users. Ledger Flex stores your private keys…

Read more →

Trellix announced advancements to Trellix DLP Endpoint Complete, available globally in Q2 2025. New offerings and features incorporate intelligent capabilities to enhance Trellix’s data loss prevention (DLP) solutions, enabling customers to protect sensitive information in non-text file formats, strengthen compliance…

Read more →

The mobile threat landscape has shifted. According to Zimperium’s 2025 Global Mobile Threat Report, attackers are now prioritizing mobile devices over desktops. For enterprises, mobile is no longer a secondary risk. It’s now one of the primary attack surfaces. CVE…

Read more →

Villain is an open-source Stage 0/1 command-and-control (C2) framework designed to manage multiple reverse TCP and HoaxShell-based shells. Beyond simply handling connections, Villain enhances these shells with added functionality, offering commands and utilities, and allowing for shell sessions sharing across…

Read more →

Adversaries are infiltrating upstream software, hardware, and vendor relationships to quietly compromise downstream targets. Whether it’s a malicious update injected into a CI/CD pipeline, a rogue dependency hidden in open-source code, or tampered hardware components, these attacks bypass traditional defenses…

Read more →

As AI brings about excitement and transformative potential, the report reveals that organizations are forging ahead with innovations despite increased security concerns, according to LevelBlue’s 2025 Futures Report. In fact, just 29% of executives surveyed say they are reluctant to…

Read more →

In 2024, threat actors exploited 75 zero-days – i.e., vulnerabilities previously unknown to vendors, thus without a readily available patch – in a wide variety of attacks. Of these, 33 vulnerabilities (44%) affected enterprise solutions, which is up from 37%…

Read more →

Bitwarden launched Access Intelligence, a set of new capabilities that enables enterprises to proactively defend against internal credential risks and external phishing threats. Access Intelligence introduces two core functionalities: Risk Insights, which allows IT teams to identify, prioritize, and remediate…

Read more →

ExtraHop launched all-in-one sensor designed to unify network traffic collection that scales across a number of security use cases. This further advances ExtraHop’s vision to consolidate NDR, network performance monitoring (NPM), intrusion detection (IDS), and full packet forensics into an…

Read more →