Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
Palo Alto Networks
Root-level RCE vulnerability in Palo Alto firewalls exploited (CVE-2026-0300)

A critical vulnerability (CVE-2026-0300) affecting Palo Alto Networks firewalls is being actively exploited by attackers, the security company acknowledged today, and urged …

map
Chrome on Android can now hide your exact location from websites

Google is improving location privacy features that give users more control over sharing their location. On Chrome for Android, users can now choose to share their approximate …

AIMap
AIMap: Open-source tool finds and tests exposed AI endpoints

Public-facing Ollama servers, MCP endpoints, and inference proxies have multiplied across the internet over the past year, often deployed without authentication or rate …

LinkedIn
LinkedIn job scams push most pros to verify roles before applying

Questioning whether a job posting is genuine has become part of the application routine for most professionals. 72% stop to consider the legitimacy of a role at least …

Android verification
Google expands Android Binary Transparency to counter supply chain attacks

Supply chain attacks on mobile software have grown alongside the expanding role of phones in daily life, from payments to government IDs to AI features. Google is responding …

security operations
Cutting the cost of SIEM rule conversion

You inherit two thousand detection rules from an acquisition. They are written for a platform your company does not use. Your senior detection engineer estimates six months to …

AWS Rex
AWS open sources Trusted Remote Execution to control what AI agents touch

Production scripts that read a log file generally hold the same permissions as scripts that delete one. The execution context decides what gets touched, and that gap widens …

smartphone
Phishing can masquerade as emergency alerts for disasters, researchers warn

Emergency alerts for disasters like earthquakes and tsunamis are messages we hope we never see, and we trust them when they arrive. Researchers have shown that this trust can …

identity
Meta’s AI will scan height and bone structure to detect under-13 users

Meta is deploying AI that scans photos and videos for physical cues to assess whether a user is under 13 on Instagram and Facebook. Teen Account on Instagram (Source: Meta) …

Ollama
Unpatched flaws turn Ollama’s auto-updater into a persistent RCE vector, researchers say

Researchers at Striga have disclosed two vulnerabilities (CVE-2026-42248, CVE-2026-42249) in Ollama’s Windows auto-updater that, when chained together, may allow an …

software bug
Google to pay up to $1.5 million for zero-click Pixel Titan M exploits

Google has revised its Android and Chrome Vulnerability Reward Programs (VRPs), which pay security researchers to report vulnerabilities in Android, Google hardware, and the …

CIS AWS AI workloads
Download: Secure Foundations for AI Workloads on AWS

Center for Internet Security helps organizations deploy AI and high-performance compute environments from a trusted, hardened operating system baseline. CIS Hardened Images …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released for important security events and breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools