Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
compliance
Half the defense base still builds security around compliance

CMMC requirements are appearing in defense contracts and moving down through supplier networks to thousands of companies new to this kind of compliance work. Many run on …

malware
Mystery hackers use novel SharkLoader dropper against governments, software devs

Kaspersky researchers have uncovered a previously unknown cyberattack campaign that has compromised government organizations and software development companies in multiple …

Fortinet
74,000 Fortinet firewall credentials exposed in FortiBleed data leak

A Russian-speaking cybercriminal group has stolen credentials contained in the configuration files of nearly 74,000 Fortinet firewalls and VPN gateways around the world. The …

critical infrastructure cyber safety
The checklist problem behind critical infrastructure cyber safety

An asset owner can meet major federal cyber compliance standards and still run equipment that lacks the engineering to withstand an attack or a failure. New research from …

eye
Chinese hackers breached North American research institutions via REDCap servers

A China-linked cyber espionage operation targeted North American medical research institutions through compromised REDCap servers, using custom malware to gain persistent …

Military
Proving what a military AI model will do is the real problem

Defense contractors build AI systems that task drones automatically and propose kill-chains to support soldiers. Several of these contractors have partnered with frontier AI …

CISA
CISA orders federal agencies to “patch smarter”

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a Binding Operational Directive that will change how the US federal government approaches …

US Department of Justice
FBI seizes 13 websites linked to alleged Chinese intelligence-gathering effort

Federal authorities have seized 13 internet domains allegedly used to target current and former U.S. government employees and military personnel with access to classified and …

France
French government messaging platform breached through account hijacking

French authorities are investigating a compromise of Tchap, the government’s secure messaging platform, after hackers hijacked a user account and gained access to public …

SolarWinds
CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)

A vulnerability (CVE-2026-28318) that can be exploited to crash SolarWinds Serv-U file transfer servers is being leveraged by attackers in the wild, the US Cybersecurity and …

Antonija Vojnović
EU organizations buckle under rising compliance pressure

Cybersecurity governance in the EU is shifting under expanding frameworks such as NIS2 and DORA, while AI raises new questions for security teams. What the future brings is …

lock
US states step up cyber defenses to protect local communities

U.S. state governments are taking on a larger role in cybersecurity to help protect local communities and essential services. Many states are building state-led cyber defense …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released for important security events and breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools