Help Net Security

It’s time to secure the extended digital supply chain
Organizations’ increasing reliance on third-party software and services has created an environment with more vulnerabilities and harder-to-detect risks. Attackers know they …

Silent breaches are happening right now, most companies have no clue
The breaches and ransomware attacks of 2024 highlighted systemic vulnerabilities, demonstrating how third-party and fourth-party dependencies amplify risks across industries, …

CEOs must act now to embrace AI or risk falling behind
While 4 out of 5 CEOs recognize AI’s potential, many worry gaps in their understanding will impact strategic decisions, risking missed opportunities and falling behind …

February 2025 Patch Tuesday forecast: New directions for AI development
February 2025 Patch Tuesday is now live: Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) The new year has started with a whirlwind of …

Security validation: The new standard for cyber resilience
Security validation has officially turned a corner. Once considered a “nice-to-have” it’s now a top priority for security leaders worldwide. This shift has been accelerated by …

Evolving uses of tokenization to protect data
Tokenization replaces sensitive data, such as credit card numbers or personal identifiers, with unique, non-sensitive tokens with no exploitable value. This method helps …

Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) …

Self-sovereign identity could transform fraud prevention, but…
The way we manage digital identity is fundamentally broken. The root of the problem lies in traditional, centralized identity models, where a single organization holds and …

Ghidra 11.3 released: New features, performance improvements, bug fixes
NSA’s Research Directorate released version 11.3 of Ghidra, an open-source software reverse engineering (SRE) framework. It offers advanced analysis tools, enabling users to …

Infosec pros struggle under growing compliance
The implementation of new regulatory measures that impact the UK, EU, and beyond are driving organizations to enhance vigilance in addressing evolving cybersecurity and …

Overconfident execs are making their companies vulnerable to fraud
Cyber fraud (which includes activity such as hacking, deepfakes, voice cloning and highly sophisticated phishing schemes) rose by 14% year over year, according to Trustpair. …

Enterprises invest heavily in AI-powered solutions
AI is driving significant changes in attack sources, with 88% of enterprises observing an increase in AI-powered bot attacks in the last two years, according to Arkose Labs. …
Featured news
Resources
Don't miss
- August 2025 Patch Tuesday forecast: Try, try again
- Third-party partners or ticking time bombs?
- What GPT‑5 means for IT teams, devs, and the future of AI at work
- Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786)
- SonicWall: Attackers did not exploit zero-day vulnerability to compromise Gen 7 firewalls