September 2025

Rayhunter: EFF releases open-source tool to detect cellular spying
The Electronic Frontier Foundation (EFF) has released Rayhunter, a new open-source tool designed to detect cell site simulators (CSS). These devices, also known as IMSI …

Bots vs. humans? Why intent is the game-changer
In this Help Net Security video, Jérôme Segura, VP of Threat Research at Datadome, explains why intent, not just identifying bots, must be the new focus for cybersecurity …

Old file types, new tricks: Attackers turn everyday files into weapons
Attackers are finding new ways to blend in with everyday business tools, hiding their activity inside formats and processes that workers and IT teams often trust. The latest …

Self-replicating worm hits 180+ npm packages in (largely) automated supply chain attack
A potentially monumental supply chain attack is underway, thanks to a self-replicating worm-like payload that has been compromising packages published on the npm Registry. The …

Sentra enables organizations to leverage Copilot without compromising security
Sentra launched its solution for securing Microsoft 365 Copilot, enabling organizations to adopt Copilot with confidence while remaining compliant and protecting sensitive …

Neon Cyber exits stealth with Workforce Cybersecurity Platform
Neon Cyber announced its emergence from stealth and unveiled its Workforce Cybersecurity Platform (WCP), delivering protection across browsers, SaaS applications, and …

Digital.ai brings expert-level cryptography to any developer team
Digital.ai released its App Sec White-box Cryptography Agent to simplify application security for developers and help customers ensure that every application requiring …

Ransomware attackers used incorrectly stored recovery codes to disable EDR agents
All target organizations are different, but ransomware attackers are highly adaptive and appreciate – and will exploit – any mistake you make. The latest Akira …

N-able strengthens backup threat protection
N-able has enhanced the capabilities of Cove Data Protection with the launch of Anomaly Detection as a Service (ADaaS). Strengthening Cove’s defense against cyberthreats, this …

GitHub adds post-quantum protection for SSH access
GitHub is adding post-quantum cryptography to secure SSH connections, a move that signals the company’s preparation for a time when current encryption may no longer be safe. …

Salt Security secures AI agent actions across enterprise APIs
Salt Security introduced a new solution designed to secure the actions AI agents take within the enterprise. As large organizations adopt agentic AI, agents are increasingly …

Building security that protects customers, not just auditors
In this Help Net Security interview, Nir Rothenberg, CISO at Rapyd, discusses global differences in payment security maturity and the lessons that can be learned from leading …