research
$100 radio equipment can track cars through their tire sensors
When people consider what might track their movements, they think of smartphone apps, GPS services, or roadside cameras. The tires of a new car rarely enter that equation. …
AI is becoming part of everyday criminal workflows
Underground forums include long threads about chatbots drafting phishing emails, generating code snippets, and coaching social engineering calls. A new study examined …
The hidden security cost of treating labs like data centers
In this Help Net Security interview, Rich Kellen, VP, CISO at IFF, explains why security teams should not treat OT labs like IT environments. He discusses how compromise can …
LLMs change their answers based on who’s asking
AI chatbots may deliver unequal answers depending on who is asking the question. A new study from the MIT Center for Constructive Communication finds that LLMs provide less …
Consumers feel less judged by AI debt collectors
Debt collection agencies are starting to use automated voice systems and AI-driven messaging to handle consumer calls. These systems help scale outreach, reduce call center …
Design weaknesses in major password managers enable vault attacks, researchers say
Can cloud-based password managers that claim “zero-knowledge encryption” keep users’ passwords safe even if their encrypted-vault servers are compromised? …
Apple privacy labels often don’t match what Chinese smart home apps do
Smart home devices in many homes collect audio, video, and location data. The apps that control those devices often focus on the account owner, even when the technology also …
In GitHub’s advisory pipeline, some advisories move faster than others
GitHub Security Advisories are used to distribute vulnerability information in open-source projects and security tools. A new study finds that only a portion of those …
Mobile privacy audits are getting harder
Mobile apps routinely collect and transmit personal data in ways that are difficult for users, developers, and regulators to verify. Permissions can reveal what an app can …
One-time SMS links that never expire can expose personal data for years
Online services often treat one-time links sent by text message as low-risk conveniences. A new study shows that these links can expose large amounts of personal data for …
Confusion and fear send people to Reddit for cybersecurity advice
A strange charge appears on a bank account. An email claims a package is on the way. A social media account stops accepting a password that worked yesterday. When these …
Ransomware activity never dies, it multiplies
Ransomware attacks kept climbing through 2025, even as major criminal groups collapsed and reformed. A new study conducted by the Symantec and Carbon Black Threat Hunter Team …
Featured news
Resources
Don't miss
- Cisco warns of SD-WAN Manager exploitation, fixes 48 firewall vulnerabilities
- FreeScout vulnerability enables unauthenticated, zero-click RCE via email (CVE-2026-28289)
- As AI agents start making purchases, security teams must rethink risk
- Engineering trust: A security blueprint for autonomous AI agents
- Webinar: The True State of Security 2026