Microsoft ends desktop detour for sensitivity labels in Office web apps
Microsoft is rolling out an update to Office for the web that removes a long-standing limitation around document protection, adding new control to browser-based apps. …
OpenSSL 4.0.0 release cuts deprecated protocols and gains post-quantum support
OpenSSL 4.0.0 removes several long-deprecated features, adds support for Encrypted Client Hello, and introduces API-level changes that will require code updates for …
Testing reveals Claude Mythos’s offensive capabilities and limits
Could Claude Mythos Preview, Anthropic’s latest large language model, be leveraged for fully automated cyber attacks? The UK government’s AI Security Institute …
W3LL phishing service sold for $500 dismantled by the FBI
The W3LL phishing kit, a cybercrime tool used to impersonate legitimate login pages and steal usernames and passwords, has been dismantled by the FBI and Indonesian law …
DavMail 6.6.0 patches a regex flaw and advances its Microsoft Graph backend
Organizations that run DavMail to bridge standard mail clients to Microsoft Exchange or Office 365 received an update this week. Version 6.6.0 addresses a code-scanning alert …
Basic-Fit hack compromises data of up to 1 million members
Basic-Fit, a European gym chain, disclosed that hackers breached one of its internal systems, exposing members’ personal data in several countries. The company operates more …
Booking.com data breach: Customer reservation data exposed
“Unauthorized third parties may have been able to access certain booking information associated with your reservation,” email alerts sent out by Booking.com over …
Google to penalize sites that hijack the back button
Google is broadening its spam policies to crack down on “back button hijacking,” a deceptive practice where websites interfere with browser navigation, blocking …
AI adoption is outpacing the safeguards around it
AI is becoming part of professional and private life, reaching mainstream adoption faster than the personal computer or the internet. These systems are tested in reasoning, …
Agentic AI memory attacks spread across sessions and users, and most organizations aren’t ready
In this Help Net Security interview, Idan Habler, AI Security Researcher at Cisco, breaks down a threat most security teams haven’t named yet: agentic memory as an …
Review: The Psychology of Information Security
Security controls fail when they are designed without regard for the people who must use them. That is the central argument of Leron Zinatullin’s second edition, and it …
29 million leaked secrets in 2025: Why AI agents credentials are out of control
AI agents need credentials to work. They authenticate with LLM platforms, connect to databases, call SaaS APIs, access cloud resources, and orchestrate across dozens of …
Featured news
Resources
Don't miss
- Attackers using Langflow flaw for credential harvesting (CVE-2026-55255)
- Accenture acknowledges security incident following 35GB data theft claim
- Orbia CISO Miranda Ritchie on building security into sustainable infrastructure
- 20 open-source cybersecurity tools to keep your team ready for anything
- macOS is becoming a proving ground for AI agents