Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
Europe
EU cybersecurity standards are at risk if supplier ban passes

Today, the European standards body ETSI sent a formal position paper to the European Commission, calling for changes to the proposed Cybersecurity Act 2 (CSA2), the EU’s …

LLM
Command integrity breaks in the LLM routing layer

Systems that rely on LLM agents often send requests through intermediary routing services before reaching a model. These routers connect to different providers through a …

wireless
Wi-Fi roaming security practices for access network providers and identity providers

Public Wi-Fi roaming networks carry authentication credentials across multiple administrative boundaries, and the protocols governing that process vary widely in their …

OpenAI
OpenAI expands its cyber defense program with GPT-5.4-Cyber for vetted researchers

Defending critical software has long depended on the ability to find and fix vulnerabilities faster than attackers can exploit them. OpenAI is expanding a program designed to …

CISO
The exploit gap is closing, and your patch cycle wasn’t built for this

The Cloud Security Alliance has published a briefing on what it calls a turning point in the threat landscape: the time between a vulnerability being discovered and a working …

Nuno Rodrigues Carvalho
Coordinated vulnerability disclosure is now an EU obligation, but cultural change takes time

In this Help Net Security interview, Nuno Rodrigues Carvalho, Head of Sector for Incident and Vulnerability Services at ENISA, discusses the recent CVE funding scare and what …

Microsoft Office
Microsoft ends desktop detour for sensitivity labels in Office web apps

Microsoft is rolling out an update to Office for the web that removes a long-standing limitation around document protection, adding new control to browser-based apps. …

Anthropic
Testing reveals Claude Mythos’s offensive capabilities and limits

Could Claude Mythos Preview, Anthropic’s latest large language model, be leveraged for fully automated cyber attacks? The UK government’s AI Security Institute …

AI
AI adoption is outpacing the safeguards around it

AI is becoming part of professional and private life, reaching mainstream adoption faster than the personal computer or the internet. These systems are tested in reasoning, …

Idan Habler
Agentic AI memory attacks spread across sessions and users, and most organizations aren’t ready

In this Help Net Security interview, Idan Habler, AI Security Researcher at Cisco, breaks down a threat most security teams haven’t named yet: agentic memory as an …

The Psychology of Information Security
Review: The Psychology of Information Security

Security controls fail when they are designed without regard for the people who must use them. That is the central argument of Leron Zinatullin’s second edition, and it …

AI agents
29 million leaked secrets in 2025: Why AI agents credentials are out of control

AI agents need credentials to work. They authenticate with LLM platforms, connect to databases, call SaaS APIs, access cloud resources, and orchestrate across dozens of …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released for important security events and breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools