Help Net Security
Week in review: AiTM phishing kit used to hijack AWS accounts, year-long malware campaign targets HR
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Turning expertise into opportunity for women in cybersecurity Speaker …
Passwords, MFA, and why neither is enough
Passwords weren’t enough, so we added MFA. Now MFA isn’t enough either. In this Help Net Security video, Karlo Zatylny, CTO/CISO at Portnox, walks through why each …
Does Anthropic deserve the trust of the cybersecurity community?
The cybersecurity industry runs on trust. The belief that when a vendor says they will behave a certain way, they will, that critical CVEs are in fact critical, or when …
Zero trust, zero buzzwords: Here’s what it means
In this Help Net Security video, Murat Balaban, CEO of Zenarmor, breaks down zero trust and zero trust network access (ZTNA) without the buzzwords. The video covers why this …
This spy tool has been quietly stealing data for years
ESET researchers have traced the resurgence of Sednit through a modern toolkit built around two complementary implants, BeardShell and Covenant, each relying on a separate …
Week in review: Weaponized OAuth redirection logic delivers malware, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: BlacksmithAI: Open-source AI-powered penetration testing framework …
March 2026 Patch Tuesday forecast: Is AI security an oxymoron?
Developers and analysts are using more AI tools to produce code and to test both the performance and security of the finished products. They are also embedding AI …
Why phishing still works today
In this Help Net Security video, Gal Livschitz, Senior Penetration Tester at Terra Security, explains how phishing has evolved and why employees still fall for it. He outlines …
Engineering trust: A security blueprint for autonomous AI agents
AI agents have evolved from just chatbots, answering questions to executing actions using various integrated tools, often autonomously, and as such the traditional security …
Webinar: The True State of Security 2026
AI has become the most popular scapegoat in security. While the risk is real, the obsession is costly. Most security failures don’t start with AI. They start with people, …
The vulnerability that turns your AI agent against you
Zenity Labs disclosed PleaseFix, a family of critical vulnerabilities affecting agentic browsers, including Perplexity Comet, that allow attackers to hijack AI agents, access …
Why workforce identity is still a vulnerability, and what to do about it
Most organizations believe they have workforce identity under control. New hires are verified. Accounts are provisioned. Multi-factor authentication is enforced. Audits are …
Featured news
Resources
Don't miss
- Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245)
- June 2026 Patch Tuesday forecast: Where are the CVEs?
- AgentGG: Open-source agentic SAST scanner
- Thieves can pull off keyless car theft in under a minute and here’s how to stop them
- OAuth marketplace apps keep access after publishers vanish