framework
EU tightens cybersecurity rules for tech supply chains
The European Commission has proposed a new cybersecurity package aimed at strengthening the EU’s cyber resilience, including a revised EU Cybersecurity Act designed to secure …
Security leaders push for continuous controls as audits stay manual
Security teams say they want real-time insight into controls, but still rely on periodic checks that trail daily operations. New RegScale research shows how wide that gap …
CISO Assistant: Open-source cybersecurity management and GRC
CISO Assistant is an open-source governance, risk, and compliance (GRC) platform designed to help security teams document risks, controls, and framework alignment in a …
Weak enforcement keeps PCI DSS compliance low
Payment card breaches continue to surface across industries, even after years of investment in security standards. A new study links this pattern to enforcement, showing that …
LLMs work better together in smart contract audits
Smart contract bugs continue to drain real money from blockchain systems, even after years of tooling and research. A new academic study suggests that large language models …
NVIDIA research shows how agentic AI fails under attack
Enterprises are rushing to deploy agentic systems that plan, use tools, and make decisions with less human guidance than earlier AI models. This new class of systems also …
CISOs are questioning what a crisis framework should look like
CISOs increasingly assume the next breach is coming. What concerns them most is whether their teams will understand the incident quickly enough to limit the fallout. A recent …
Attackers keep finding new ways to fool AI
AI development keeps accelerating while the safeguards around it move on uneven ground, according to The International AI Safety Report. Security leaders are being asked to …
DeepTeam: Open-source LLM red teaming framework
Security teams are pushing large language models into products faster than they can test them, which makes any new red teaming method worth paying attention to. DeepTeam is an …
The confidence trap holding security back
Security leaders often feel prepared for a major cyber incident, but performance data shows a different reality. Teams continue to miss key steps during practice scenarios, …
Protecting mobile privacy in real time with predictive adversarial defense
Mobile sensors are everywhere, quietly recording how users move, tilt, or hold their phones. The same data that powers step counters and activity trackers can also expose …
Healthcare security is broken because its systems can’t talk to each other
In this Help Net Security interview, Cameron Kracke, CISO at Prime Therapeutics, discusses how the healthcare ecosystem can achieve cohesive security visibility. With …
Featured news
Resources
Don't miss
- Dutch police disrupts botnet composed of 17 million devices
- New infostealer reaches enterprise devices through FortiClient EMS vulnerability
- LinkedIn-themed phishing abuses Adobe’s A/B testing platform
- The behavioral signals that sharpen Trojan malware detection
- Zapier exploit chain shows how known anti-patterns compose into critical risk