AI vs. you: Who’s better at permission decisions?
A single tap on a permission prompt can decide how far an app reaches into a user’s personal data. Most of these calls happen during installation. The number of prompts keeps …
The quantum clock is ticking and businesses are still stuck in prep mode
Quantum computing is still years away from breaking current encryption, but many security teams are already worried about what happens when that moment arrives. A new report …
Massive gambling network doubles as hidden C2 and anonymity infrastructure, researchers say
A sprawling network that’s seemingly maintained to serve (illegal) online gambling opportunities and deliver malware to Indonesian citizens is likely also being used to …
Global law enforcement actions put pressure on cybercrime networks
In 2025, law enforcement agencies disrupted the infrastructure and operations of established cybercriminal groups. These groups shift across borders, and the agencies pursuing …
Portmaster: Open-source application firewall
Portmaster is a free and open source application firewall built to monitor and control network activity on Windows and Linux. The project is developed in the EU and is …
CISOs are questioning what a crisis framework should look like
CISOs increasingly assume the next breach is coming. What concerns them most is whether their teams will understand the incident quickly enough to limit the fallout. A recent …
Threat intelligence programs are broken, here is how to fix them
Security teams often gather large amounts of threat data but still struggle to improve detection or response. Analysts work through long lists of alerts, leaders get unclear …
Google fixes Android vulnerabilities “under targeted exploitation” (CVE-2025-48633, CVE-2025-48572)
Google has shipped patches for 51 Android vulnerabilities, including two high-severity flaws (CVE-2025-48633, CVE-2025-48572) that “may be under limited, targeted …
How a noisy ransomware intrusion exposed a long-term espionage foothold
Getting breached by two separate and likely unconnected cyber attack groups is a nightmare scenario for any organization, but can result in an unexpected silver lining: the …
MuddyWater cyber campaign adds new backdoors in latest wave of attacks
ESET researchers say an Iran aligned threat group is refining its playbook again, and the latest activity shows how much its tactics have shifted. MuddyWater is a long running …
Creative cybersecurity strategies for resource-constrained institutions
In this Help Net Security interview, Dennis Pickett, CISO at RTI International, talks about how research institutions can approach cybersecurity with limited resources and …
Product showcase: UserLock IAM for Active Directory
UserLock brings modern identity and access management (IAM) to Active Directory, adding granular multi-factor authentication (MFA), contextual access controls, single sign-on …
Featured news
Resources
Don't miss
- What 35 years of privacy law say about the state of data protection
- 40 open-source tools redefining how security teams secure the stack
- Password habits are changing, and the data shows how far we’ve come
- Product showcase: Tuta – secure, encrypted, private email
- Henkel CISO on the messy truth of monitoring factories built across decades