Law enforcement takes down proxy botnets used by criminals
US and Dutch law enforcement, with the help of Lumen Technologies researchers, have disrupted 5socks and Anyproxy, two proxy-for-rent services that were used by criminals for …
Compromised SAP NetWeaver instances are ushering in opportunistic threat actors
A second wave of attacks against the hundreds of SAP NetWeaver platforms compromised via CVE-2025-31324 is underway. “[The] attacks [are] staged by follow-on, …
Bluetooth 6.1 released, enhances privacy and power efficiency
The Bluetooth Special Interest Group has released Bluetooth 6.1, and one of the most important new features is an update to how devices manage privacy and power. The update, …
Why security teams cannot rely solely on AI guardrails
In this Help Net Security interview, Dr. Peter Garraghan, CEO of Mindgard, discusses their research around vulnerabilities in the guardrails used to protect large AI models. …
How to give better cybersecurity presentations (without sounding like a robot)
Most people think great presenters are born with natural talent. Luka Krejci, a presentation expert, disagrees. “They are called presentation skills. Skills, not …
SPIRE: Toolchain of APIs for establishing trust between software systems
SPIRE is a graduated project of the Cloud Native Computing Foundation (CNCF). It’s a production-ready implementation of the SPIFFE APIs that handles node and workload …
Layoffs pose a cybersecurity risk: Here’s why offboarding matters
In this Help Net Security video, Chase Doelling, Principal Strategist at JumpCloud, discusses the overlooked security risks associated with improper offboarding. Though many …
Despite drop in cyber claims, BEC keeps going strong
Ransomware claims stabilized in 2024 despite remaining the most costly and disruptive type of cyberattack, according to Coalition. 60% of 2024 claims originated from BEC and …
Week in review: The impact of a CVE-free future on cyber defense, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: What a future without CVEs means for cyber defense For many cybersecurity …
Fake AI platforms deliver malware diguised as video content
A clever malware campaign delivering the novel Noodlophile malware is targeting creators and small businesses looking to enhance their productivity with AI tools. But, in an …
LockBit hacked: What does the leaked data show?
The affiliate panel of the infamous LockBit Ransomware-as-a-Service (RaaS) group has been hacked and defaced, showing a link to a MySQL database dump ostensibly containing …
What your browser knows about you, from contacts to card numbers
Chrome and Safari are the most popular browser apps, accounting for 90% of the mobile browsers market share, according to Surfshark. They also collect the most data. Chrome: …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)