August 2025
Noodlophile infostealer is hiding behind fake copyright and PI infringement notices
Attackers pushing the Noodlophile infostealer are targeting businesses with spear-phishing emails threatening legal action due to copyright or intellectual property …
How security teams are putting AI to work right now
AI is moving from proof-of-concept into everyday security operations. In many SOCs, it is now used to cut down alert noise, guide analysts during investigations, and speed up …
Buttercup: Open-source AI-driven system detects and patches vulnerabilities
Buttercup is a free, automated, AI-powered platform that finds and fixes vulnerabilities in open-source software. Developed by Trail of Bits, it recently earned second place …
Review: Data Engineering for Cybersecurity
Data Engineering for Cybersecurity sets out to bridge a gap many security teams encounter: knowing what to do with the flood of logs, events, and telemetry they collect. About …
Weak alerting and slipping prevention raise risk levels for CISOs
Prevention effectiveness is falling, detection gaps remain wide, and attackers are exploiting weaknesses in data protection and credentials. Data theft prevention has dropped …
Bridging the AI model governance gap: Key findings for CISOs
While most organizations understand the need for strong AI model governance, many are still struggling to close gaps that could slow adoption and increase risk. The findings …
Week in review: 2 threat actors exploiting WinRAR 0-day, Microsoft fixes “BadSuccessor” Kerberos flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: WinRAR zero-day was exploited by two threat actors (CVE-2025-8088) The RomCom …
How military leadership prepares veterans for cybersecurity success
In this Help Net Security interview, Warren O’Driscoll, Head of Security Practice at NTT DATA UK and Ireland, discusses how military leadership training equips veterans …
Cyber insurance market shows early signs of maturity
The cyber insurance market is entering a new phase of evolution and showing early signs of maturity, according to recent research from Arctic Wolf. Brokers and carriers are …
Obot MCP Gateway: Open-source platform to securely manage the adoption of MCP servers
Obot MCP Gateway is a free, open-source gateway that enables IT organizations to securely manage and scale adoption of Model Context Protocol (MCP) servers. MCPs are becoming …
Fighting fraud with AI: The new identity security playbook
In this Help Net Security video, Hal Lonas, CTO at Trulioo, talks about the rise of synthetic identity fraud and how it’s quickly becoming one of the biggest threats in …
Employees race to build custom AI apps despite security risks
The latest Netskope findings show a 50% increase in GenAI platform usage among enterprise end-users, driven by growing employee demand for tools to develop custom AI …
Featured news
Resources
Don't miss
- Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)
- Stealthy attack serves poisoned web pages only to AI agents
- September 2025 Patch Tuesday forecast: The CVE matrix
- Google fixes actively exploited Android vulnerabilities (CVE-2025-48543, CVE-2025-38352)
- CyberFlex: Flexible Pen testing as a Service with EASM