News

OpenAI’s gpt-oss-safeguard enables developers to build safer AI

cybersecurity, Don't miss, News, OpenAI, software development /

OpenAI’s gpt-oss-safeguard enables developers to build safer AI 2025-10-29 at 19:07 By Sinisa Markovic OpenAI is releasing a research preview of gpt-oss-safeguard, a set of open-weight reasoning models for safety classification. The models come in two sizes: gpt-oss-safeguard-120b and gpt-oss-safeguard-20b. Both are fine-tuned versions of the gpt-oss open models and available under the Apache 2.0 […]

React to this headline:

Loading spinner

OpenAI’s gpt-oss-safeguard enables developers to build safer AI Read More »

Sanctions won’t stop cyberattacks, but they can still “bite”

China, Don't miss, EU, government-backed attacks, Hot stuff, News, North Korea, RUSI, Russian Federation, Sanctions, tips, UK, USA /

Sanctions won’t stop cyberattacks, but they can still “bite” 2025-10-29 at 16:58 By Zeljka Zorz Sanctions are one of the tools Western governments use when they want to hit back at state-sponsored cyber threat actors. But do they actually work? That’s the question a group of current and former cybersecurity officials, analysts, and researchers tackled

React to this headline:

Loading spinner

Sanctions won’t stop cyberattacks, but they can still “bite” Read More »

Python Foundation rejects US government grant earmarked for security improvements

Don't miss, funding, Government, Hot stuff, News, open source, Python, Python Software Foundation, security review /

Python Foundation rejects US government grant earmarked for security improvements 2025-10-29 at 14:23 By Zeljka Zorz The Python Software Foundation (PSF) has rejected a $1.5 million government grant due to restrictive conditions that would force the foundation to betray its mission and its community, the programming non-profit announced on Monday. “In January 2025, the PSF

React to this headline:

Loading spinner

Python Foundation rejects US government grant earmarked for security improvements Read More »

AI agents can leak company data through simple web searches

agentic AI, Artificial Intelligence, cybersecurity, Data leak, Don't miss, enterprise, Features, Hot stuff, Lasso Security, News, prompt injection, research, threats /

AI agents can leak company data through simple web searches 2025-10-29 at 10:24 By Mirko Zorz When a company deploys an AI agent that can search the web and access internal documents, most teams assume the agent is simply working as intended. New research shows how that same setup can be used to quietly pull

React to this headline:

Loading spinner

AI agents can leak company data through simple web searches Read More »

Early reporting helps credit unions stop fraudulent transfers faster

Artificial Intelligence, cybersecurity, Don't miss, Features, financial industry, fraud, Hot stuff, identity protection, News, VyStar /

Early reporting helps credit unions stop fraudulent transfers faster 2025-10-29 at 08:48 By Mirko Zorz In this Help Net Security interview, Carl Scaffidi, CISO at VyStar Credit Union, discusses how credit unions are adapting to an evolving fraud landscape and strengthening payment security. As cybercriminals leverage social engineering and AI-driven tactics, Scaffidi explains how innovation

React to this headline:

Loading spinner

Early reporting helps credit unions stop fraudulent transfers faster Read More »

Scammers target international students by threatening their visa status

cybercrime, cybersecurity, Don't miss, News, Purdue University, research, scams, threats, USA /

Scammers target international students by threatening their visa status 2025-10-29 at 08:29 By Sinisa Markovic In 2025, the U.S. government revoked thousands of visas from international students, often without warning or explanation. According to a newly released study, this opened a door for scammers. Posing as government officials, police, or university staff, they took advantage

React to this headline:

Loading spinner

Scammers target international students by threatening their visa status Read More »

Proximity: Open-source MCP security scanner

Don't miss, GitHub, News, open source, penetration testing, red team, scanner, scanning, software, threat hunting /

Proximity: Open-source MCP security scanner 2025-10-29 at 08:29 By Mirko Zorz Proximity is a new open-source tool that scans Model Context Protocol (MCP) servers. It identifies the prompts, tools, and resources that a server makes available, and it can evaluate how those elements might introduce security risks. The tool also work with NOVA, a rule

React to this headline:

Loading spinner

Proximity: Open-source MCP security scanner Read More »

Product showcase: Syteca – The human-centric insider threat management platform

Don't miss, Hot stuff, Insider Threat, News, Product showcase, Syteca /

Product showcase: Syteca – The human-centric insider threat management platform 2025-10-29 at 08:00 By Help Net Security Most organizations think the greatest danger lurks outside their walls. But statistics keep proving otherwise. According to Verizon’s 2025 Data Breach Investigation Report, 60% of breaches involve the human element. The real risk often comes from within –

React to this headline:

Loading spinner

Product showcase: Syteca – The human-centric insider threat management platform Read More »

PoC code drops for remotely exploitable BIND 9 DNS flaw (CVE-2025-40778)

BIND, BSI, DNS, Don't miss, Hot stuff, News, PoC, vulnerability /

PoC code drops for remotely exploitable BIND 9 DNS flaw (CVE-2025-40778) 2025-10-28 at 19:27 By Zeljka Zorz A high-severity vulnerability (CVE-2025-40778) affecting BIND 9 DNS resolvers could be leveraged by remote, unauthenticated attackers to manipulate DNS entries via cache poisoning, allowing them to redirect Internet traffic to potentially malicious sites, distribute malware, or intercept network

React to this headline:

Loading spinner

PoC code drops for remotely exploitable BIND 9 DNS flaw (CVE-2025-40778) Read More »

Italian-made spyware Dante linked to Chrome zero-day exploitation campaign

0-day, APT, Chrome, Don't miss, exploit, Hacking Team, Hot stuff, Kaspersky, Memento Labs, News, spyware, Windows /

Italian-made spyware Dante linked to Chrome zero-day exploitation campaign 2025-10-28 at 16:28 By Zeljka Zorz CVE-2025-2783, a Chrome zero-day vulnerability that was detected being exploited in March 2025 and was subsequently fixed by Google, was used by unknown attackers to deliver LeetAgent, suspected commercial spyware. An analysis of the malware’s code and the campaign’s infrastructure

React to this headline:

Loading spinner

Italian-made spyware Dante linked to Chrome zero-day exploitation campaign Read More »

Managing legacy medical devices that can no longer be patched

Artificial Intelligence, Compliance, cyber resilience, cybersecurity, Don't miss, Features, healthcare, Hot stuff, medical devices, News, QuidelOrtho, risk, security controls /

Managing legacy medical devices that can no longer be patched 2025-10-28 at 10:22 By Mirko Zorz In this Help Net Security interview, Patty Ryan, Senior Director and CISO at QuidelOrtho, discusses how the long lifecycles of medical devices impact cybersecurity in healthcare environments. She explains how organizations can protect legacy systems, collaborate with vendors, and

React to this headline:

Loading spinner

Managing legacy medical devices that can no longer be patched Read More »

Review: The Wireless Cookbook

Bluetooth, books, Don't miss, networking, News, Raspberry Pi, Review, Reviews, wireless /

Review: The Wireless Cookbook 2025-10-28 at 10:22 By Mirko Zorz The Wireless Cookbook is a project-centered guide to working with Wi-Fi, Bluetooth, and LoRa, written with the Raspberry Pi as the main platform. It is aimed at people who learn through building, experimenting, and breaking things to understand how they work. For security professionals, this

React to this headline:

Loading spinner

Review: The Wireless Cookbook Read More »

Chain of security weaknesses found in smart air compressor model

cyber risk, cybersecurity, Don't miss, hardware, IIoT, News /

Chain of security weaknesses found in smart air compressor model 2025-10-28 at 10:22 By Sinisa Markovic Contractors and workshops often rely on air compressors to power their tools and keep projects running. But when those compressors are connected to the internet, convenience can introduce new risks. Researchers at George Mason University found that the California

React to this headline:

Loading spinner

Chain of security weaknesses found in smart air compressor model Read More »

Cybersecurity jobs available right now: October 28, 2025

cybersecurity jobs, News /

Cybersecurity jobs available right now: October 28, 2025 2025-10-28 at 07:12 By Anamarija Pogorelec Analyst, Cybersecurity Threat Intelligence Brookfield Renewable | Canada | On-site – View job details As a Cybersecurity Threat Intelligence Analyst, you will run monthly vulnerability scans across IT and OT environments, track remediation progress, and report results. You will collect and

React to this headline:

Loading spinner

Cybersecurity jobs available right now: October 28, 2025 Read More »

eBook: A quarter century of Active Directory

Don't miss, Enzoic, Hot stuff, News, Whitepapers and webinars /

eBook: A quarter century of Active Directory 2025-10-27 at 16:57 By Help Net Security Active Directory (AD) remains the backbone of enterprise identity and a prime target for attackers. Explore its 25-year history, evolving risks, and how organizations can modernize password security. This eBook shows why AD defenses must evolve and how to stop credential-based

React to this headline:

Loading spinner

eBook: A quarter century of Active Directory Read More »

Ransomware, extortion groups adapt as payment rates reach historic lows

Coveware, data theft, Don't miss, extortion, Hot stuff, Insider Threat, News, Ransomware, remote access, social engineering, trends /

Ransomware, extortion groups adapt as payment rates reach historic lows 2025-10-27 at 15:12 By Zeljka Zorz Ransomware groups are facing an economic downturn of their own: In Q3 2025, only 23 percent of victims paid a ransom, and for data theft incidents that involved no encryption, the payment rate dropped to just 19 percent, according

React to this headline:

Loading spinner

Ransomware, extortion groups adapt as payment rates reach historic lows Read More »

72 states sign first global UN Convention against Cybercrime

cybercrime, Government, law enforcement, News, United Nations /

72 states sign first global UN Convention against Cybercrime 2025-10-27 at 14:32 By Anamarija Pogorelec The world’s first global convention to prevent and respond to cybercrime opened for signature today in Hanoi, Vietnam, and will remain open at United Nations Headquarters in New York until 31 December 2026. Adopted by the UN General Assembly in

React to this headline:

Loading spinner

72 states sign first global UN Convention against Cybercrime Read More »

Can your earbuds recognize you? Researchers are working on it

Arduino, authentication, biometrics, cybersecurity, Don't miss, Features, hardware, Hot stuff, News, research, wearable tech, wireless /

Can your earbuds recognize you? Researchers are working on it 2025-10-27 at 09:05 By Mirko Zorz Biometric authentication has moved from fingerprints to voices to facial scans, but a team of researchers believes the next step could be inside the ear. New research explores how the ear canal’s unique acoustic properties can be used to

React to this headline:

Loading spinner

Can your earbuds recognize you? Researchers are working on it Read More »

Dependency-Track: Open-source component analysis platform

cybersecurity, data analysis, Don't miss, GitHub, News, open source, software /

Dependency-Track: Open-source component analysis platform 2025-10-27 at 08:46 By Sinisa Markovic Software is a patchwork of third-party components, and keeping tabs on what’s running under the hood has become a challenge. The open-source platform Dependency-Track tackles that problem head-on. Rather than treating software composition as a one-time scan, it continuously monitors every version of every

React to this headline:

Loading spinner

Dependency-Track: Open-source component analysis platform Read More »

DDoS, data theft, and malware are storming the gaming industry

Check Point, cybersecurity, Don't miss, EQS Group, Netscout, News, online gaming, threats /

DDoS, data theft, and malware are storming the gaming industry 2025-10-27 at 08:46 By Sinisa Markovic When the pandemic kept people at home in 2020, millions turned to games for an escape. The surge turned every console, PC, and phone into part of a vast online network. More players meant more logins, payments, and personal

React to this headline:

Loading spinner

DDoS, data theft, and malware are storming the gaming industry Read More »

Scroll to Top