data protection
General Motors to pay $12.75 million over driver data sales
General Motors has agreed to a $12.75 million settlement with California over allegations that it unlawfully sold drivers’ location and behavioral data to brokers, …
Škoda confirms unauthorized access to its online shop
Car manufacturer Škoda discovered that attackers had exploited a vulnerability in its online shop software and gained temporary unauthorized access to the system. What …
US state privacy fines reached $3.425 billion in 2025
State privacy regulators across the United States collected $3.425 billion in privacy-related fines from companies in 2025. Gartner said the upward trend is expected to …
A study of 1,000 Android apps finds a privacy policy logging gap
Android developers write log statements for the same reasons they always have: debugging crashes, tracing performance issues, and understanding how features behave in …
What managing partners should ask AI vendors before signing any contract
In this Help Net Security interview, Kumar Ravi, Chief Security & Resilience Officer at TMF Group, argues that over-privileged access and weak workflow controls pose more …
Comp AI: The open-source way to get compliant with SOC 2, ISO 27001, HIPAA and GDPR
Getting a startup through a SOC 2 audit has long meant months of manual evidence collection, policy writing, and repeated back-and-forth with auditors. A growing number of …
Your APIs are under siege, and attackers are just getting warmed up
Internet-facing systems are handling sustained levels of malicious traffic across APIs, web applications, and DDoS channels. Akamai’s State of the Internet security report …
EU Parliament backs extension of CSAM detection rules until 2027
The European Parliament has voted to extend a temporary exemption to EU privacy legislation that allows online platforms to voluntarily detect child sexual abuse material …
Healthcare organizations are accepting cyber risk to cut costs
Healthcare organizations are cutting cybersecurity budgets under financial pressure even as the threats targeting their systems intensify. A PwC survey of 381 global …
5 years of shifting cybersecurity behavior
Online security is built through routine decisions made across devices and accounts. People choose how to create passwords, how often to reuse them, and how much effort to …
AI-driven DAST reduces manual setup and surfaces exploitable vulnerabilities
In this Help Net Security interview, Joni Klippert, CEO at StackHawk, discusses what defines DAST coverage in 2026 and why scan completion does not equal security. She …
Reddit fined $19.5 million for failing to protect children’s personal data
The UK’s Information Commissioner’s Office (ICO) has fined Reddit $19.5 million after finding that the company failed to use children’s personal information lawfully, exposing …
Featured news
Resources
Don't miss
- Earbud sensors can authenticate users by their heartbeat, study finds
- AI is drowning software maintainers in junk security reports
- Attackers are exploiting critical NGINX vulnerability (CVE-2026-42945)
- Attackers accessed, downloaded code from Grafana Labs’ GitHub
- The AI backdoor your security stack is not built to see