Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
business
Reading between the lines of a cyber insurance policy

Enterprises in regulated industries often carry cyber insurance policies because contracts require it or boards ask for documented risk transfer. The global market for these …

email
Finance phishing works because it sounds boringly normal

Finance departments process a constant stream of invoices, contracts, payment notices, and procurement emails, making email one of the most common initial access vectors for …

authentication
Only 28% of financial workforce MFA is phishing-resistant

Passwords remain part of many workforce authentication flows in financial organizations, making phishing and credential theft major identity security risks, according to a new …

face
Financial groups lay out a plan to fight AI identity attacks

Generative AI tools have brought the cost of deepfake production low enough that criminals and state-sponsored actors now use them routinely against financial institutions. A …

Microsoft 365 phishing
EvilTokens ramps up device code phishing targeting Microsoft 365 users

Security researchers report a notable increase in device code phishing activity aimed at Microsoft 365 users, and have attributed this rise to the availability of EvilTokens, …

F5
Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521)

A critical unauthenticated remote code execution vulnerability (CVE-2025-53521) in F5’s BIG-IP Access Policy Manager (APM) solution is under active exploitation, the US …

call center
Consumers feel less judged by AI debt collectors

Debt collection agencies are starting to use automated voice systems and AI-driven messaging to handle consumer calls. These systems help scale outreach, reduce call center …

Notepad++
How state-sponsored attackers hijacked Notepad++ updates

UPDATE: Notepad++ supply chain attack: Researchers reveal details, IoCs, targets Suspected Chinese state-sponsored attackers hijacked the Notepad++ update mechanism by …

key
A new framework helps banks sort urgent post-quantum crypto work from the rest

Financial institutions now have a concrete method for deciding where post-quantum cryptography belongs on their security roadmaps. New research coordinated by Europol sets out …

financial crime
Banks built rules for yesterday’s crime and RegTech is trying to fix that

Criminals are moving money across borders faster, and financial institutions are feeling the squeeze. Compliance teams feel this strain every day as they try to keep up with …

fraud
Criminal networks industrialize payment fraud operations

Fraud operations are expanding faster than payment defenses can adjust. Criminal groups function like coordinated businesses that develop tools, automate tasks, and scale …

Paul J. Mocarski
When every day is threat assessment day

In this Help Net Security interview, Paul J. Mocarski, VP & CISO at Sammons Financial Group, discusses how insurance carriers are adapting their cybersecurity strategies. …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released for important security events and breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools