automation
Automation can’t fix broken security basics
Most enterprises continue to fall short on basic practices such as patching, access control, and vendor oversight, according to Swimlane’s Cracks in the Foundation: Why …
When every day is threat assessment day
In this Help Net Security interview, Paul J. Mocarski, VP & CISO at Sammons Financial Group, discusses how insurance carriers are adapting their cybersecurity strategies. …
Autonomous AI could challenge how we define criminal behavior
Whether we ever build AI that thinks like a person is still uncertain. What seems more realistic is a future with more independent machines. These systems already work across …
Metrics don’t lie, but they can be misleading when they only tell IT’s side of the story
In this Help Net Security interview, Rik Mistry, Managing Partner at Interval Group, discusses how to align IT strategy with business goals. He explains how security, …
PortGPT: How researchers taught an AI to backport security patches automatically
Keeping older software versions secure often means backporting patches from newer releases. It is a routine but tedious job, especially for large open-source projects such as …
Google says 2026 will be the year AI supercharges cybercrime
Security leaders are staring down a year of major change. In its Cybersecurity Forecast 2026, Google paints a picture of a threat landscape transformed by AI, supercharged …
Attackers turn trusted OAuth apps into cloud backdoors
Attackers are increasingly abusing internal OAuth-based applications to gain persistent access to cloud environments, Proofpoint researchers warn. These apps often remain …
3 DevOps security pitfalls and how to stay ahead of them
In this Help Net Security video, Dustin Kirkland, SVP of Engineering at Chainguard, explores three of the most pressing DevOps security issues engineers encounter: unpatched …
GPT needs to be rewired for security
LLMs and agentic systems already shine at everyday productivity, including transcribing and summarizing meetings, extracting action items, prioritizing critical emails, and …
LLMs can boost cybersecurity decisions, but not for everyone
LLMs are moving fast from experimentation to daily use in cybersecurity. Teams are starting to use them to sort through threat intelligence, guide incident response, and help …
CISOs brace for a new kind of AI chaos
AI is being added to business processes faster than it is being secured, creating a wide gap that attackers are already exploiting, according to the SANS Institute. The scale …
Automated network pentesting uncovers what traditional tests missed
Most organizations run an annual network penetration test, remediate the issues it uncovers, and move on. But attackers are probing networks every day, using publicly …
Featured news
Resources
Don't miss
- Security work keeps expanding, even with AI in the mix
- Ivanti provides temporary patches for actively exploited EPMM zero-day (CVE-2026-1281)
- Google disrupts proxy network used by 550+ threat groups
- eScan AV users targeted with malicious updates
- Google agrees to pay $135 million over Android data harvesting claims