Help Net Security

How Brandolini’s law informs our everyday infosec reality
Brandolini’s law, also known as the “bullshit asymmetry principle”, is simple but devastating: “The amount of energy needed to refute bullshit is an order of magnitude …

Week in review: SonicWall firewalls targeted in ransomware attacks, Black Hat USA 2025
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Black Hat USA 2025 Black Hat USA 2025 took place at the Mandalay Bay …

August 2025 Patch Tuesday forecast: Try, try again
July turned into a surprisingly busy month. It started slowly with a fairly ‘calm’ Patch Tuesday as I forecasted in my last blog. Although there were 130 new CVEs addressed …

Third-party partners or ticking time bombs?
In this Help Net Security video, Ngaire Elizabeth Guzzetti, Technical Director Supply Chain at CyXcel, discusses why a third of U.S. organizations don’t trust …

Fraud controls don’t guarantee consumer trust
Over a third of companies say they are using AI, including generative AI, to fight fraud, according to Experian. As fraud threats become more complex, companies are …

Top solutions to watch after Black Hat USA 2025
Black Hat USA 2025 was packed with innovation, with companies showing off tools built to get ahead of what’s coming next. From smarter offensive security to new ways of …

Photos: Black Hat USA 2025
Here’s a look inside Black Hat USA 2025. The featured vendors are: Stellar Cyber, Vonahi Security, Gurucul, Check Point, HackerOne, EasyDMARC, Elastic, Google, Tines, …

Cybercriminals are getting personal, and it’s working
Cybercriminals are deploying unidentifiable phishing kits (58% of phishing sites) to propagate malicious campaigns at scale, indicating a trend towards custom-made or …

AI can write your code, but nearly half of it may be insecure
While GenAI excels at producing functional code, it introduces security vulnerabilities in 45 percent of cases, according to Veracode’s 2025 GenAI Code Security Report, which …

Open-source server management platform Proxmox VE 9.0 released
Proxmox Virtual Environment (VE) 9.0 introduces advancements in both storage and networking capabilities, addressing critical enterprise demands. A highlight is the …

Cybersecurity and the development of software-defined vehicles
In many automotive companies, the same systems-engineering teams are responsible for both safety and security. As a result, cybersecurity is treated as a subset of safety, …

Ransomware is up, zero-days are booming, and your IP camera might be next
Cyber attackers are finding new ways in through the overlooked and unconventional network corners. Forescout’s 2025H1 Threat Review reveals a surge in advanced tactics, …
Featured news
Resources
Don't miss
- Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms
- New framework aims to outsmart malware evasion tricks
- Finding connection and resilience as a CISO
- AI isn’t taking over the world, but here’s what you should worry about
- Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations