Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

News

Storyblok The IT Leader’s Guide to AI Governance webinar
Webinar: The IT Leader’s Guide to AI Governance

Generative AI is moving from experimentation to everyday enterprise use, often faster than governance models were designed to support. As adoption accelerates, organizations …

access
Raspberry Pi OS 6.2 disables passwordless sudo by default

Raspberry Pi OS 6.2, based on the Trixie version, introduces small changes, bug fixes, and disables passwordless sudo by default for new installations. Screenshot of password …

NGINX
What changed in nginx 1.30.0 and what it means for your upstream config

nginx 1.30.0 brings together features accumulated across the 1.29.x mainline series. The release covers a broad range of changes, from protocol support additions to …

OpenAI
OpenAI expands its cyber defense program with GPT-5.4-Cyber for vetted researchers

Defending critical software has long depended on the ability to find and fix vulnerabilities faster than attackers can exploit them. OpenAI is expanding a program designed to …

CISO
The exploit gap is closing, and your patch cycle wasn’t built for this

The Cloud Security Alliance has published a briefing on what it calls a turning point in the threat landscape: the time between a vulnerability being discovered and a working …

Nuno Rodrigues Carvalho
Coordinated vulnerability disclosure is now an EU obligation, but cultural change takes time

In this Help Net Security interview, Nuno Rodrigues Carvalho, Head of Sector for Incident and Vulnerability Services at ENISA, discusses the recent CVE funding scare and what …

Legitify
Legitify: Open-source scanner for security misconfigurations on GitHub and GitLab

Misconfigured source code management platforms remain a common entry point in software supply chain attacks, and organizations often lack visibility into which settings put …

Product showcase: Stop secrets from leaking through AI coding tools with GitGuardian

AI coding assistants are quickly becoming part of everyday development. Tools like Cursor, Claude Code, and GitHub Copilot can now do more than suggest code. They can read …

Data
Network segmentation projects fail in predictable patterns

Most enterprise networks have segmentation on the roadmap. Many have had it there for years. A survey of 400 U.S.-based network security practitioners who lived through failed …

Microsoft Office
Microsoft ends desktop detour for sensitivity labels in Office web apps

Microsoft is rolling out an update to Office for the web that removes a long-standing limitation around document protection, adding new control to browser-based apps. …

OpenSSL
OpenSSL 4.0.0 release cuts deprecated protocols and gains post-quantum support

OpenSSL 4.0.0 removes several long-deprecated features, adds support for Encrypted Client Hello, and introduces API-level changes that will require code updates for …

Anthropic
Testing reveals Claude Mythos’s offensive capabilities and limits

Could Claude Mythos Preview, Anthropic’s latest large language model, be leveraged for fully automated cyber attacks? The UK government’s AI Security Institute …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools