The year ahead in cyber: What’s next for cybersecurity in 2026 2025-11-17 at 07:31 By Help Net Security In this Help Net Security video, Dick O’Brien, Principal Intelligence Analyst at Symantec, outlines the major cyber risks expected in 2026. He explains that attackers are often breaching networks by targeting people instead of exploiting software flaws. […]
The year ahead in cyber: What’s next for cybersecurity in 2026 Read More »
The next tech divide is written in AI diffusion 2025-11-17 at 07:05 By Anamarija Pogorelec AI is spreading faster than any major technology in history, according to a Microsoft report. More than 1.2 billion people have used an AI tool within three years of the first mainstream releases. The growth is fast, but it puts
The next tech divide is written in AI diffusion Read More »
Week in review: Windows kernel flaw patched, suspected Fortinet FortiWeb zero-day exploited 2025-11-16 at 11:10 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Adopting a counterintelligence mindset in luxury logistics In this Help Net Security interview, Andrea Succi, Group CISO at Ferrari Group, discusses
Chinese cyber spies used Claude AI to automate 90% of their attack campaign, Anthropic claims 2025-11-14 at 17:03 By Zeljka Zorz Anthropic threat researchers believe that they’ve uncovered and disrupted the first documented case of a cyberattack executed with the help of its agentic AI and minimal human intervention. “The threat actor manipulated [Anthropic’s large
Art and Science: Cyber and Physical Security Convergence Deficiencies in the Louvre Heist 2025-11-14 at 15:06 By William Evers and Anthony Abell Cyber meets physical security: Weak passwords and outdated systems may have opened the door to the thieves. A warning for all industries: The Louvre incident shows why converging cybersecurity and physical security is
A suspected Fortinet FortiWeb zero-day is actively exploited, researchers warn 2025-11-14 at 14:10 By Zeljka Zorz A suspected (but currently unidentified) zero-day vulnerability in Fortinet FortiWeb is being exploited by unauthenticated attackers to create new admin accounts on vulnerable, internet-facing devices. Whether intentionally or accidentally, the vulnerability (or this specific path for triggering it) has
A suspected Fortinet FortiWeb zero-day is actively exploited, researchers warn Read More »
Why your security strategy is failing before it even starts 2025-11-14 at 09:25 By Mirko Zorz In this Help Net Security interview, Adnan Ahmed, CISO at Ornua, discusses how organizations can build a cybersecurity strategy that aligns with business goals. He explains why many companies stumble by focusing on technology before understanding risk and shares
Why your security strategy is failing before it even starts Read More »
Los Alamos researchers warn AI may upend national security 2025-11-14 at 09:25 By Sinisa Markovic For decades, the United States has built its defense posture around predictable timelines for technological progress. That assumption no longer holds, according to researchers at Los Alamos National Laboratory. Their paper argues that AI is advancing so quickly that the
Los Alamos researchers warn AI may upend national security Read More »
Protecting mobile privacy in real time with predictive adversarial defense 2025-11-14 at 09:25 By Sinisa Markovic Mobile sensors are everywhere, quietly recording how users move, tilt, or hold their phones. The same data that powers step counters and activity trackers can also expose personal details such as gender, age, or even identity. A new study
Protecting mobile privacy in real time with predictive adversarial defense Read More »
What happens when employees take control of AI 2025-11-14 at 07:42 By Anamarija Pogorelec Executives may debate AI strategy, but many of the advances are happening at the employee level. A recent Moveworks study shows that AI adoption is being led from the ground up, with employees, not senior leaders, driving the change. The research
What happens when employees take control of AI Read More »
New infosec products of the week: November 14, 2025 2025-11-14 at 07:42 By Anamarija Pogorelec Here’s a look at the most interesting products from the past week, featuring releases from Action1, Avast, Cyware, Firewalla, and Nokod Security. Action1 addresses Intune gaps with patching and risk-based vulnerability prioritization Action1 announced new integrations that extend Microsoft Intune
New infosec products of the week: November 14, 2025 Read More »
Fake spam filter alerts are hitting inboxes 2025-11-13 at 19:02 By Zeljka Zorz A new phishing campaign is attempting to trick users into believing they’ve missed important emails, security researchers are warning. The emails The bogus email alerts look like they are coming from the recipient’s email domain, and falsely claim that due to a
Fake spam filter alerts are hitting inboxes Read More »
“Patched” but still exposed: US federal agencies must remediate Cisco flaws (again) 2025-11-13 at 17:14 By Zeljka Zorz CISA has ordered US federal agencies to fully address two actively exploited vulnerabilities (CVE-2025-20333, CVE-2025-20362) in Cisco Adaptive Security Appliances (ASA) and Firepower firewalls. “In CISA’s analysis of agency-reported data, CISA has identified devices marked as ‘patched’
“Patched” but still exposed: US federal agencies must remediate Cisco flaws (again) Read More »
Rhadamanthys infostealer operation disrupted by law enforcement 2025-11-13 at 14:05 By Zeljka Zorz The rumors were true: Operation Endgame, a joint effort between law enforcement and judicial authorities of several European countries, Australia, Canada, the UK and the US, has disrupted the infrastructure supporting the operation of the Rhadamanthys infostealer. “Between 10 and 14 November
Rhadamanthys infostealer operation disrupted by law enforcement Read More »
Healthcare security is broken because its systems can’t talk to each other 2025-11-13 at 09:39 By Mirko Zorz In this Help Net Security interview, Cameron Kracke, CISO at Prime Therapeutics, discusses how the healthcare ecosystem can achieve cohesive security visibility. With hospitals, clinics, telehealth, and cloud partners all in the mix, maintaining visibility remains a
Healthcare security is broken because its systems can’t talk to each other Read More »
Wanna bet? Scammers are playing the odds better than you are 2025-11-13 at 08:52 By Sinisa Markovic Placing a bet has never been this easy, and that’s the problem. The convenience of online gambling is the same thing scammers are cashing in on. Whether it’s a fake app, a “can’t-miss” tipster, or a rigged casino,
Wanna bet? Scammers are playing the odds better than you are Read More »
Sprout: Open-source bootloader built for speed and security 2025-11-13 at 08:26 By Sinisa Markovic Sprout is an open-source bootloader that delivers sub-second boot times and uses a clean, data-driven configuration format that works across operating systems. “We built Sprout because we were frustrated by how fragile and slow traditional bootloaders are,” said Alex Zenla, CTO
Sprout: Open-source bootloader built for speed and security Read More »
Automation can’t fix broken security basics 2025-11-13 at 07:39 By Anamarija Pogorelec Most enterprises continue to fall short on basic practices such as patching, access control, and vendor oversight, according to Swimlane’s Cracks in the Foundation: Why Basic Security Still Fails report. Leadership often focuses on broad resilience goals while the day-to-day work that supports
Automation can’t fix broken security basics Read More »
The browser is eating your security stack 2025-11-13 at 07:39 By Anamarija Pogorelec Employees log into SaaS platforms, upload files, use AI tools, and manage customer data from a single tab. While the browser has become the enterprise’s main workspace, it remains largely outside the reach of security controls. According to the 2025 Browser Security
The browser is eating your security stack Read More »
Google adds Emerging Threats Center to speed detection and response 2025-11-12 at 19:02 By Sinisa Markovic When a new vulnerability hits the news, security teams often scramble to find out if they are at risk. The process of answering that question can take days or weeks, involving manual research, rule-writing, and testing. Google Security Operations
Google adds Emerging Threats Center to speed detection and response Read More »