framework
Weak enforcement keeps PCI DSS compliance low
Payment card breaches continue to surface across industries, even after years of investment in security standards. A new study links this pattern to enforcement, showing that …
LLMs work better together in smart contract audits
Smart contract bugs continue to drain real money from blockchain systems, even after years of tooling and research. A new academic study suggests that large language models …
NVIDIA research shows how agentic AI fails under attack
Enterprises are rushing to deploy agentic systems that plan, use tools, and make decisions with less human guidance than earlier AI models. This new class of systems also …
CISOs are questioning what a crisis framework should look like
CISOs increasingly assume the next breach is coming. What concerns them most is whether their teams will understand the incident quickly enough to limit the fallout. A recent …
Attackers keep finding new ways to fool AI
AI development keeps accelerating while the safeguards around it move on uneven ground, according to The International AI Safety Report. Security leaders are being asked to …
DeepTeam: Open-source LLM red teaming framework
Security teams are pushing large language models into products faster than they can test them, which makes any new red teaming method worth paying attention to. DeepTeam is an …
The confidence trap holding security back
Security leaders often feel prepared for a major cyber incident, but performance data shows a different reality. Teams continue to miss key steps during practice scenarios, …
Protecting mobile privacy in real time with predictive adversarial defense
Mobile sensors are everywhere, quietly recording how users move, tilt, or hold their phones. The same data that powers step counters and activity trackers can also expose …
Healthcare security is broken because its systems can’t talk to each other
In this Help Net Security interview, Cameron Kracke, CISO at Prime Therapeutics, discusses how the healthcare ecosystem can achieve cohesive security visibility. With …
A new way to think about zero trust for workloads
Static credentials have been a weak point in cloud security for years. A new paper by researchers from SentinelOne takes direct aim at that issue with a practical model for …
Everyone’s adopting AI, few are managing the risk
AI is spreading across enterprise risk functions, but confidence in those systems remains uneven, according to AuditBoard. More than half of organizations report implementing …
A safer way to break industrial systems (on purpose)
Cybersecurity teams often struggle to test defenses for industrial control systems without risking disruption. A group of researchers from Curtin University has developed a …