Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

cybersecurity

door
One in four MCP servers opens AI agent security to code execution risk

Enterprise deployments of AI agents lean on two extension mechanisms that introduce risk at different layers of the stack. MCP servers expose deterministic code functions with …

Pipelock
Pipelock: Open-source AI agent firewall

AI coding agents run with shell access, environment variables containing API keys, and unrestricted internet connectivity, creating a single point of failure where one …

find
Spotting third-party cyber risk before attackers do

In this Help Net Security video, Jeffrey Wheatman, SVP and Cyber Strategist at Black Kite, discusses how organizations can identify and manage third-party cyber exposures …

LLM
What researchers learned about building an LLM security workflow

Security operations centers are running into the same wall everywhere. Detection tools generate more alerts than analysts can work through, and the early stages of any …

LLM red teaming
Automated LLM red teaming gets a learning layer

Automated red teaming of large language models has settled into a familiar pattern over the past two years. An attacker model generates jailbreak attempts against a target …

OpenAI
Time to keep up with AI-driven attacks is narrowing, OpenAI says

OpenAI is outlining a plan to expand access to advanced AI tools for cybersecurity defenders, warning that attackers are already using the technology to scale operations. In …

Scott Schnoll
The Exchange Online security controls organizations keep getting wrong

In this Help Net Security interview, Scott Schnoll, Microsoft MVP for Exchange, breaks down the Shared Responsibility Model, where Microsoft secures the cloud while …

identity
Identity discovery: The overlooked lever in strategic risk reduction

If you ask a CISO what keeps them up at night, the answer usually isn’t “lack of tools.” It’s uncertainty. Uncertainty about what they don’t see. Uncertainty about how far an …

IPFire
Open-source IPFire DNS Firewall blocks malware and phishing at the resolver

The IPFire project shipped Core Update 201 for its 2.29 release line, bringing DNS-layer domain blocking into the open-source firewall distribution. The update replaces two …

arXiv
Even cybersecurity researchers are exposing secrets in their arXiv LaTeX source

Researchers submit papers to arXiv every day, and most of them upload the LaTeX source files alongside the PDF. The preprint service requires source uploads when available, …

ics cybersecurity
ICS intrusion detection has blind spots that complicate plant security

Industrial control systems on plant floors run alongside a growing layer of monitoring software meant to catch intruders before they reach a turbine, a valve, or a chemical …

face
Your IAM was built for humans, AI agents don’t care

Identity and access management was built for a simpler world. One where the hardest problem was a human logging in, and where “Who are you?” was sufficient to …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released for important security events and breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools