Vet: Open-source software supply chain security tool
Vet is an open source tool designed to help developers and security engineers spot risks in their software supply chains. It goes beyond traditional software composition …
Bankers Association’s attack on cybersecurity transparency
A coalition of banking industry associations, including SIFA, the American Bankers Association (ABA), Bank Policy Institute (BPI), and several other lobbying groups have made …
Development vs. security: The friction threatening your code
Developers are driven to deliver new features quickly, while security teams prioritize risk mitigation, which often puts the two at odds. 61% of developers said that it’s …
Cybersecurity jobs available right now: June 3, 2025
Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. CISO Halan Microfinance Bank | Pakistan | On-site …
Attackers breached ConnectWise, compromised customer ScreenConnect instances
A suspected “sophisticated nation state actor” has compromised ScreenConnect cloud instances of a “very small number” of ConnectWise customers, the …
Product showcase: Smarter pentest reporting and exposure management with PlexTrac
The threat landscape is evolving faster than ever. Staying ahead means going beyond automated scans and check-the-box assessments. It demands continuous, hands-on testing …
CISO 3.0: Leading AI governance and security in the boardroom
In this Help Net Security interview, Aaron McCray, Field CISO at CDW, discusses how AI is transforming the CISO role from a tactical cybersecurity guardian into a strategic …
Review: Metasploit, 2nd Edition
If you’ve spent any time in penetration testing, chances are you’ve crossed paths with Metasploit. The second edition of Metasploit tries to bring the book in line with how …
Security awareness training isn’t stopping breaches. Can AI help?
In this Help Net Security video, Mick Leach, Field CISO at Abnormal AI, explores why security awareness training (SAT) is failing to reduce human error, the top cause of …
48% of security pros are falling behind compliance requirements
32% of security professionals think they can deliver zero-vulnerability software despite rising threats and compliance regulations, according to Lineaje. Meanwhile, 68% are …
Week in review: NIST proposes new vulnerabilities metric, flaws in NASA’s open source software
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Vulnerabilities found in NASA’s open source software Vulnerabilities in open …
Why privacy in blockchain must start with open source
Traditionally, trust came from centralized institutions. Banks, payment networks, and clearinghouses are closed systems. Users cannot see the inner workings, but they rely on …
Featured news
Resources
Don't miss
- Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352)
- Microsoft revokes 200 certs used to sign malicious Teams installers
- A new approach to blockchain spam: Local reputation over global rules
- SAP zero-day wake-up call: Why ERP systems need a unified defense
- “Perfect” Adobe Experience Manager vulnerability is being exploited (CVE-2025-54253)