Heisenberg: Open-source software supply chain health check tool
Heisenberg is an open-source tool that checks the health of a software supply chain. It analyzes dependencies using data from deps.dev, Software Bills of Materials (SBOMs), …
Securing real-time payments without slowing them down
In this Help Net Security interview, Arun Singh, CISO at Tyro, discusses what it takes to secure real-time payments without slowing them down. He explains how analytics, …
Employees keep finding new ways around company access controls
AI, SaaS, and personal devices are changing how people get work done, but the tools that protect company systems have not kept up, according to 1Password. Tools like SSO, MDM, …
Europe’s phone networks are drowning in fake calls
Caller ID spoofing has become one of Europe’s most persistent enablers of cyber fraud. A new position paper from Europol warns that manipulated phone identities now drive much …
Week in review: WSUS vulnerability exploited to drop Skuld infostealer, PoC for BIND 9 DNS flaw published
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Can your earbuds recognize you? Researchers are working on it Biometric …
Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491)
A Windows vulnerability (CVE-2025-9491, aka ZDI-CAN-25373) that state-sponsored threat actors and cybercrime groups have been quietly leveraging since at least 2017 continues …
CISA and partners take action as Microsoft Exchange security risks mount
In partnership with international cybersecurity agencies, the US Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) outlined …
Shadow AI: New ideas emerge to tackle an old problem in new form
Shadow AI is the second-most prevalent form of shadow IT in corporate environments, 1Password’s latest annual report has revealed. Based on a survey of over 5,000 …
AI chatbots are sliding toward a privacy crisis
AI chat tools are taking over offices, but at what cost to privacy? People often feel anonymous in chat interfaces and may share personal data without realizing the risks. …
You can’t audit how AI thinks, but you can audit what it does
In this Help Net Security interview, Wade Bicknell, Head, IT Security & Operations, CFA Institute, discusses how CISOs can use AI while maintaining security and …
Passwordless adoption moves from hype to habit
With the average person juggling more than 300 credentials and credential abuse still the top attack vector, the password’s decline is long overdue. Across every major sector, …
The secret to audit success? Think like your auditor
In this Help Net Security video, Doug Kersten, CISO at Appfire, shares practical, experience-driven advice on how CISOs can avoid the most common mistakes when preparing for …
Featured news
Resources
Don't miss
- Browser-in-the-Browser phishing is on the rise: Here’s how to spot it
- Enterprise security faces a three-front war: cybercrime, AI misuse, and supply chains
- Rakuten Viber CISO/CTO on balancing encryption, abuse prevention, and platform resilience
- Turning cyber metrics into decisions leaders can act on
- Teaching cybersecurity by letting students break things