Please turn on your JavaScript for this page to function normally.
The future of authentication: Why passwordless is the way forward

By now, most CISOs agree: passwords are the weakest link in the authentication chain. They’re easy to guess, hard to manage, and constantly reused. Even the most complex …

network
Browser extensions make nearly every employee a potential attack vector

Despite being present on virtually every employee’s browser, extensions are rarely monitored by security teams or controlled by IT, according to LayerX. Most extensions have …

Hertz
Hertz data breach: Customers in US, EU, UK, Australia and Canada affected

American car rental company Hertz has suffered a data breach linked to last year’s exploitation of Cleo zero-day vulnerabilities by a ransomware gang. The breach …

Nagios Log Server
Critical flaws fixed in Nagios Log Server

The Nagios Security Team has fixed three critical vulnerabilities affecting popular enterprise log management and analysis platform Nagios Log Server. About the flaws The …

certificates
Why shorter SSL/TLS certificate lifespans matter

Digital certificates are the unsung heroes of the internet, silently verifying that the websites, apps, and services you use are legit and your data is safe. For years, we’ve …

Sandy Kronenberg
Cybercriminal groups embrace corporate structures to scale, sustain operations

In this Help Net Security interview, Sandy Kronenberg, CEO of Netarx, discusses how cybercriminal groups are adopting corporate structures and employee incentives to scale …

software
94% of firms say pentesting is essential, but few are doing it right

Organizations are fixing less than half of all exploitable vulnerabilities, with just 21% of GenAI app flaws being resolved, according to Cobalt. Big firms take longer to fix …

work
Chief Legal Officers step up in cybersecurity oversight

In this Help Net Security video, Jennifer Chen, Executive Director of the Association of Corporate Counsel (ACC) Foundation, discusses how globally, Chief Legal Officers …

cybersecurity jobs
Cybersecurity jobs available right now: April 15, 2025

Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. CISO Department of Justice | Australia | On-site …

malicious package
Package hallucination: LLMs may deliver malicious code to careless devs

LLMs’ tendency to “hallucinate” code packages that don’t exist could become the basis for a new type of supply chain attack dubbed …

AI threats
The quiet data breach hiding in AI workflows

As AI becomes embedded in daily business workflows, the risk of data exposure increases. Prompt leaks are not rare exceptions. They are a natural outcome of how employees use …

Tirreno
Tirreno: Open-source fraud prevention platform

Tirreno is an open-source fraud prevention platform designed as a universal analytics tool to monitor online platforms, web applications, SaaS products, digital communities, …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools