Criminal networks industrialize payment fraud operations
Fraud operations are expanding faster than payment defenses can adjust. Criminal groups function like coordinated businesses that develop tools, automate tasks, and scale …
New “HashJack” attack can hijack AI browsers and assistants
Security researchers at Cato Networks have uncovered a new indirect prompt injection technique that can force popular AI browsers and assistants to deliver phishing links or …
Small language models step into the fight against phishing sites
Phishing sites keep rising, and security teams are searching for ways to sort suspicious pages at speed. A recent study explores whether small language models (SLMs) can scan …
How an AI meltdown could reset enterprise expectations
In this Help Net Security interview, Graham McMillan, CTO at Redgate Software, discusses AI, security, and the future of enterprise oversight. He explains why past incidents …
What insurers really look at in your identity controls
Insurers judge organizations by the strength of their identity controls and by how consistently those controls are applied, according to a new Delinea report. CISOs are …
How one quick AI check can leak your company’s secrets
In this Help Net Security video, Dinesh Nagarajan, Global Partner, Cyber Security Services at IBM Consulting, walks through a situation in which an employee shared production …
Convenience culture is breaking personal security
AI is changing how scams are built, shared, and trusted. A new global survey from Bitdefender shows how far the problem has spread. AI is helping scams evolve faster than …
Security gap in Perplexity’s Comet browser exposed users to system-level attacks
There is a serious security problem inside Comet, the AI-powered agentic browser made by Perplexity, SquareX researchers say: Comet’s MCP API allows the browser’s …
BlueCodeAgent helps developers secure AI-generated code
When AI models generate code, they deliver power and risk at the same time for security teams. That tension is at the heart of the new tool called BlueCodeAgent, designed to …
The confidence trap holding security back
Security leaders often feel prepared for a major cyber incident, but performance data shows a different reality. Teams continue to miss key steps during practice scenarios, …
Metis: Open-source, AI-driven tool for deep security code review
Metis is an open source tool that uses AI to help engineers run deep security reviews on code. Arm’s product security team built Metis to spot subtle flaws that are often …
What security pros should know about insurance coverage for AI chatbot wiretapping claims
AI-powered chatbots raise profound concerns under federal and state wiretapping and eavesdropping statutes that is being tested by recent litigation, creating greater exposure …
Featured news
Resources
Don't miss
- Earbud sensors can authenticate users by their heartbeat, study finds
- AI is drowning software maintainers in junk security reports
- Attackers are exploiting critical NGINX vulnerability (CVE-2026-42945)
- Attackers accessed, downloaded code from Grafana Labs’ GitHub
- The AI backdoor your security stack is not built to see