Most dark web activity revolves around a handful of topics
Dark web activity often becomes visible during marketplace seizures, major data leaks, or sudden spikes in criminal activity. Those events can create an impression of an …
AI red teaming agents change how LLMs get tested
Adversarial probing of LLMs has piled up a sprawling toolkit over the past three years. Attack techniques with names like Tree of Attacks with Pruning, Crescendo, and Skeleton …
Product showcase: Bitdefender Mobile Security for iOS protects privacy where scams begin
Bitdefender Mobile Security for iOS is a security and privacy application for iPhone and iPad that helps protect against phishing attempts, online scams, unsafe websites, and …
Cyber threats push SMBs to spend more on security
Cybersecurity has become a key priority for small and medium-sized businesses due to growing threats and wider AI adoption. An IDC survey of 2,200 SMBs in eight markets …
Webworm APT targets European government organizations with new backdoors
ESET has released an analysis of the 2025 activity of Webworm, a China-aligned APT group tracked as Space Pirates and UAT-8302. Active since at least 2022, the group initially …
Verizon DBIR: Vulnerability exploitation is the dominant initial access vector
Vulnerability exploitation has overtaken stolen credentials as the most common way attackers gain initial access to target networks, according to the 2026 Verizon Data Breach …
FBI: $388 million lost in crypto ATM scams in 2026
Americans lost more than $388 million to crypto kiosk scams in 2025, with the FBI warning that criminals are increasingly directing victims to transfer funds through these …
TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension
Following TeamPCP’s claim that they’ve breached GitHub’s own private code repositories, the Microsoft-owned company launched an investigation and confirmed …
Microsoft provides mitigation for “YellowKey” BitLocker bypass flaw (CVE-2026-45585)
Microsoft is working on a fix for CVE-2026-45585 (aka “Yellowkey”), a vulnerability that can be used by attackers to bypass protections offered by BitLocker, the …
Communicating cyber risk in dollars boards understand
In this Help Net Security interview, Nick Nieuwenhuis, Cybersecurity Architect at Nedscaper, explains why cybersecurity has not delivered the resilience that decades of …
CVE Lite CLI: Open-source dependency vulnerability scanner
Dependency vulnerability scanning in JavaScript and TypeScript projects has long sat at the end of the development pipeline. Pull requests get opened, continuous integration …
When your AI assistant has the keys to production
Large language models in operational roles query telemetry, propose configuration changes, and in some deployments execute those changes against live infrastructure. Ticket …
Featured news
Resources
Don't miss
- This AI model backdoor attack stays hidden until you customize the model
- Windows Netlogon RCE exploited, domain controllers at risk (CVE-2026-41089)
- How NIST fumbled management of the National Vulnerability Database
- Hackers are exploiting Palo Alto GlobalProtect VPN authentication bypass (CVE-2026-0257)
- NVIDIA goes open source with a big batch of physical AI agent tools