Email breaches are the silent killers of business growth
78% of organizations were hit by an email breach in the past 12 months, according to the Email Security Breach Report 2025 by Barracuda. Phishing, impersonation, and account …
SUSE Linux Enterprise Server 16 puts AI in the operating system
SUSE has released SUSE Linux Enterprise Server (SLES) 16, calling it AI-ready and built for long-term use. The release marks the first major update in the Enterprise Server …
OpenAI’s gpt-oss-safeguard enables developers to build safer AI
OpenAI is releasing a research preview of gpt-oss-safeguard, a set of open-weight reasoning models for safety classification. The models come in two sizes: …
Sanctions won’t stop cyberattacks, but they can still “bite”
Sanctions are one of the tools Western governments use when they want to hit back at state-sponsored cyber threat actors. But do they actually work? That’s the question a …
Python Foundation rejects US government grant earmarked for security improvements
The Python Software Foundation (PSF) has rejected a $1.5 million government grant due to restrictive conditions that would force the foundation to betray its mission and its …
AI agents can leak company data through simple web searches
When a company deploys an AI agent that can search the web and access internal documents, most teams assume the agent is simply working as intended. New research shows how …
Early reporting helps credit unions stop fraudulent transfers faster
In this Help Net Security interview, Carl Scaffidi, CISO at VyStar Credit Union, discusses how credit unions are adapting to an evolving fraud landscape and strengthening …
Product showcase: Syteca – The human-centric insider threat management platform
Most organizations think the greatest danger lurks outside their walls. But statistics keep proving otherwise. According to Verizon’s 2025 Data Breach Investigation …
Scammers target international students by threatening their visa status
In 2025, the U.S. government revoked thousands of visas from international students, often without warning or explanation. According to a newly released study, this opened a …
Proximity: Open-source MCP security scanner
Proximity is a new open-source tool that scans Model Context Protocol (MCP) servers. It identifies the prompts, tools, and resources that a server makes available, and it can …
PoC code drops for remotely exploitable BIND 9 DNS flaw (CVE-2025-40778)
A high-severity vulnerability (CVE-2025-40778) affecting BIND 9 DNS resolvers could be leveraged by remote, unauthenticated attackers to manipulate DNS entries via cache …
Italian-made spyware Dante linked to Chrome zero-day exploitation campaign
CVE-2025-2783, a Chrome zero-day vulnerability that was detected being exploited in March 2025 and was subsequently fixed by Google, was used by unknown attackers to deliver …
Featured news
Resources
Don't miss
- Training an AI agent to attack LLM applications like a real adversary
- You don’t have to choose between BAS or automated pentesting, you shouldn’t
- Why your phishing simulations aren’t building a security culture
- Your security stack looks fine from the dashboard and that’s the problem
- Kali Linux 2026.1 ships BackTrack mode, eight new tools, and a kernel upgrade to 6.18