Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
SonicWall
SonicWall SMA appliances targeted in zero-day attacks (CVE-2026-15409, CVE-2026-15410)

SonicWall has fixed two actively exploited vulnerabilities (CVE-2026-15409, CVE-2026-15410) affecting its Secure Mobile Access (SMA) 1000 Series appliances, and is urging …

danger
New macOS malware steals passwords by posing as Apple’s crash-reporting tool

Jamf Threat Labs has uncovered a new macOS infostealer named CrashStealer that disguises itself as Apple’s crash-reporting tool to steal passwords, Keychain data, and …

Tines The ultimate guide to network operations management
Download: The ultimate guide to network operations management

Modern network operations are too manual. Today’s IT and security teams are managing growing complexity across networks, infrastructure, tools, and workflows. The result? …

bomb
“Context bombs” can frustrate AI-driven attacks, researchers found

A new approach tried out by Tracebit researchers has proven very effective at stopping AI agents from fully compromising targeted environments. What makes it notable …

Google Workspace
Google adds FIDO2 keys and phone passkeys to Windows login via GCPW

Google has started rolling out FIDO2-compliant physical security key support as a second factor for authentication in Google Credential Provider for Windows (GCPW) to all …

open vault
No one knows how many old shims can still bypass UEFI Secure Boot

The vast majority of UEFI computers carry a Microsoft certificate that will trust a small first-stage loader called a shim, a program Microsoft signs so that Linux and …

fraud
UK charges five persons linked to fraud platform behind more than a million scam calls

Five people have been charged in the UK following a National Crime Agency (NCA) investigation into Russian Coms, a caller ID spoofing service used by fraudsters. Ayoub …

Microsoft Entra ID
Microsoft Entra ID authentication overhaul to start in September 2026

Microsoft will begin rolling out passkeys as the default authentication experience for Microsoft Entra ID in the public cloud on September 1, 2026. Organizations with SMS or …

cyber threat
New tutorials on underground hacking forums have roughly doubled

Underground hacking forums are producing more original tutorials again, with growing attention on financial fraud, particularly the theft and fraudulent use of payment card …

digital code
The best defense against AI attacks turns out to be a skeptical human

Analysts across the security industry now run generative AI through their daily work, from log triage to incident write-ups. Active use in cybersecurity strategy reached 78% …

smart home
Fake smart home residents could stand in for real ones in security research

Smart home security research runs on a scarce ingredient: recordings of how real people use the gadgets in their homes. Getting that data means wiring up someone’s house …

ID
Your vendor’s vendor might be the real breach risk

In this Help Net Security video, Chris Boehm, Field CTO, Zero Networks, breaks down how a vendor breach can become your breach. He explains that attackers now target the …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released for important security events and breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools