Building a mature automotive cybersecurity program beyond checklists
In this Help Net Security interview, Robert Sullivan, CIO & CISO at Agero, shares his perspective on automotive cybersecurity. He discusses strategies for developing …
Chekov: Open-source static code analysis tool
Checkov is an open-source tool designed to help teams secure their cloud infrastructure and code. At its core, it’s a static code analysis tool for infrastructure as code …
GPT needs to be rewired for security
LLMs and agentic systems already shine at everyday productivity, including transcribing and summarizing meetings, extracting action items, prioritizing critical emails, and …
The energy sector is ground zero for global cyber activity
A new study from the Karlsruhe Institute of Technology shows how geopolitical tensions shape cyberattacks on power grids, fuel systems, and other critical infrastructure. How …
Biotech platforms keep missing the mark on security fundamentals
A new security posture report on the biotech sector shows how quickly attackers could reach sensitive health data with only basic reconnaissance. Researchers needed less than …
Underwriting is shifting to AI-driven, real-time decisions by 2030
Underwriting is undergoing a major transformation as financial institutions push for faster decisions, better fraud detection, and greater personalization, according to a new …
North Korea’s IT workers are targeting firms beyond tech, crypto, and the U.S.
North Korea’s clandestine IT Worker (ITW) program, which is long known for targeting U.S. technology firms and crypto firms, has broadened its scope to attempt to infiltrate a …
Google Drive for desktop will spot, stop and remedy ransomware damage
Google has rolled out AI-powered ransomware detection and file restoration features in Drive for desktop, Google’s official file syncing and access app for Windows and …
Too many Cisco ASA firewalls still unsecure despite zero-day attack alerts
Despite Cisco and various cybersecurity agencies warning about attackers actively exploting zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) in Cisco Adaptive …
Hackers love LOTL, this approach shuts them down
Every time cyber defenders and companies discover new ways to block intrusions, attackers change their tactics and find a way around the defenses. “Living off the …
A2AS framework targets prompt injection and agentic AI security risks
AI systems are now deeply embedded in business operations, and this introduces new security risks that traditional controls are not built to handle. The newly released A2AS …
Biometric spoofing isn’t as complex as it sounds
Biometric technologies were originally designed to improve security and streamline authentication, but they’re often misused in ways most people don’t notice. Like any system, …
Featured news
Resources
Don't miss
- Microsoft releases urgent fix for actively exploited WSUS vulnerability (CVE-2025-59287)
- Microsoft blocks risky file previews in Windows File Explorer
- Building trust in AI: How to keep humans in control of cybersecurity
- Researchers expose large-scale YouTube malware distribution network
- Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932)