Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
dark web
Gemini picks up criminal activity buried in dark web noise

To help teams make faster and more accurate decisions on emerging threats, Google has introduced a dark web intelligence capability in Google Threat Intelligence. Powered by …

supply chain
LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks

A slew of supply chain attacks against popular open source tools and packages appears to have been orchestrated by TeamPCP, a cybercriminal group that rose to prominence in …

Microsoft Entra ID
Microsoft hands Entra ID users new option for MFA

Organizations rely on MFA to enforce identity checks before granting access to systems and services. Microsoft has made external MFA generally available in Microsoft Entra ID, …

Anthropic
Anthropic trims action approval loop, lets Claude Code make the call

Auto mode is a new permissions feature in the Claude Code system that allows the AI to make approval decisions on a user’s behalf while safeguards review actions before …

Google
Google’s TurboQuant cuts AI memory use without losing accuracy

Large language models carry a persistent scaling problem. As context windows grow, the memory required to store key-value (KV) caches expands proportionally, consuming GPU …

AI
Training an AI agent to attack LLM applications like a real adversary

Most enterprise software development teams now ship AI-powered applications faster than traditional penetration testing can keep up with. A security team with 500 applications …

breach
You don’t have to choose between BAS or automated pentesting, you shouldn’t

There’s a debate making the rounds in security circles that sounds reasonable on the surface but falls apart under operational scrutiny: Which is better, breach and attack …

phishing simulations
Why your phishing simulations aren’t building a security culture

Security culture isn’t built by phishing simulations. In this Help Net Security video, Dan Potter, VP of Cyber Resilience at Immersive, argues that annual training …

downtime
Your security stack looks fine from the dashboard and that’s the problem

One in five enterprise endpoints is operating outside a protected and enforceable state on any given day, according to device telemetry collected across tens of millions of …

Kali Linux 2026.1
Kali Linux 2026.1 ships BackTrack mode, eight new tools, and a kernel upgrade to 6.18

Penetration testers running Kali Linux have a new release to work with. Version 2026.1 delivers the annual theme refresh, a new BackTrack-inspired mode in kali-undercover, …

USA
Uncle Sam closes the door on all new foreign-made routers

The US Federal Communications Commission (FCC) has imposed a ban on all new routers manufactured overseas being imported into and sold within the United States.

AI
The AI safety conversation is focused on the wrong layer

Organizations have spent years accumulating fragmented identity systems: too many roles, too many credentials, too many disconnected tools. For a workforce of humans, that …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools