Help Net Security

OpenAI expands its cyber defense program with GPT-5.4-Cyber for vetted researchers

April 15, 2026 add comment
Defending critical software has long depended on the ability to find and fix vulnerabilities faster than attackers can exploit them. OpenAI is expanding a program designed to give professional... Read more »

The exploit gap is closing, and your patch cycle wasn’t built for this

April 15, 2026 add comment
The Cloud Security Alliance has published a briefing on what it calls a turning point in the threat landscape: the time between a vulnerability being discovered and a working... Read more »

Coordinated vulnerability disclosure is now an EU obligation, but cultural change takes time

April 15, 2026 add comment
In this Help Net Security interview, Nuno Rodrigues Carvalho, Head of Sector for Incident and Vulnerability Services at ENISA, discusses the recent CVE funding scare and what it exposed... Read more »

Legitify: Open-source scanner for security misconfigurations on GitHub and GitLab

April 15, 2026 add comment
Misconfigured source code management platforms remain a common entry point in software supply chain attacks, and organizations often lack visibility into which settings put them at risk. Legitify, an... Read more »

Product showcase: Stop secrets from leaking through AI coding tools with GitGuardian

April 15, 2026 add comment
AI coding assistants are quickly becoming part of everyday development. Tools like Cursor, Claude Code, and GitHub Copilot can now do more than suggest code. They can read files,... Read more »

Network segmentation projects fail in predictable patterns

April 15, 2026 add comment
Most enterprise networks have segmentation on the roadmap. Many have had it there for years. A survey of 400 U.S.-based network security practitioners who lived through failed segmentation projects... Read more »

Network segmentation projects fail in predictable patterns

April 15, 2026 add comment
Most enterprise networks have segmentation on the roadmap. Many have had it there for years. A survey of 400 U.S.-based network security practitioners who lived through failed segmentation projects... Read more »

Microsoft ends desktop detour for sensitivity labels in Office web apps

April 14, 2026 add comment
Microsoft is rolling out an update to Office for the web that removes a long-standing limitation around document protection, adding new control to browser-based apps. Specifying users in the... Read more »

OpenSSL 4.0.0 release cuts deprecated protocols and gains post-quantum support

April 14, 2026 add comment
OpenSSL 4.0.0 removes several long-deprecated features, adds support for Encrypted Client Hello, and introduces API-level changes that will require code updates for applications built against older versions. SSLv3, SSLv2... Read more »

Testing reveals Claude Mythos’s offensive capabilities and limits

April 14, 2026 add comment
Could Claude Mythos Preview, Anthropic’s latest large language model, be leveraged for fully automated cyber attacks? The UK government’s AI Security Institute (AISI) tested its capability to successfully engage... Read more »
Subscribe to our Newsletter