Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

News

employees
Global hiring risks: What you need to know about identity fraud and screening trends

Hiring new employees has always carried some risk, but that risk is growing in new ways, and identity fraud is becoming more common in the hiring process. HireRight’s 2025 …

wireless router
Many networking devices are still vulnerable to pixie dust attack

Despite having been discovered and reported in 2014, the vulnerability that allows pixie dust attacks still impacts consumer and SOHO networking equipment around the world, …

Microsoft 365 phishing
Microsoft disrupts the RaccoonO365 Phishing-as-a-Service operation, names alleged leader

Microsoft and Cloudflare have disrupted a Phishing-as-a-Service operation selling the RaccoonO365 kit for stealing Microsoft 365 account credentials. “Using a court …

ICS threats
How a fake ICS network can reveal real cyberattacks

Researchers have introduced a new way to study and defend against ICS threats. Their project, called ICSLure, is a honeynet built to closely mimic a real industrial …

Marco Goldberg
Creating a compliance strategy that works across borders

In this Help Net Security interview, Marco Goldberg, Managing Director at EQS Group, discusses how compliance and regulation are evolving worldwide. He talks about how …

Rayhunter
Rayhunter: EFF releases open-source tool to detect cellular spying

The Electronic Frontier Foundation (EFF) has released Rayhunter, a new open-source tool designed to detect cell site simulators (CSS). These devices, also known as IMSI …

Bot
Bots vs. humans? Why intent is the game-changer

In this Help Net Security video, Jérôme Segura, VP of Threat Research at Datadome, explains why intent, not just identifying bots, must be the new focus for cybersecurity …

Biohazard
Old file types, new tricks: Attackers turn everyday files into weapons

Attackers are finding new ways to blend in with everyday business tools, hiding their activity inside formats and processes that workers and IT teams often trust. The latest …

npm
Self-replicating worm hits 180+ npm packages in (largely) automated supply chain attack

A potentially monumental supply chain attack is underway, thanks to a self-replicating worm-like payload that has been compromising packages published on the npm Registry. The …

magnify
Ransomware attackers used incorrectly stored recovery codes to disable EDR agents

All target organizations are different, but ransomware attackers are highly adaptive and appreciate – and will exploit – any mistake you make. The latest Akira …

GitHub
GitHub adds post-quantum protection for SSH access

GitHub is adding post-quantum cryptography to secure SSH connections, a move that signals the company’s preparation for a time when current encryption may no longer be safe. …

Nir Rothenberg
Building security that protects customers, not just auditors

In this Help Net Security interview, Nir Rothenberg, CISO at Rapyd, discusses global differences in payment security maturity and the lessons that can be learned from leading …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools