Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
Rustinel
Rustinel: Open-source endpoint detection for Windows and Linux

Open-source endpoint detection has long been split between Windows-focused tools built around Sysmon and Linux tools built around eBPF or auditd. Defenders running mixed …

Foundations of Cybersecurity, 2nd Edition
Review: Foundations of Cybersecurity, 2nd edition

Jason Andress has refreshed his introductory security text for No Starch Press. He writes in the introduction that the term security now extends past data center servers to …

Claude Firefox
What Mozilla learned running an AI security bug hunting pipeline on Firefox

Over the past several months, Mozilla ran an agentic harness powered by Claude Mythos Preview across Firefox’s source code, identifying 271 security bugs that were fixed …

button
One keypress is all it takes to compromise four AI coding tools

Developers clone unfamiliar repositories all the time. Open-source projects, work from teammates, sample code from a tutorial, a library someone recommended on a forum. The …

MCP Python Hooks
Open-source MCP server monitoring for Python apps

Pythonic Model Context Protocol servers handle tool calls, session events, module imports, and subprocess activity. BlueRock has released MCP Python Hooks, an open source …

AIMap
AIMap: Open-source tool finds and tests exposed AI endpoints

Public-facing Ollama servers, MCP endpoints, and inference proxies have multiplied across the internet over the past year, often deployed without authentication or rate …

LinkedIn
LinkedIn job scams push most pros to verify roles before applying

Questioning whether a job posting is genuine has become part of the application routine for most professionals. 72% stop to consider the legitimacy of a role at least …

Android verification
Google expands Android Binary Transparency to counter supply chain attacks

Supply chain attacks on mobile software have grown alongside the expanding role of phones in daily life, from payments to government IDs to AI features. Google is responding …

security operations
Cutting the cost of SIEM rule conversion

You inherit two thousand detection rules from an acquisition. They are written for a platform your company does not use. Your senior detection engineer estimates six months to …

AWS Rex
AWS open sources Trusted Remote Execution to control what AI agents touch

Production scripts that read a log file generally hold the same permissions as scripts that delete one. The execution context decides what gets touched, and that gap widens …

Pipelock
Pipelock: Open-source AI agent firewall

AI coding agents run with shell access, environment variables containing API keys, and unrestricted internet connectivity, creating a single point of failure where one …

watch
Your work apps are quietly handing 19 data points to someone

Office work in 2026 runs through a stack of mobile apps that sit on the same phones people use for banking, messaging family, and tracking their location. Ten of the most …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released for important security events and breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools