GitHub’s new tool helps prevent costly open-source license violations
GitHub’s Open Source Program Office (OSPO) uses the new GitHub License Compliance feature, now in public preview, to manage thousands of open-source dependencies and …
The ARToken phishing panel targets Microsoft 365 accounts
Accounts-payable staff at U.S. companies keep receiving invoice emails that look like they come from vendors they already work with. One landed at a life-sciences company in …
Claude Sonnet 5 includes safeguards against dangerous cyber use
Anthropic has introduced Claude Sonnet 5, the latest version of its general-purpose AI model, with improved reasoning, coding, tool use, and knowledge work capabilities. The …
What a financial planner taught me about cybersecurity
When I spoke at a recent cybersecurity awareness event for financial planners and tax advisors, the audience really engaged with the subject. As happens at conferences the …
Nika: Open-source code analysis tool
Many serious security bugs in web applications sit across several files at once. Request data enters through a controller, moves through data objects and service layers, and …
This supercomputer encrypts your data even while it’s running it
Most people who handle sensitive data already encrypt it in two places. They lock it down when it sits on a hard drive, and they lock it down when it moves across a network. …
AI-generated code risks reach security, legal, and compliance teams
Most engineering organizations write code with AI, and a good number of them keep that code away from customers. A Flux survey of engineering leaders and practitioners found …
Microsoft wants to stop unwanted bots from entering Teams meetings
A new Microsoft Teams admin policy, Manage external bots and their access to meetings, gives organizations greater visibility and control over external bots in meetings. The …
Getting boards to fund ERM means speaking their currency
In this Help Net Security video, Greg Young, VP Cybersecurity and Corporate Development at TrendAI, explains how to build Enterprise Risk Management that a board will pay for. …
Proton’s pitch for Lumo 2.0: Frontier AI without the data grab
Proton has unveiled Lumo 2.0, a major upgrade to its zero-access encrypted AI assistant. Built on a new architecture, the release brings the assistant closer to frontier AI …
Oracle E-Business Suite Payments flaw under attack (CVE-2026-46817)
Exploitation attempts targeting a critical vulnerability (CVE-2026-46817) in Oracle Payments, the payment-processing module within Oracle’s E-Business Suite (EBS), have …
SimpleHelp vulnerability exploited to deliver mighty Djinn Stealer (CVE-2026-48558)
Attackers are exploiting CVE-2026-48558, a recently patched authentication bypass vulnerability in SimpleHelp RMM, to drop the novel Djinn Stealer malware on victim computers. …
Featured news
Resources
Don't miss
- Accenture acknowledges security incident following 35GB data theft claim
- Orbia CISO Miranda Ritchie on building security into sustainable infrastructure
- 20 open-source cybersecurity tools to keep your team ready for anything
- macOS is becoming a proving ground for AI agents
- How to implement a continuous offensive security testing program