Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

Mirko Zorz

malware
A single platform powers SIM farm proxy networks across 17 countries

Racks of phones and 4G modems, connected to carrier networks and rented out as commercial mobile proxy services, are operating across at least 94 locations in 17 countries. An …

NGate NFC malware
NGate NFC malware targets Android users through trojanized payment app

NFC-based payment fraud is expanding geographically and operationally. A campaign active since November 2025 is targeting Android users in Brazil using a new variant of the …

SmokedMeat
SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines

Boost Security has released SmokedMeat, an open-source framework that runs attack chains against CI/CD infrastructure so engineering and security teams can see what an …

stress
Workplace stress in 2026 is still worse than before the pandemic

Roughly 40% of employees worldwide said they experienced a lot of stress during the previous day, according to Gallup’s State of the Global Workplace 2026 report, a …

malware
Cargo theft malware actor spent a month inside a decoy network before researchers pulled the plug

Proofpoint researchers executed a malicious payload from a threat actor known to target trucking and logistics companies in late February 2026, doing so inside a decoy …

GitHub
GitHub lays out copyright liability changes and upcoming DMCA review for developers

A U.S. Supreme Court ruling issued in March has settled a question that has circulated among platform operators and developers for years: whether a service provider can be …

Europe
EU cybersecurity standards are at risk if supplier ban passes

Today, the European standards body ETSI sent a formal position paper to the European Commission, calling for changes to the proposed Cybersecurity Act 2 (CSA2), the EU’s …

CISO
The exploit gap is closing, and your patch cycle wasn’t built for this

The Cloud Security Alliance has published a briefing on what it calls a turning point in the threat landscape: the time between a vulnerability being discovered and a working …

Nuno Rodrigues Carvalho
Coordinated vulnerability disclosure is now an EU obligation, but cultural change takes time

In this Help Net Security interview, Nuno Rodrigues Carvalho, Head of Sector for Incident and Vulnerability Services at ENISA, discusses the recent CVE funding scare and what …

Data
Network segmentation projects fail in predictable patterns

Most enterprise networks have segmentation on the roadmap. Many have had it there for years. A survey of 400 U.S.-based network security practitioners who lived through failed …

Idan Habler
Agentic AI memory attacks spread across sessions and users, and most organizations aren’t ready

In this Help Net Security interview, Idan Habler, AI Security Researcher at Cisco, breaks down a threat most security teams haven’t named yet: agentic memory as an …

The Psychology of Information Security
Review: The Psychology of Information Security

Security controls fail when they are designed without regard for the people who must use them. That is the central argument of Leron Zinatullin’s second edition, and it …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools