March 2026 Patch Tuesday forecast: Is AI security an oxymoron?
Developers and analysts are using more AI tools to produce code and to test both the performance and security of the finished products. They are also embedding AI …
Backup strategies are working, and ransomware gangs are responding with data theft
Business email compromise (BEC) and funds transfer fraud combined for 58% of all cyber insurance claims filed in 2025, according to data from Coalition covering more than …
Why phishing still works today
In this Help Net Security video, Gal Livschitz, Senior Penetration Tester at Terra Security, explains how phishing has evolved and why employees still fall for it. He outlines …
Western governments lay the groundwork for secure 6G networks
Governments are preparing for 6G, the next generation of mobile networks, placing security and resilience among their top priorities. In response, seven countries …
What happens when AI teams compete against human hackers
A cybersecurity competition produced what may be the largest controlled dataset comparing AI-augmented teams to human-only teams on professional-grade offensive security …
New infosec products of the week: March 6, 2026
Here’s a look at the most interesting products from the past week, featuring releases from Beazley Security, Push Security, Samsung, and Tufin. Samsung brings Digital Home Key …
Cisco warns of SD-WAN Manager exploitation, fixes 48 firewall vulnerabilities
Cisco has confirmed that two Catalyst SD-WAN Manager vulnerabilities (CVE-2026-20128 and CVE-2026-20122) patched in late February 2025 are being exploited by attackers. The …
That attractive online ad might be a malware trap
Malware increasingly travels through the infrastructure that delivers online advertising. The Media Trust’s Global Report on Digital Trust, Ad Integrity, and the Protection of …
FreeScout vulnerability enables unauthenticated, zero-click RCE via email (CVE-2026-28289)
A newly discovered vulnerability (CVE-2026-28289) in the open-source help desk platform FreeScout could allow attackers to take over vulnerable servers by sending a specially …
Google changes Play Store policies after settling Epic Games dispute
Google is making changes to the Play Store after settling its legal fight with Epic Games, focusing on three areas: more billing options, lower fees with new programs for …
LeakBase cybercrime forum with 142,000 users taken down in global operation
LeakBase, an open-web cybercrime forum facilitating the trade of leaked databases and “stealer logs” containing stolen credentials, has been taken down in an international law …
Authorities pull plug on Tycoon 2FA phishing-as-a-service platform
Tycoon 2FA, a phishing-as-a-service platform that allowed cybercriminals to bypass MFA and break into online accounts, has been disrupted by law enforcement agencies and …