93% of security leaders have increased SaaS security budgets
58% of the organizations were affected by a SaaS security incident in the last 18 months, according to Valence Security’s 2024 State of SaaS Security Report. Likely, as a …
New infosec products of the week: May 3, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Appdome, Cybersixgill, Proofpoint, Secure Code Warrior, Snyk, and Synopsys. …
New SOHO router malware aims for cloud accounts, internal company resources
Cuttlefish, a new malware family that targets enterprise-grade small office/home office (SOHO) routers, is used by criminals to steal account credentials / secrets for AWS, …
Dropbox says attackers accessed customer and MFA info, API keys
File hosting service Dropbox has confirmed that attackers have breached the Dropbox Sign production environment and accessed customer personal and authentication information. …
2024 Data Breach Investigations Report: Most breaches involve a non-malicious human element
The exploitation of vulnerabilities as an initial point of entry almost tripled from the previous year, accounting for 14% of all breaches, according to Verizon’s 2024 …
Securing your organization’s supply chain: Reducing the risks of third parties
When Stephen Hawking said that “we are all now connected by the internet, like neurons in a giant brain”, very few people understood the gravity of his statement. But ten …
Understanding emerging AI and data privacy regulations
In this Help Net Security interview, Sophie Stalla-Bourdillon, Senior Privacy Counsel & Legal Engineer at Immuta, discusses the AI Act, the Data Act, and the Health Data …
reNgine: Open-source automated reconnaissance framework for web applications
reNgine is an open-source automated reconnaissance framework for web applications that focuses on a highly configurable and streamlined recon process. Developing reNgine …
Women rising in cybersecurity roles, but roadblocks remain
The ISC2 study on women in cybersecurity, a comprehensive research effort that collected responses from 2,400 women, has revealed several significant findings. These include …
AI-driven phishing attacks deceive even the most aware users
Vishing and deepfake phishing attacks are on the rise as attackers leverage GenAI to amplify social engineering tactics, according to Zscaler. AI automates and personalizes …
Why cloud vulnerabilities need CVEs
When considering vulnerability management’s purpose in a modern world, it’s imperative to recognize the huge transition to new technologies and how you manage risk …
Making cybersecurity more appealing to women, closing the skills gap
In this Help Net Security interview, Charly Davis, CCO at Sapphire, provides insights into the current challenges and barriers women face in the cybersecurity industry. Davis …
Featured news
Resources
Don't miss
- When confusion becomes a weapon: How cybercriminals exploit economic turmoil
- SWE-agent: Open-source tool uses LLMs to fix issues in GitHub repositories
- PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433)
- The legal blind spot of shadow IT
- Email authentication simplified: How PowerDMARC makes DMARC effortless