Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
malicious package
TeamPCP strikes again: Backdoored Telnyx PyPI package delivers malware

TeamPCP continues is supply chain compromise rampage, with telnyx on PyPI being the latest maliciously modified package. What happened? Telnyx is a widely used software …

CISA
CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation

The US Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2026-33017, a recently …

sport
Ajax data breach exposed season tickets, supporter bans open to tampering

AFC Ajax, the Dutch football club from Amsterdam, disclosed that an unknown hacker gained access to parts of its IT systems and obtained the email addresses of a few hundred …

leaked secrets
AI frenzy feeds credential chaos, secrets leak through code, tools, and infrastructure

Code keeps moving through pipelines, and credentials continue to surface alongside it. GitGuardian’s State of Secrets Sprawl 2026 puts the count at 28.65 million new hardcoded …

OpenAI
Make OpenAI’s models misbehave and earn a reward

OpenAI’s public Safety Bug Bounty program focuses on AI abuse and safety risks across its products. The goal is to support safe and secure systems and reduce the risk of …

RSAC 2026 solutions
Top product launches at RSAC 2026

RSAC 2026 showcased a wave of innovation, with vendors unveiling technologies poised to redefine cybersecurity. From AI-powered defense to breakthroughs in identity …

Tails
Tails 7.6 ships automatic Tor bridge retrieval and a new password manager

Tails 7.6 is out, and for users operating on networks that block Tor, the most consequential addition is built-in bridge retrieval. The Tor Connection assistant can now detect …

cybercrime
Second RedLine infostealer operator ends up in US custody

Hambardzum Minasyan, an Armenian man extradited to the United States, is accused of conspiring with others to develop and operate the RedLine infostealer malware used to steal …

Linux malware
Researchers release tool to detect stealthy BPFDoor implants in critical infrastructure networks

Telecommunications providers around the world have been dealing with the burrowing efforts of the China-linked APTs for many years now. To help them identify hard-to-detect …

GitHub
GitHub jumps on the bandwagon and will use your data to train AI

GitHub updated how it uses data to improve AI-powered coding assistance. Starting April 24, interaction data from Copilot Free, Pro, and Pro+ users may be used to train and …

US Department of Justice
Mission to smuggle $170 million worth of AI tech to China collapsed for three men

Three individuals, Stanley Yi Zheng, Matthew Kelly, and Tommy Shad English, have been charged with conspiracy to commit smuggling and export control violations after allegedly …

reddit
Reddit declares war on bad bot activity

Reddit is introducing changes to support interactions between people. The company is taking a bottom-up approach to help users understand when they are engaging with another …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools