EU cybersecurity standards are at risk if supplier ban passes
Today, the European standards body ETSI sent a formal position paper to the European Commission, calling for changes to the proposed Cybersecurity Act 2 (CSA2), the EU’s …
Command integrity breaks in the LLM routing layer
Systems that rely on LLM agents often send requests through intermediary routing services before reaching a model. These routers connect to different providers through a …
Product showcase: Ente Auth encrypts, backs up, and syncs 2FA
Two-factor authentication (2FA) is an essential layer of protection for online accounts, and Ente Auth makes it easier to manage securely across devices. Ente Auth is a free, …
Wi-Fi roaming security practices for access network providers and identity providers
Public Wi-Fi roaming networks carry authentication credentials across multiple administrative boundaries, and the protocols governing that process vary widely in their …
European AI spending set to hit $290 billion by 2029
European enterprises are committing serious money to AI, and the numbers are accelerating. According to IDC’s Worldwide AI and Generative AI Spending Guide, AI spending …
Windows is getting stronger RDP file protections to fight phishing attacks
Microsoft has introduced new Windows protections starting with the April 2026 security update to reduce phishing attacks that abuse Remote Desktop (.rdp) files. With these …
Webinar: The IT Leader’s Guide to AI Governance
Generative AI is moving from experimentation to everyday enterprise use, often faster than governance models were designed to support. As adoption accelerates, organizations …
Raspberry Pi OS 6.2 disables passwordless sudo by default
Raspberry Pi OS 6.2, based on the Trixie version, introduces small changes, bug fixes, and disables passwordless sudo by default for new installations. Screenshot of password …
What changed in nginx 1.30.0 and what it means for your upstream config
nginx 1.30.0 brings together features accumulated across the 1.29.x mainline series. The release covers a broad range of changes, from protocol support additions to …
OpenAI expands its cyber defense program with GPT-5.4-Cyber for vetted researchers
Defending critical software has long depended on the ability to find and fix vulnerabilities faster than attackers can exploit them. OpenAI is expanding a program designed to …
The exploit gap is closing, and your patch cycle wasn’t built for this
The Cloud Security Alliance has published a briefing on what it calls a turning point in the threat landscape: the time between a vulnerability being discovered and a working …
Coordinated vulnerability disclosure is now an EU obligation, but cultural change takes time
In this Help Net Security interview, Nuno Rodrigues Carvalho, Head of Sector for Incident and Vulnerability Services at ENISA, discusses the recent CVE funding scare and what …
Featured news
Resources
Don't miss
- Companies keep getting breached by vulnerabilities they already knew about
- GPT-Red beat human red teamers on a prompt injection test
- Threat actor impersonated hundreds of brands on GitHub to push infostealer malware
- AI-driven bug hunting fuels record Microsoft Patch Tuesday
- SingGuard-NSFA: Open-source guardrails for agentic AI