Apple privacy labels often don’t match what Chinese smart home apps do
Smart home devices in many homes collect audio, video, and location data. The apps that control those devices often focus on the account owner, even when the technology also …
In GitHub’s advisory pipeline, some advisories move faster than others
GitHub Security Advisories are used to distribute vulnerability information in open-source projects and security tools. A new study finds that only a portion of those …
Don’t panic over CISA’s KEV list, use it smarter
In this Help Net Security video, Tod Beardsley, VP of Security Research at runZero, explains what CISA’s Known Exploited Vulnerabilities (KEV) Catalog is and how security …
MOS: Open-source modular OS for servers and homelabs
A growing number of homelab builders and small server operators are testing an open source operating system that combines basic server management, storage control, and …
Week in review: Exploited newly patched BeyondTrust RCE, United Airlines CISO on building resilience
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: United Airlines CISO on building resilience when disruption is inevitable In …
Bitcoin trading firm CEO gets 20 years for operating $200 million Ponzi scheme
The U.S. Department of Justice sentenced the CEO of a multi-level marketing and bitcoin trading firm to 20 years in prison after a conviction for wire fraud and money …
Hackers probe, exploit newly patched BeyondTrust RCE flaw (CVE-2026-1731)
Attackers are exploiting a recently patched critical vulnerability (CVE-2026-1731) in internet-facing BeyondTrust Remote Support and Privileged Remote Access instances. …
Brutus: Open-source credential testing tool for offensive security
Brutus is an open-source, multi-protocol credential testing tool written in pure Go. Designed to replace legacy tools that have long frustrated penetration testers with …
Police arrests distributor of JokerOTP password-stealing bot
The Dutch National Police arrested a 21-year-old man from Dordrecht as part of a cybercrime investigation by Team Cybercrime Oost-Brabant. The suspect is believed to have …
OpenAI released GPT-5.3-Codex-Spark, a real-time coding model
OpenAI has released a research preview of GPT-5.3-Codex-Spark, an ultra-fast model for real-time coding in Codex. It is available to ChatGPT Pro users in the latest versions …
Why secure OT protocols still struggle to catch on
Industrial control system networks continue to run on legacy communication protocols that were built for reliability and uptime, not authentication or data integrity. In many …
Ubuntu 24.04.4 LTS arrives with cumulative security and bug fixes
Security teams running Ubuntu in production often delay major OS upgrades until the next point release arrives with accumulated patches and newer hardware support. Ubuntu …
Featured news
Resources
Don't miss
- Open-source benchmark EVMbench tests how well AI agents handle smart contract exploits
- Public mobile networks are being weaponized for combat drone operations
- Attackers keep finding the same gaps in security programs
- China-linked hackers exploited Dell zero-day since 2024 (CVE-2026-22769)
- The era of the Digital Parasite: Why stealth has replaced ransomware