AI voice hijacking: How well can you trust your ears?
How sure are you that you can recognize an AI-cloned voice? If you think you’re completely certain, you might be wrong. Why it’s a growing threat With only three seconds …
Cybersecurity jobs available right now: May 20, 2025
Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. CISO Vault Cloud | Australia | Hybrid – No …
CTM360 maps out real-time phishing infrastructure targeting corporate banking worldwide
A phishing operation that targets corporate banking accounts across the globe has been analyzed in a new report by CTM360. The campaign uses fake Google ads, advanced …
Malicious RVTools installer found on official site, researcher warns
The official site for RVTools has apparently been hacked to serve a compromised installer for the popular utility, a security researcher has warned. It’s difficult to …
AI hallucinations and their risk to cybersecurity operations
AI systems can sometimes produce outputs that are incorrect or misleading, a phenomenon known as hallucinations. These errors can range from minor inaccuracies to …
Why EU encryption policy needs technical and civil society input
In this Help Net Security interview, Bart Preneel, Full Professor at University of Leuven, unpacks the European Commission’s encryption agenda, urging a balanced, technically …
Hanko: Open-source authentication and user management
Hanko is an open-source, API-first authentication solution purpose-built for the passwordless era. “We focus on helping developers and organizations modernize their …
Inside MITRE ATT&CK v17: Smarter defenses, sharper threat intel
In this Help Net Security video, Adam Pennington, MITRE ATT&CK Lead, breaks down what’s new in the ATT&CK v17 release. He highlights the addition of the ESXi …
Week in review: Microsoft patches 5 actively exploited 0-days, recently fixed Chrome vulnerability exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Patch Tuesday: Microsoft fixes 5 actively exploited zero-days On May 2025 …
CISA: Recently fixed Chrome vulnerability exploited in the wild (CVE-2025-4664)
A high-severity Chrome vulnerability (CVE-2025-4664) that Google has fixed on Wednesday is being leveraged by attackers, CISA has confirmed by adding the flaw to its Known …
Deepfake attacks could cost you more than money
In this Help Net Security interview, Camellia Chan, CEO at X-PHY, discusses the dangers of deepfakes in real-world incidents, including their use in financial fraud and …
Polymorphic phishing attacks flood inboxes
AI is transforming the phishing threat landscape at a pace many security teams are struggling to match, according to Cofense. In 2024, researchers tracked one malicious email …
Featured news
Resources
Don't miss
- Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257)
- FAPI 2.0: How the OpenID Foundation is enabling scalable interoperability in global healthcare
- pqcscan: Open-source post-quantum cryptography scanner
- Bitdefender PHASR: Proactive hardening demo overview
- Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812)