Spotless compliance evidence can still hide a broken control
In this interview with Help Net Security, Marc Rubbinaccio, Head of Cybersecurity and Compliance at Secureframe, explains where security teams go wrong when preparing for CMMC …
How NIST fumbled management of the National Vulnerability Database
A US federal watchdog has outlined how the National Institute of Standards and Technology (NIST) failed to effectively manage the growing backlog of unprocessed cybersecurity …
NIST admits defeat on NVD backlog, will enrich only highest-risk CVEs going forward
NIST is overhauling how it manages the National Vulnerability Database (NVD) and switching to a risk-based model that prioritizes “enrichment” of only the most …
Iranian cyber activity hits US energy, water, and government networks
U.S. government agencies on Tuesday warned American organizations about ongoing cyber activity targeting OT and PLC devices, including those manufactured by Rockwell …
NIST updates its DNS security guidance for the first time in over a decade
DNS infrastructure underpins nearly every network connection an organization makes, yet security configurations for it have gone largely unrevised at the federal guidance …
NIST issues guidance on securing smart speakers
Smart home devices, such as voice-activated digital assistants, are increasingly used in home health care, with risks involved. An attacker could change a prescription, steal …
The quantum clock is ticking and businesses are still stuck in prep mode
Quantum computing is still years away from breaking current encryption, but many security teams are already worried about what happens when that moment arrives. A new report …
Outdated encryption leaves crypto wide open
The cryptocurrency sector faces an existential threat on two fronts: none of the 2,138 web applications and 146 mobile apps tested by ImmuniWeb support post-quantum …
GitHub adds post-quantum protection for SSH access
GitHub is adding post-quantum cryptography to secure SSH connections, a move that signals the company’s preparation for a time when current encryption may no longer be safe. …
New NIST guide explains how to detect morphed images
Face morphing software can blend two people’s photos into one image, making it possible for someone to fool identity checks at buildings, airports, borders, and other secure …
NIST finalizes lightweight cryptography standard for small devices
The National Institute of Standards and Technology (NIST) has finalized a lightweight cryptography standard to protect even the smallest networked devices from cyberattacks. …
CURBy: A quantum random number generator you can verify
NIST and the University of Colorado Boulder have created a public service that delivers random numbers using quantum mechanics. Called the Colorado University Randomness …
Featured news
Resources
Don't miss
- Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245)
- June 2026 Patch Tuesday forecast: Where are the CVEs?
- AgentGG: Open-source agentic SAST scanner
- Thieves can pull off keyless car theft in under a minute and here’s how to stop them
- OAuth marketplace apps keep access after publishers vanish