Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
malware
HybridPetya: (Proof-of-concept?) ransomware can bypass UEFI Secure Boot

ESET researchers have discovered HybridPetya, a bootkit-and-ransomware combo that’s a copycat of the infamous Petya/NotPetya malware, augmented with the capability of …

DMARC
The state of DMARC adoption: What 10M domains reveal

In this Help Net Security video, John Wilson, Senior Fellow, Threat Research at Fortra, explores the state of DMARC adoption across the top 10 million internet domains. He …

Garak
Garak: Open-source LLM vulnerability scanner

LLMs can make mistakes, leak data, or be tricked into doing things they were not meant to do. Garak is a free, open-source tool designed to test these weaknesses. It checks …

lock
Fixing silent failures in security controls with adversarial exposure validation

Organizations often operate as if their security controls are fully effective simply because they’re deployed, configured, and monitored. Firewalls are in place, …

CIS_financial_sector_cybersecurity_guide
Download: Cyber defense guide for the financial sector

Data breaches cost more for financial organizations than they do for those in many other industries. In attempting to strengthen your financial organization’s …

Eye
Are we headed for an AI culture war?

In this Help Net Security video, Matt Fangman, Field CTO at SailPoint, discusses whether an AI culture war is inevitable. He explores the rise of AI agents as a new identity …

DevOps
Cyber defense cannot be democratized

The democratization of AI has fundamentally lowered the barrier for threat actors, creating a bigger pool of people who can carry out sophisticated attacks. The so-called …

week in review
Week in review: Several companies affected by the Salesloft Drift breach, Sitecore 0-day vulnerability

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Zscaler, Palo Alto Networks, SpyCloud among the affected by Salesloft Drift …

Patch Tuesday
September 2025 Patch Tuesday forecast: The CVE matrix

September 2025 Patch Tuesday is now live: Microsoft, Adobe, SAP deliver critical fixes for September 2025 Patch Tuesday We work in an industry driven by Common Vulnerabilities …

cybersecurity budgets
Smart ways CISOs can do more with less

In this Help Net Security video, Jill Knesek, CISO at BlackLine, shares practical strategies for CISOs navigating tighter budgets. From maximizing existing tools and vendor …

Outpost24 CyberFlex
CyberFlex: Flexible Pen testing as a Service with EASM

About CyberFlex CyberFlex is an Outpost24 solution that combines the strengths of its Pen-testing-as-a-Service (PTaaS) and External Attack Surface Management (EASM) solutions. …

BruteForceAI
BruteForceAI: Free AI-powered login brute force tool

BruteForceAI is a penetration testing tool that uses LLMs to improve the way brute-force attacks are carried out. Instead of relying on manual setup, the tool can analyze HTML …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools