Features

Malware ships with bugs that defenders could use against it

Malware ships with bugs that defenders could use against it 2026-06-09 at 08:46 By Anamarija Pogorelec Static analysis tools have spent years scanning legitimate software for security bugs before it goes out the door. The same scanners work on malware, and malware carries a steady supply of its own bugs. Researchers ran four of these […]

Malware ships with bugs that defenders could use against it Read More »

Treating AI agents like service accounts for federated query security

Treating AI agents like service accounts for federated query security 2026-06-09 at 08:46 By Mirko Zorz In this interview with Help Net Security, Paras Malhotra, CISO at Starburst, explains how the company handles data governance across federated query environments. Topics include layering Starburst’s access controls above native source permissions, tiering vendor risk across more than

Treating AI agents like service accounts for federated query security Read More »

Spotless compliance evidence can still hide a broken control

Spotless compliance evidence can still hide a broken control 2026-06-04 at 09:26 By Mirko Zorz In this interview with Help Net Security, Marc Rubbinaccio, Head of Cybersecurity and Compliance at Secureframe, explains where security teams go wrong when preparing for CMMC and FedRAMP 20x. The conversation covers how organizations check the 110 requirements but miss

Spotless compliance evidence can still hide a broken control Read More »

Only 11% of production agents pass the AI agent security bar

Only 11% of production agents pass the AI agent security bar 2026-06-03 at 14:00 By Mirko Zorz Enterprise teams are running AI agents that write code, drive browsers, answer customer calls, manage cloud infrastructure, and query data warehouses with standing credentials. A new independent assessment of 100 production agents finds that nearly all of them

Only 11% of production agents pass the AI agent security bar Read More »

Zero trust physical security needs trust decisions at the edge

Zero trust physical security needs trust decisions at the edge 2026-06-02 at 09:09 By Mirko Zorz In this interview with Help Net Security, Chuck Davis, VP, Global Information Security at Hikvision, explains how zero trust applies to physical security systems like cameras and door controllers. He breaks down how to make trust decisions at the

Zero trust physical security needs trust decisions at the edge Read More »

Data discovery gaps that catch enterprises off guard

Data discovery gaps that catch enterprises off guard 2026-06-01 at 11:46 By Mirko Zorz In this interview with Help Net Security, Avani Desai, CEO at Schellman, talks about the gap between what organizations think they know about their data and what discovery scans turn up. She shares stories of shadow data in abandoned cloud storage,

Data discovery gaps that catch enterprises off guard Read More »

EU organizations buckle under rising compliance pressure

EU organizations buckle under rising compliance pressure 2026-06-01 at 08:19 By Sinisa Markovic Cybersecurity governance in the EU is shifting under expanding frameworks such as NIS2 and DORA, while AI raises new questions for security teams. What the future brings is hard to predict, and organizations must find a way to cope. Antonija Vojnović, Governance,

EU organizations buckle under rising compliance pressure Read More »

The CISO selling confidence in a market full of breach headlines

The CISO selling confidence in a market full of breach headlines 2026-05-28 at 10:16 By Mirko Zorz Engineering teams across enterprise IT are writing their own software with AI coding assistants, spinning up agents that act on their behalf, and assigning those agents the same access privileges their human creators hold. The shift has pulled

The CISO selling confidence in a market full of breach headlines Read More »

Coinflow CISO on crypto payments security under AI pressure

Coinflow CISO on crypto payments security under AI pressure 2026-05-27 at 09:24 By Mirko Zorz Crypto payment firms sit near the top of the target list for advanced persistent threat groups, and the workload on their security leaders keeps growing. Malcolm Portelli, CISO at Coinflow, runs the company’s security program from Malta. Coinflow is headquartered

Coinflow CISO on crypto payments security under AI pressure Read More »

What happens when security teams inherit identity

What happens when security teams inherit identity 2026-05-26 at 13:38 By Sinisa Markovic At the Span Cyber Security Arena conference, I sat down with Eric Woodruff, Chief Identity Architect at Semperis, to talk about how organizations perceive identity and the challenges those perceptions create for security. He shared his perspective on where organizations struggle with

What happens when security teams inherit identity Read More »

Crypto lobby spending on Republicans far outpaces Democratic support

Crypto lobby spending on Republicans far outpaces Democratic support 2026-05-25 at 16:59 By Cointelegraph by Aaron Wood The crypto lobby has spent tens of millions of dollars more on Republican candidates and elections than on Democratic lawmakers. This article is an excerpt from Cointelegraph.com News View Original Source

Crypto lobby spending on Republicans far outpaces Democratic support Read More »

Why AI changed the threat model for travel technology

Why AI changed the threat model for travel technology 2026-05-21 at 09:16 By Mirko Zorz In this Help Net Security interview, Devon Bryan, SVP, Global CSO at Booking Holdings, reflects on his path from Air Force network security engineer to global CSO across financial services, hospitality, and travel technology. He discusses why the travel industry’s

Why AI changed the threat model for travel technology Read More »

AI red teaming agents change how LLMs get tested

AI red teaming agents change how LLMs get tested 2026-05-21 at 08:00 By Mirko Zorz Adversarial probing of LLMs has piled up a sprawling toolkit over the past three years. Attack techniques with names like Tree of Attacks with Pruning, Crescendo, and Skeleton Key sit alongside hundreds of prompt transforms and scoring methods across open-source

AI red teaming agents change how LLMs get tested Read More »

Communicating cyber risk in dollars boards understand

Communicating cyber risk in dollars boards understand 2026-05-20 at 09:34 By Mirko Zorz In this Help Net Security interview, Nick Nieuwenhuis, Cybersecurity Architect at Nedscaper, explains why cybersecurity has not delivered the resilience that decades of investment have promised. He argues that spending has leaned too heavily on technical controls while neglecting people, processes, and

Communicating cyber risk in dollars boards understand Read More »

Earbud sensors can authenticate users by their heartbeat, study finds

Earbud sensors can authenticate users by their heartbeat, study finds 2026-05-19 at 09:17 By Mirko Zorz Researchers built a continuous authentication system called AccLock that identifies a wearer by the tiny vibrations a heartbeat makes inside the ear canal. The signal comes from an accelerometer of the kind already sitting inside many wireless earbuds, so

Earbud sensors can authenticate users by their heartbeat, study finds Read More »

The AI backdoor your security stack is not built to see

The AI backdoor your security stack is not built to see 2026-05-18 at 09:42 By Sinisa Markovic Enterprises deploying LLMs have spent the past two years building defenses around a reasonable assumption: malicious behavior leaves a trace in the input. Scan for suspicious tokens, filter unusual characters, watch for prompt injection patterns. New research from

The AI backdoor your security stack is not built to see Read More »

The hidden smart fridge risks that emerge years after purchase

The hidden smart fridge risks that emerge years after purchase 2026-05-12 at 09:28 By Mirko Zorz Household refrigerators are built to last more than a decade. The software, cloud services, and mobile apps that control them are not. A new analysis from Erik Buchmann at Leipzig University maps what happens when those two timelines collide,

The hidden smart fridge risks that emerge years after purchase Read More »

One keypress is all it takes to compromise four AI coding tools

One keypress is all it takes to compromise four AI coding tools 2026-05-08 at 01:14 By Mirko Zorz Developers clone unfamiliar repositories all the time. Open-source projects, work from teammates, sample code from a tutorial, a library someone recommended on a forum. The convention is old and reasonable: you look at what’s inside before you

One keypress is all it takes to compromise four AI coding tools Read More »

The AI criminal mastermind is already hiring on gig platforms

The AI criminal mastermind is already hiring on gig platforms 2026-04-27 at 10:30 By Mirko Zorz Labor-hire platforms let anyone with a credit card post a task and pay a stranger to complete it. The RentAHuman platform extends that model to AI agents through a Model Context Protocol server, allowing an agent to post gigs

The AI criminal mastermind is already hiring on gig platforms Read More »

AI is speeding up nation-state cyber programs

AI is speeding up nation-state cyber programs 2026-04-24 at 08:40 By Mirko Zorz Im this Help Net Security interview, Kaja Ciglic, Senior Director, Cybersecurity Policy and Diplomacy at Microsoft, discusses how nation-state cyber programs have changed over three years. Cyber has become a core instrument of state power, integrated with military, economic, and diplomatic tools.

AI is speeding up nation-state cyber programs Read More »

Scroll to Top