Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
SaaS
OAuth, guest accounts, and weak MFA drive SaaS risk

Organizations often create guest accounts to give contractors, suppliers, and partners temporary access to files and SaaS applications. Many of these accounts remain active …

SSH
Non-interactive SSH attacks dominate after login

Anyone who runs a server with SSH exposed to the internet sees the same pattern in the logs. A steady stream of automated scanners tries to log in, hour after hour, from …

Alysia Johnson
Securing digital keys when your phone unlocks the car

In this interview with Help Net Security, Alysia Johnson, President of the Car Connectivity Consortium (CCC), explains how the CCC Digital Key has grown from a single-brand …

China
China-linked spies backdoored authentication stack to stay hidden for years

A China-linked cyber espionage group known as Velvet Ant spent nearly a decade inside the internal network of an unnamed organization without being detected, according to the …

Apple Passwords app
Apple Intelligence can now replace weak passwords without user intervention

Apple’s next generation of Apple Intelligence, the company’s personal intelligence system, expands its capabilities and introduces new security features in Passwords. …

Let's Encrypt
Let’s Encrypt works toward post-quantum certificates at web scale

Let’s Encrypt plans to pursue a post-quantum-safe Web PKI through Merkle Tree Certificates (MTCs), a new approach that adds post-quantum authentication to the web without …

car key
Thieves can pull off keyless car theft in under a minute and here’s how to stop them

A keyless car can be stolen in under a minute. Two people, a pair of cheap radio amplifiers, and a fob sitting on a hallway table inside the house. That is enough. No broken …

Microsoft Entra ID
Microsoft Entra pushes passkeys, tightens identity security

Microsoft has released multiple identity and network access capabilities for Entra, its family of identity and network access products that help organizations implement a zero …

Proton Pass
Proton Pass adds monitored credential sharing for AI agents

Proton Pass, a secure, end-to-end encrypted password manager, added credential sharing through AI access tokens, allowing users to give AI agents access to selected items and …

NFC
The new economics of fraud: Cheaper, faster, more convincing

Scams have become one of the fastest-growing consumer risks, driven by AI-enabled impersonation, social engineering, and sophisticated attack methods, according to Visa’s …

GitProtect.io 2026 DevSecOps threat landscape
7 hard truths security pros should know: 2026 DevOps Threats Report

In 2025, trusted Git hosting platforms became a playground for cyber criminals. This is the main conclusion from the latest “DevOps Threat Unwrapped Report 2026” by …

identity
What happens when your identity provider becomes the kill chain

In this Help Net Security video, Colin Constable, CTO at Atsign, explains why your identity provider (IdP) has become the kill chain in cyberattacks. Attackers steal session …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released for important security events and breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools