Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

News

Anubis
Anubis: Open-source web AI firewall to protect from scraper bots

Anubis is an open-source tool designed to protect websites from automated scraping and abusive traffic by adding computational friction before a request is served. Maintained …

internet
Session tokens give attackers a shortcut around MFA

In this Help Net Security video, Simon Wijckmans, CEO at cside, discusses why session token theft is rising and why security teams miss it. He walks through how web …

smart speaker
NIST issues guidance on securing smart speakers

Smart home devices, such as voice-activated digital assistants, are increasingly used in home health care, with risks involved. An attacker could change a prescription, steal …

cybersecurity week in review
Week in review: Exploited zero-day in Cisco email security appliances, Kali Linux 2025.4 released

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How researchers are teaching AI agents to ask for permission the right way …

Naor Penso
AI isn’t one system, and your threat model shouldn’t be either

In this Help Net Security interview, Naor Penso, CISO at Cerebras Systems, explains how to threat model modern AI stacks without treating them as a single risk. He discusses …

AI
LLMs work better together in smart contract audits

Smart contract bugs continue to drain real money from blockchain systems, even after years of tooling and research. A new academic study suggests that large language models …

Nakivo
Product showcase: NAKIVO v11.1 advances MSP service delivery with secure multi-tenant management

NAKIVO Backup & Replication v11.1 brings a host of benefits to MSPs and their clients. It eliminates the need for client-side port configuration, enhances security with …

identity fraud
Identity risk is changing faster than most security teams expect

Security leaders are starting to see a shift in digital identity risk. Fraud activity is becoming coordinated, automated, and self-improving. Synthetic personas, credential …

Infosec products of the week
New infosec products of the week: December 19, 2025

Here’s a look at the most interesting products from the past week, featuring releases from Apiiro, Astra Security, Push Security, Trellix, and XM Cyber. Apiiro unveils AI SAST …

crypto scams
Crypto theft in 2025: North Korean hackers continue to dominate

When they strike cryptocurrency-related targets, North Korean hacking groups are increasingly aiming for large services where a single breach can move serious money, a new …

phishing
Clipping Scripted Sparrow’s wings: Tracking a global phishing ring

Between June 2024 and December 2025, Fortra analysts tracked a persistent business email compromise (BEC) operation that we have now classified as Scripted Sparrow. The group …

Microsoft 365 phishing
Microsoft 365 users targeted in device code phishing attacks

Attackers are targeting Microsoft 365 users with device code authorization phishing, a technique that fools users into approving access tokens, Proofpoint warns. The method …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools