Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
cloud
Attackers target retailers’ gift card systems using cloud-only techniques

A newly uncovered attack campaign mounted by suspected Morocco-based attackers has been hitting global retailers and other businesses issuing gift cards. What makes this …

OAuth
Attackers turn trusted OAuth apps into cloud backdoors

Attackers are increasingly abusing internal OAuth-based applications to gain persistent access to cloud environments, Proofpoint researchers warn. These apps often remain …

Dean H. Saxe
Life, death, and online identity: What happens to your online accounts after death?

The rapid technological advances of recent decades have transformed nearly every aspect of our lives. One major shift is that many of us now maintain extensive digital …

OpenFGA
OpenFGA: The open-source engine redefining access control

OpenFGA is an open-source, high-performance, and flexible authorization engine inspired by Google’s Zanzibar system for relationship-based access control. It helps developers …

blind users passwords
For blind people, staying safe online means working around the tools designed to help

Blind and low-vision users face the same password challenges as everyone else, but the tools meant to make security easier often end up getting in the way. A study from the …

DevOps
3 DevOps security pitfalls and how to stay ahead of them

In this Help Net Security video, Dustin Kirkland, SVP of Engineering at Chainguard, explores three of the most pressing DevOps security issues engineers encounter: unpatched …

AI threats
Companies want the benefits of AI without the cyber blowback

51% of European IT and cybersecurity professionals said they expect AI-driven cyber threats and deepfakes to keep them up at night in 2026, according to ISACA. AI takes centre …

Google
Google introduces agentic threat intelligence for faster, conversational threat analysis

Security teams spend much of their day pulling data from reports, forums, and feeds, trying to connect clues across multiple sources. Google says that work can now happen …

Microsoft Windows
CISA warns of Windows SMB flaw under active exploitation (CVE-2025-33073)

CVE-2025-33073, a Windows SMB Client vulnerability that Microsoft fixed in June 2025, is being exploited by attackers. The confirmation comes from the Cybersecurity and …

Xubuntu
Official Xubuntu website compromised to serve malware

The official website for Xubuntu, a community-maintained “flavour” of Ubuntu that ships with the Xfce desktop environment, has been compromised to serve Windows …

Agentic AI
Agentic AI security: Building the next generation of access controls

As artificial intelligence (AI) solutions continue to evolve, the rise of agentic AI—intelligent systems that can act autonomously on behalf of an organization—presents new …

Ken Deitz
When everything’s connected, everything’s at risk

In this Help Net Security interview, Ken Deitz, CISO at Brown & Brown, discusses how the definition of cyber risk has expanded beyond IT to include IoT, OT, and broader …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools