Third-party partners or ticking time bombs?
In this Help Net Security video, Ngaire Elizabeth Guzzetti, Technical Director Supply Chain at CyXcel, discusses why a third of U.S. organizations don’t trust …
From fake CAPTCHAs to RATs: Inside 2025’s cyber deception threat trends
Cybercriminals are getting better at lying. That’s the takeaway from a new LevelBlue report, which outlines how attackers are using social engineering and legitimate tools to …
Fraud controls don’t guarantee consumer trust
Over a third of companies say they are using AI, including generative AI, to fight fraud, according to Experian. As fraud threats become more complex, companies are …
New infosec products of the week: August 8, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Black Kite, Descope, Elastic, ExtraHop, LastPass, and Riverbed. Elastic AI SOC …
What GPT‑5 means for IT teams, devs, and the future of AI at work
OpenAI has released GPT‑5, the newest version of its large language model. It’s now available to developers and ChatGPT users, and it brings some real changes to how AI can be …
Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786)
“In an Exchange hybrid deployment, an attacker who first gains administrative access to an on-premises Exchange server could potentially escalate privileges within the …
SonicWall: Attackers did not exploit zero-day vulnerability to compromise Gen 7 firewalls
Akira ransomware affiliates are not leveraging an unknown, zero-day vulnerability in SonicWall Gen 7 firewalls to breach corporate networks, the security vendor shared today. …
Top solutions to watch after Black Hat USA 2025
Black Hat USA 2025 was packed with innovation, with companies showing off tools built to get ahead of what’s coming next. From smarter offensive security to new ways of …
Photos: Black Hat USA 2025
Here’s a look inside Black Hat USA 2025. The featured vendors are: Stellar Cyber, Vonahi Security, Gurucul, Check Point, HackerOne, EasyDMARC, Elastic, Google, Tines, …
Beyond PQC: Building adaptive security programs for the unknown
In this Help Net Security interview, Jordan Avnaim, CISO at Entrust, discusses how to communicate the quantum computing threat to executive teams using a risk-based approach. …
Cybercriminals are getting personal, and it’s working
Cybercriminals are deploying unidentifiable phishing kits (58% of phishing sites) to propagate malicious campaigns at scale, indicating a trend towards custom-made or …
AI can write your code, but nearly half of it may be insecure
While GenAI excels at producing functional code, it introduces security vulnerabilities in 45 percent of cases, according to Veracode’s 2025 GenAI Code Security Report, which …
Featured news
Resources
Don't miss
- Oracle issues emergency fix for pre-auth RCE in Identity Manager (CVE-2026-21992)
- Your AI agents are moving sensitive data. Do you know where?
- Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps
- NIST updates its DNS security guidance for the first time in over a decade
- Cisco FMC flaw was exploited by Interlock weeks before patch (CVE-2026-20131)