Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

News

brain
New “HashJack” attack can hijack AI browsers and assistants

Security researchers at Cato Networks have uncovered a new indirect prompt injection technique that can force popular AI browsers and assistants to deliver phishing links or …

Marina Marceta
Heineken CISO champions a new risk mindset to unlock innovation

In this Help Net Security interview, Marina Marceta, CISO at Heineken, discusses what it takes for CISOs to be seen as business-aligned leaders rather than technical …

LLM
Small language models step into the fight against phishing sites

Phishing sites keep rising, and security teams are searching for ways to sort suspicious pages at speed. A recent study explores whether small language models (SLMs) can scan …

Black Friday 2025
Black Friday 2025 for InfoSec: How to spot real value and avoid the noise

Your inbox is probably drowning in Black Friday emails right now. Another “limited time offer” that’ll reappear next month, countdown timer creating …

DeepTeam
DeepTeam: Open-source LLM red teaming framework

Security teams are pushing large language models into products faster than they can test them, which makes any new red teaming method worth paying attention to. DeepTeam is an …

work
How board members think about cyber risk and what CISOs should tell them

In this Help Net Security video, Jonathan Trull, EVP & CISO at Qualys, discusses which cybersecurity metrics matter most to a board of directors. Drawing on more than two …

key
Popular code formatting sites are exposing credentials and other secrets

Widely used code formatting sites JSONFormatter and CodeBeautify are exposing sensitive credentials, API keys, private keys, configuration files and other secrets, watchTowr …

Tor
Tor Project is rolling out Counter Galois Onion encryption

People who rely on Tor expect their traffic to move through the network without giving away who they are. That trust depends on the strength of the encryption that protects …

Windows Fake Update
Fake “Windows Update” screen fuels new wave of ClickFix attacks

A convincing (but fake) “Windows Update” screen can be the perfect lure for tricking users into infecting their computers with malware. Add a multi-stage delivery …

Microsoft
Microsoft cracks down on malicious meeting invites

Phishing is shifting into places people rarely check. Meeting invites that plant themselves on calendars can survive long after the malicious email is gone. That leaves a …

Graham McMillan
How an AI meltdown could reset enterprise expectations

In this Help Net Security interview, Graham McMillan, CTO at Redgate Software, discusses AI, security, and the future of enterprise oversight. He explains why past incidents …

aircraft cabin
Aircraft cabin IoT leaves vendor and passenger data exposed

The expansion of IoT devices in shared, multi-vendor environments, such as aircraft cabins, has created tension between the benefits of data collaboration and the risks to …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools