Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

News

X
More than half of public vulnerabilities bypass leading WAFs

Miggo Security has released a new report that examines how web application firewalls are used across real-world security programs. The research outlines the role WAFs play as …

hand
Group Policy abuse reveals China-aligned espionage group targeting governments

ESET Research has identified a previously undocumented China-aligned advanced persistent threat group that uses Windows Group Policy to deploy malware and move through victim …

Øystein Thorvaldsen
The soft underbelly of space isn’t in orbit, it’s on the ground

In this Help Net Security interview, Øystein Thorvaldsen, CISO at KSAT, discusses how adversaries view the ground segment as the practical way to reach space systems and why …

eyes
Privacy risks sit inside the ads that fill your social media feed

Regulatory limits on explicit targeting have not stopped algorithmic profiling on the web. Ad optimization systems still adapt which ads appear based on users’ private …

Brain
Should AI access be treated as a civil right across generations?

AI use is expanding faster than the infrastructure that supports it, and that gap is starting to matter for security, resilience, and access. A new position paper argues that …

books
What cybersecurity leaders are reading to stay ahead

If you’re looking for holiday gift ideas, books remain one of the simplest ways to spark curiosity and support someone’s growth. Whether the person on your list is exploring …

door
Cisco email security appliances rooted and backdoored via still unpatched zero-day

A suspected Chinese-nexus threat group has been compromising Cisco email security devices and planting backdoors and log-purging tools on them since at least late November …

SonicWall SMA 1000
Exploited SonicWall zero-day patched (CVE-2025-40602)

SonicWall has patched a local privilege escalation vulnerability (CVE-2025-40602) affecting its Secure Mobile Access (SMA) 1000 appliances and is urging customers to apply the …

Fortinet
Attackers are exploiting auth bypass vulnerability on FortiGate firewalls (CVE-2025-59718)

Attackers are exploiting a recently revealed vulnerability (CVE-2025-59718) to bypass authentication on Fortinet’s FortiGate firewalls, and are leveraging the achieved …

AI
Why vulnerability reports stall inside shared hosting companies

Security teams keep sending vulnerability notifications, and the same pattern keeps repeating. Many alerts land, few lead to fixes. A new qualitative study digs into what …

financial crime
Banks built rules for yesterday’s crime and RegTech is trying to fix that

Criminals are moving money across borders faster, and financial institutions are feeling the squeeze. Compliance teams feel this strain every day as they try to keep up with …

Zabbix
Zabbix: Open-source IT and OT observability solution

Zabbix is an open source monitoring platform designed to track the availability, performance, and integrity of IT environments. It monitors networks along with servers, …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools