GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise
GitHub CISO Alexis Wales has named the malicious VS Code extension behind the breach they suffered at the hands of the threat group TeamPCP: Nx Console, a po...
Help Net Security
20 articles
Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)
Attackers are exploiting two Microsoft Defender vulnerabilities (CVE-2026-41091 and CVE-2026-45498), Microsoft acknowledged and CISA confirmed by adding them...
Virtru centers file collaboration around data-level protection
Virtru unveiled Virtru Collaborate, a new offering that eliminates that tradeoff, a FedRAMP authorized space where sensitive files are encrypted and protecte...
ASAPP expands adversarial testing for enterprise AI systems
ASAPP has launches Continuous Red Teaming, a new capability that integrates adversarial AI testing directly into ASAPP’s model evaluation framework. The new ...
Tenable Hexa AI automates remediation across attack surfaces
Tenable has announced the general availability of Tenable Hexa AI, the agentic AI engine of the Tenable One Exposure Management Platform. Tenable Hexa AI is ...
Riverbed introduces new Aternity tools for autonomous IT operations
Riverbed has announced new capabilities for Aternity designed to support autonomous IT operations for digital experience management. The updates help digital...
Forward launches Predict to test network changes before deployment
Forward has unveiled Forward Predict, a new capability that allows organizations to evaluate the impact of network changes before deployment. By testing prop...
CTERA brings AI insights and automation for unstructured data
CTERA has announced the launch of CTERA InsightAI, an agentic AI intelligence layer for the CTERA Intelligent Data Platform. The new capability is designed t...
Terra adds continuous network exploitation validation to its platform
Terra Security has announced the public preview of continuous exploitation validation for network infrastructure, now available to all customers through the ...
Why AI changed the threat model for travel technology
In this Help Net Security interview, Devon Bryan, SVP, Global CSO at Booking Holdings, reflects on his path from Air Force network security engineer to globa...
Most dark web activity revolves around a handful of topics
Dark web activity often becomes visible during marketplace seizures, major data leaks, or sudden spikes in criminal activity. Those events can create an impr...
AI red teaming agents change how LLMs get tested
Adversarial probing of LLMs has piled up a sprawling toolkit over the past three years. Attack techniques with names like Tree of Attacks with Pruning, Cresc...
Product showcase: Bitdefender Mobile Security for iOS protects privacy where scams begin
Bitdefender Mobile Security for iOS is a security and privacy application for iPhone and iPad that helps protect against phishing attempts, online scams, uns...
Cyber threats push SMBs to spend more on security
Cybersecurity has become a key priority for small and medium-sized businesses due to growing threats and wider AI adoption. An IDC survey of 2,200 SMBs in ei...
Webworm APT targets European government organizations with new backdoors
ESET has released an analysis of the 2025 activity of Webworm, a China-aligned APT group tracked as Space Pirates and UAT-8302. Active since at least 2022, t...
Verizon DBIR: Vulnerability exploitation is the dominant initial access vector
Vulnerability exploitation has overtaken stolen credentials as the most common way attackers gain initial access to target networks, according to the 2026 Ve...
NanoCo lands $12 million seed funding, launches enterprise assistant built on NanoClaw
NanoCo announced a $12 million seed round, alongside the commercial launch of a professional assistant built on its open-source agent framework NanoClaw. Val...
FBI: $388 million lost in crypto ATM scams in 2026
Americans lost more than $388 million to crypto kiosk scams in 2025, with the FBI warning that criminals are increasingly directing victims to transfer funds...
ArmorCode gives security teams AI workers for exposure and remediation
ArmorCode has announced Anya Agents, a new agentic AI framework delivered on the patented ArmorCode Agentic AI Platform that enables organizations to operati...
Novata uses AI to map risk across portfolios and supply chains
Novata has announced the launch of Risk Atlas, a new AI-powered risk monitoring tool designed to help organizations identify, compare, and prioritize risks a...