Exposed training apps are showing up in active cloud attacks
Security teams often spin up vulnerable applications for demos, training, or internal testing. A recent Pentera research report documents how those environments are being left …
Unbounded AI use can break your systems
In this Help Net Security video, James Wickett, CEO of DryRun Security, explains cyber risks many teams underestimate as they add AI to products. He focuses on how fast LLM …
The internet’s oldest trust mechanism is still one of its weakest links
Attackers continue to rely on domain names as an entry point into enterprise systems. A CSC domain security study finds that large organizations leave this part of their …
A new framework helps banks sort urgent post-quantum crypto work from the rest
Financial institutions now have a concrete method for deciding where post-quantum cryptography belongs on their security roadmaps. New research coordinated by Europol sets out …
macOS Tahoe improves privacy and communication safety
macOS Tahoe privacy and security features focus on screening unwanted contact, limiting tracking, and keeping more decisions on the device. Most updates run quietly in the …
Microsoft updates the security baseline for Microsoft 365 Apps for enterprise
Microsoft has published version 2512 of its security baseline for Microsoft 365 Apps for enterprise. The baseline documents recommended policy settings for Office applications …
Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718?
CVE-2025-59718, a critical authentication bypass flaw that attackers exploited in December 2025 to compromise FortiGate appliances, appears to persist in newer, purportedly …
RCE flaw in Cisco enterprise communications products probed by attackers (CVE-2026-20045)
Cisco has fixed a critical remote code execution vulnerability (CVE-2026-20045) in some of its unified communications solutions that’s being targeted by attackers in the …
Check Point Exposure Management unifies threat intelligence, context, and remediation
Check Point announced Check Point Exposure Management, a new approach designed to help organizations defend against attacks by turning fragmented exposure data into …
Cohesity enhances identity resilience with ITDR capabilities
Cohesity has unveiled Identity Threat Detection and Response (ITDR) capabilities that expand its Identity Resilience portfolio, providing a more comprehensive approach to …
EU tightens cybersecurity rules for tech supply chains
The European Commission has proposed a new cybersecurity package aimed at strengthening the EU’s cyber resilience, including a revised EU Cybersecurity Act designed to secure …
Vectra AI helps organizations prevent AI-powered cyberattacks
Vectra AI launched the next generation of its flagship platform, purpose-built to protect the AI enterprise by delivering preemptive security and proactive defense against …
Featured news
Resources
Don't miss
- China-linked spies backdoored authentication stack to stay hidden for years
- AI vulnerability discovery is pushing 2026 CVEs toward 66,000
- PhishLumos: Exposing phishing campaigns that evade detection by hiding content
- Onspring CISO on where automated GRC systems fall short
- Open-source CI/CD abuse detector guards against stolen credential attacks