Mirko Zorz
Why AI changed the threat model for travel technology
In this Help Net Security interview, Devon Bryan, SVP, Global CSO at Booking Holdings, reflects on his path from Air Force network security engineer to global CSO across …
AI red teaming agents change how LLMs get tested
Adversarial probing of LLMs has piled up a sprawling toolkit over the past three years. Attack techniques with names like Tree of Attacks with Pruning, Crescendo, and Skeleton …
Communicating cyber risk in dollars boards understand
In this Help Net Security interview, Nick Nieuwenhuis, Cybersecurity Architect at Nedscaper, explains why cybersecurity has not delivered the resilience that decades of …
CVE Lite CLI: Open-source dependency vulnerability scanner
Dependency vulnerability scanning in JavaScript and TypeScript projects has long sat at the end of the development pipeline. Pull requests get opened, continuous integration …
Earbud sensors can authenticate users by their heartbeat, study finds
Researchers built a continuous authentication system called AccLock that identifies a wearer by the tiny vibrations a heartbeat makes inside the ear canal. The signal comes …
Vector embedding security gap exposes enterprise AI pipelines
Enterprise adoption of retrieval-augmented generation has moved sensitive corporate content into a new storage format that existing security tools cannot inspect. Companies …
KDE gets over €1 million investment to strengthen security and core infrastructure
European governments and public institutions have been shifting away from proprietary software for years, and the financial infrastructure supporting open-source alternatives …
Sandyaa: Open-source autonomous security bug hunter
Source code auditing has traditionally relied on static analyzers that flag long lists of potential issues, leaving engineers to sort bugs from noise. A new open-source …
Researchers open-source a Wi-Fi cyber range for security training
Wireless security training programs lean heavily on generic network labs, with Wi-Fi appearing as a checkbox alongside Bluetooth, Zigbee, and cellular. Hands-on environments …
Amazon Quick authorization bypass let users reach blocked AI chat agents
Enterprises running Amazon Quick, the AWS business intelligence and agentic AI service, rely on a feature called custom permissions to restrict who inside an account can use …
HEIDI: Free IDE security plugin for open-source vulnerability checks
Open-source dependencies make up a large percentage of the code in production applications, and most vulnerability checks still run late in the pipeline, inside CI/CD systems …
The hidden smart fridge risks that emerge years after purchase
Household refrigerators are built to last more than a decade. The software, cloud services, and mobile apps that control them are not. A new analysis from Erik Buchmann at …
Featured news
Resources
Don't miss
- Microsoft open-sources tools for designing and testing AI agents
- GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise
- Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)
- Why AI changed the threat model for travel technology
- AI red teaming agents change how LLMs get tested