Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
lock
US states step up cyber defenses to protect local communities

U.S. state governments are taking on a larger role in cybersecurity to help protect local communities and essential services. Many states are building state-led cyber defense …

world map
Lessons for organizations from the Verizon 2026 Data Breach Investigations Report

This is my favourite time of the year, not just because spring is here and the promise of summer is on the way. But also, because one of my must reads each year gets …

OpenHack
OpenHack: Open-source AI-powered vulnerability research

Source-guided vulnerability research increasingly leans on coding harnesses such as Claude Code, Codex, and Cursor to drive agent-based reviews of application code. A new …

money
Boards want cyber risk in dollars, not CVE counts

In this Help Net Security video, Ziv Levi, SVP of Technology at CYE, explains why translating cyber risk into dollars is one of the most pressing tasks for security leaders. …

shadow AI
Turns out the C-suite loves shadow AI

Senior decision-makers are the heaviest users of unapproved AI tools, and they continue using them despite being aware of the security and privacy risks linked to shadow AI, …

cybersecurity week in review
Week in review: GitHub breached via poisoned VS Code extension, critical NGINX flaw exploited

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise …

WordPress
$20 per zero-day is already the WordPress plugin reality

Vulnerability researchers have spent the past year arguing about whether AI agents can find real bugs at scale or whether they mostly generate noise. A pipeline built in three …

keys
Deleted Google API keys keep working for up to 23 minutes, researchers warn

Google API keys are credentials that let applications access Google services, from Maps to the Gemini AI. If a key is leaked, an attacker can use it to make API calls, rack up …

Help Net Security
Kore.ai unveils AI-native platform for enterprise multiagent systems

Kore.ai has launched the new-generation Kore.ai Agent Platform Artemis edition, the AI-programmable, AI-native foundation that builds, governs, and optimizes the agents, …

botnet
Suspected KimWolf botnet admin arrested over DDoS-for-hire operation

U.S. and Canadian authorities arrested and charged a Canadian man accused of operating the KimWolf DDoS botnet, a service linked to attacks that infected more than one million …

Help Net Security
Versa extends zero trust principles to AI agents and MCP workflows

Versa has introduced a patent-pending zero trust architecture for the Model Context Protocol (MCP), applying zero trust principles to AI execution. The company said every …

Help Net Security
GitLab 19.0 adds AI workflows, secrets management, and self-hosted model support

GitLab released GitLab 19.0 with expanded secrets management, agentic merge request workflows, improved CI pipeline visibility, support for self-hosted open-source models, and …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released for important security events and breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools