Artificial intelligence
Measuring security performance in real-time, not once a quarter
Most organizations have invested heavily in security products over the past decade. The assumption embedded in that spending is that more tools equal better protection. Tim …
Your AI agents are moving sensitive data. Do you know where?
In this Help Net Security interview, Gidi Cohen, CEO at Bonfy.AI, addresses what he sees as the most pressing gap in AI agent security: data-layer risk. While the industry …
Fake AI songs streamed billions of times, netting fraudster $10 million
Michael Smith, 54, of Cornelius, North Carolina, has pleaded guilty in federal court to running a scheme that exploited music streaming platforms and diverted royalty payments …
AI got it wrong with high confidence. Now what?
In this Help Net Security interview, Christian Debes, Head of Data Analytics & AI at SPRYFOX, talks about the growing gap between what AI models do and what their …
Big tech companies step in to support the open source security ecosystem
Backed by new funding commitments from major technology players, open source security efforts are moving beyond threat identification toward practical solutions for defenders. …
Microsoft zeroes in on AI-driven data risks in Fabric
New Microsoft Purview innovations for Microsoft Fabric help organizations secure data and accelerate AI adoption. The updates focus on identifying risks, preventing data …
Hidden instructions in README files can make AI agents leak data
Developers rely on AI coding agents to set up projects, install dependencies, and run commands by following instructions in repository README files, which provide setup …
AI coding agents keep repeating decade-old security mistakes
Coding agents are now writing production features on real development teams, and a new report from DryRun Security shows that those agents introduce security vulnerabilities …
ENISA advisory examines package manager security risks
Developers install external libraries with a single command, and that step can introduce more code than expected into a project environment. Dependency resolution inside …
Agentic attack chains advance as infostealers flood criminal markets
Cybercriminals spent much of 2025 automating their operations, shifting from one-off attacks to systems that can run entire intrusion cycles with minimal human input. Data …
Does Anthropic deserve the trust of the cybersecurity community?
The cybersecurity industry runs on trust. The belief that when a vendor says they will behave a certain way, they will, that critical CVEs are in fact critical, or when …
Researchers uncover AI-powered vishing platform
A vishing-as-a-service platform that helps scammers carry out so-called “press 1” scams is misusing text-to-speech (TTS) capabilities provided by AI voice …
Featured news
Resources
Don't miss
- Social engineering attacks on open source developers are escalating
- Chaos malware expands from routers to Linux cloud servers
- What managing partners should ask AI vendors before signing any contract
- Anthropic’s new AI model finds and exploits zero-days across every major OS and browser
- Comp AI: The open-source way to get compliant with SOC 2, ISO 27001, HIPAA and GDPR