You can’t audit how AI thinks, but you can audit what it does

In this Help Net Security interview, Wade Bicknell, Head, IT Security & Operations, CFA Institute, discusses how CISOs can use AI while maintaining security and governance. He explains why... Read more »

Passwordless adoption moves from hype to habit

With the average person juggling more than 300 credentials and credential abuse still the top attack vector, the password’s decline is long overdue. Across every major sector, organizations are... Read more »

The secret to audit success? Think like your auditor

In this Help Net Security video, Doug Kersten, CISO at Appfire, shares practical, experience-driven advice on how CISOs can avoid the most common mistakes when preparing for an audit.... Read more »

Infosec products of the month: October 2025

Here’s a look at the most interesting products from the past month, featuring releases from: Acronis, Akeyless, Axoflow, Blumira, Cayosoft, Confluent, Corelight, Elastic, Illumio, Legit Security, Netscout, NowSecure, Nozomi... Read more »

U.S. CISA adds XWiki Platform, and Broadcom VMware Aria Operations and VMware Tools flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds XWiki Platform, and Broadcom VMware Aria Operations and VMware Tools flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and... Read more »

Brush exploit can cause any Chromium browser to collapse in 15-60 seconds

“Brash” flaw in Chromium’s Blink engine lets attackers crash browsers instantly via a single malicious URL, researcher Jose Pino revealed. Security researcher Jose Pino found a severe vulnerability, named... Read more »

WhatsApp now lets you secure chat backups with passkeys

Messaging service WhatsApp is launching passkey-encrypted chat backups for iOS and Android, allowing users to encrypt their stored message history using their face, fingerprint, or device screen-lock code. Backups... Read more »

Upwind unveils AI-powered Exposure Validation Engine to redefine dynamic CSPM

Upwind has launched its Exposure Validation Engine, a capability that introduces dynamic, real-time validation into the Cloud Security Posture Management (CSPM) layer. This innovation enables security, engineering, and compliance... Read more »

Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287)

Attackers have been spotted exploiting the recently patched WSUS vulnerability (CVE-2025-59287) to deploy infostealer malware on unpatched Windows servers. An out-of-band update Last week’s release of an emergency fix... Read more »

Ex-Defense contractor exec pleads guilty to selling cyber exploits to Russia

Former US defense contractor exec Peter Williams pled guilty to stealing trade secrets and selling cyber exploits to a Russian broker, per the US DOJ. Ex-US defense contractor Peter... Read more »
Subscribe to our Newsletter