Complexity and AI put identity protection to the test
Identity has become a core pillar of cybersecurity strategy. Remote work, cloud-first adoption, and distributed supply chains have moved identity from “a tactical IT …
What the GitGuardian secrets sprawl report reveals about leaked credentials
In this Help Net Security video, Dwayne McDaniel, Senior Developer Advocate at GitGuardian, presents findings from The State of Secrets Sprawl 2025. McDaniel explains why …
Cybersecurity jobs available right now: September 2, 2025
CISO Shift Technology | France | Remote – No longer accepting applications As a CISO, you will develop and execute a comprehensive enterprise information security …
KillChainGraph: Researchers test machine learning framework for mapping attacker behavior
A team of researchers from Frondeur Labs, DistributedApps.ai, and OWASP has developed a new machine learning framework designed to help defenders anticipate attacker behavior …
AIDEFEND: Free AI defense framework
AIDEFEND (Artificial Intelligence Defense Framework) is an open knowledge base dedicated to AI security, providing defensive countermeasures and best practices to help …
Boards are being told to rethink their role in cybersecurity
Boards of directors are being told that cybersecurity is now central to business resilience and growth, and that they must engage more directly in the way their organizations …
Cybersecurity signals: Connecting controls and incident outcomes
There is constant pressure on security leaders to decide which controls deserve the most attention and budget. A new study offers evidence on which measures are most closely …
GenAI is fueling smarter fraud, but broken teamwork is the real problem
More than 80 percent of large U.S. companies were targeted by socially engineered fraud in the past year, according to Trustmi’s 2025 Socially Engineered Fraud & Risk …
Week in review: 300k+ Plex Media Server instances still vulnerable to attack, exploited Git RCE flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 300k+ Plex Media Server instances still vulnerable to attack via …
Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms
A recently uncovered phishing campaign – carefully designed to bypass security defenses and avoid detection by its intended victims – is targeting firms in …
New framework aims to outsmart malware evasion tricks
Attackers have learned how to trick machine learning malware detectors with small but clever code changes, and researchers say they may finally have an answer. In a new paper, …
Finding connection and resilience as a CISO
With sensitive information to protect and reputational risk always in the background, it isn’t easy for security leaders to have open conversations about what’s working and …
Featured news
Resources
Don't miss
- Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352)
- Microsoft revokes 200 certs used to sign malicious Teams installers
- A new approach to blockchain spam: Local reputation over global rules
- SAP zero-day wake-up call: Why ERP systems need a unified defense
- “Perfect” Adobe Experience Manager vulnerability is being exploited (CVE-2025-54253)