Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

News

AI
Training an AI agent to attack LLM applications like a real adversary

Most enterprise software development teams now ship AI-powered applications faster than traditional penetration testing can keep up with. A security team with 500 applications …

breach
You don’t have to choose between BAS or automated pentesting, you shouldn’t

There’s a debate making the rounds in security circles that sounds reasonable on the surface but falls apart under operational scrutiny: Which is better, breach and attack …

phishing simulations
Why your phishing simulations aren’t building a security culture

Security culture isn’t built by phishing simulations. In this Help Net Security video, Dan Potter, VP of Cyber Resilience at Immersive, argues that annual training …

downtime
Your security stack looks fine from the dashboard and that’s the problem

One in five enterprise endpoints is operating outside a protected and enforceable state on any given day, according to device telemetry collected across tens of millions of …

Kali Linux 2026.1
Kali Linux 2026.1 ships BackTrack mode, eight new tools, and a kernel upgrade to 6.18

Penetration testers running Kali Linux have a new release to work with. Version 2026.1 delivers the annual theme refresh, a new BackTrack-inspired mode in kali-undercover, …

USA
Uncle Sam closes the door on all new foreign-made routers

The US Federal Communications Commission (FCC) has imposed a ban on all new routers manufactured overseas being imported into and sold within the United States.

AI
The AI safety conversation is focused on the wrong layer

Organizations have spent years accumulating fragmented identity systems: too many roles, too many credentials, too many disconnected tools. For a workforce of humans, that …

Netscaler
Critical NetScaler ADC, Gateway flaw may soon be exploited (CVE-2026-3055)

Citrix has fixed two vulnerabilities in NetScaler ADC and NetScaler Gateway, with the more serious flaw (CVE-2026-3055) potentially allowing attackers to extract active …

prison
Russian initial access broker helped ransomware gangs extort millions, sentenced to 81 months

A Russian citizen, Aleksei Volkov, was sentenced to 81 months in prison for helping ransomware groups carry out attacks causing over $9 million in actual losses and over $24 …

vulnerabilities
32% of top-exploited vulnerabilities are over a decade old

Exploitation timelines continued to compress in enterprise environments, with newly disclosed flaws reaching active use almost immediately and older weaknesses remaining …

Microsoft
Microsoft details AI prompt abuse techniques targeting AI assistants

Prompt abuse occurs when crafted inputs manipulate an AI system into producing unintended behavior, such as attempting to access sensitive information or overriding built-in …

NVIDIA Kubernetes
NVIDIA puts GPU orchestration in community hands

GPU-accelerated AI workloads now run on Kubernetes in the large majority of enterprise environments. Managing those workloads at scale has required specialized tooling that, …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools