cybersecurity
AI isn’t one system, and your threat model shouldn’t be either
In this Help Net Security interview, Naor Penso, CISO at Cerebras Systems, explains how to threat model modern AI stacks without treating them as a single risk. He discusses …
LLMs work better together in smart contract audits
Smart contract bugs continue to drain real money from blockchain systems, even after years of tooling and research. A new academic study suggests that large language models …
Identity risk is changing faster than most security teams expect
Security leaders are starting to see a shift in digital identity risk. Fraud activity is becoming coordinated, automated, and self-improving. Synthetic personas, credential …
Clipping Scripted Sparrow’s wings: Tracking a global phishing ring
Between June 2024 and December 2025, Fortra analysts tracked a persistent business email compromise (BEC) operation that we have now classified as Scripted Sparrow. The group …
More than half of public vulnerabilities bypass leading WAFs
Miggo Security has released a new report that examines how web application firewalls are used across real-world security programs. The research outlines the role WAFs play as …
The soft underbelly of space isn’t in orbit, it’s on the ground
In this Help Net Security interview, Øystein Thorvaldsen, CISO at KSAT, discusses how adversaries view the ground segment as the practical way to reach space systems and why …
What cybersecurity leaders are reading to stay ahead
If you’re looking for holiday gift ideas, books remain one of the simplest ways to spark curiosity and support someone’s growth. Whether the person on your list is exploring …
Why vulnerability reports stall inside shared hosting companies
Security teams keep sending vulnerability notifications, and the same pattern keeps repeating. Many alerts land, few lead to fixes. A new qualitative study digs into what …
How exposure management changes cyber defense
In this Help Net Security video, Larry Slusser, VP of Strategy at SixMap, explains why endpoint detection and response is only part of the security story. Drawing on his work …
AI breaks the old security playbook
AI has moved into enterprise operations faster than many security programs expected. It is embedded in workflows, physical systems, and core infrastructure. Some AI tools …
Ro’s CISO on managing data flows in telehealth
In this Help Net Security interview, Scott Bachand, CIO/CISO at Ro, discusses how telehealth reshapes the flow of patient data and what that means for security. He explains …
AI might be the answer for better phishing resilience
Phishing is still a go-to tactic for attackers, which is why even small gains in user training are worth noticing. A recent research project from the University of Bari looked …
Featured news
Resources
Don't miss
- January 2026 Patch Tuesday forecast: And so it continues
- How AI agents are turning security inside-out
- Security teams are paying more attention to the energy cost of detection
- Recently fixed HPE OneView flaw is being exploited (CVE-2025-37164)
- PoC released for unauthenticated RCE in Trend Micro Apex Central (CVE-2025-69258)