Fake npm 2FA reset email led to compromise of popular code packages
Malicious versions of at least 18 widely used npm packages were uploaded to the npm Registry on Monday, following the compromise of their maintainer’s account. …
Download: Cyber defense guide for the financial sector
Data breaches cost more for financial organizations than they do for those in many other industries. In attempting to strengthen your financial organization’s …
Signal adds secure backup option for chat history
Losing a phone can mean losing years of conversations. Signal is rolling out a new secure backup feature to help users keep their messages safe without giving up privacy. The …
Nearly 500 researchers urge EU to rethink controversial CSAM scanning proposal
Nearly 500 scientists and researchers have signed an open letter warning that the latest version of the EU’s Chat Control Proposal would weaken digital security while failing …
Ongoing malvertising campaign targets European IT workers with fake GitHub Desktop installers
Researchers have spotted a malvertising (and clever malware delivery) campaign targeting IT workers in the European Union with fake GitHub Desktop installers. “We …
Connected cars are racing ahead, but security is stuck in neutral
Connected cars are already on Europe’s roads, loaded with software, sensors, and constant data connections. Drivers love the features these vehicles bring, from remote apps to …
Attackers test the limits of railway cybersecurity
Railway systems are the lifeblood of many economies, supporting everything from daily passenger transport to military and industrial operations, so the question arises: how …
Employees keep feeding AI tools secrets they can’t take back
Employees are putting sensitive data into public AI tools, and many organizations don’t have the controls to stop it. A new report from Kiteworks finds that most companies are …
Are we headed for an AI culture war?
In this Help Net Security video, Matt Fangman, Field CTO at SailPoint, discusses whether an AI culture war is inevitable. He explores the rise of AI agents as a new identity …
Cybersecurity jobs available right now: September 9, 2025
Analyst, Cybersecurity DFIR ICE | Singapore | On-site – No longer accepting applications As an Analyst, Cybersecurity DFIR, you will review and triage user-reported …
Salesloft Drift data breach: Investigation reveals how attackers got in
The attack that resulted in the Salesloft Drift data breach started with the compromise of the company’s GitHub account, Salesloft confirmed this weekend. Supply chain …
Linux Kernel Runtime Guard hits 1.0.0 with major updates and broader support
The Linux Kernel Runtime Guard (LKRG) is a kernel module that checks the Linux kernel while it’s running. It looks for signs of tampering and tries to catch attempts to …
Featured news
Resources
Don't miss
- OPNsense 26.1 brings updates to open-source firewall management
- WinRAR vulnerability still a go-to tool for hackers, Mandiant warns
- CERT UEFI Parser: Open-source tool exposes UEFI architecture to uncover vulnerabilities
- Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom
- Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858)