Why shorter SSL/TLS certificate lifespans matter

Digital certificates are the unsung heroes of the internet, silently verifying that the websites, apps, and services you use are legit and your data is safe. For years, we’ve... Read more »

Cybercriminal groups embrace corporate structures to scale, sustain operations

In this Help Net Security interview, Sandy Kronenberg, CEO of Netarx, discusses how cybercriminal groups are adopting corporate structures and employee incentives to scale operations, retain talent, and evade... Read more »

94% of firms say pentesting is essential, but few are doing it right

Organizations are fixing less than half of all exploitable vulnerabilities, with just 21% of GenAI app flaws being resolved, according to Cobalt. Big firms take longer to fix pentest... Read more »

Chief Legal Officers step up in cybersecurity oversight

In this Help Net Security video, Jennifer Chen, Executive Director of the Association of Corporate Counsel (ACC) Foundation, discusses how globally, Chief Legal Officers (CLOs) are becoming integral leaders... Read more »

Cybersecurity jobs available right now: April 15, 2025

CISO Department of Justice | Australia | On-site – View job details As a CISO, you will be responsible for developing and implementing a cyber security strategy as well... Read more »

New malware ‘ResolverRAT’ targets healthcare, pharmaceutical firms

New malware ‘ResolverRAT’ is targeting healthcare and pharmaceutical firms, using advanced capabilities to steal sensitive data. Morphisec researchers discovered a new malware dubbed ‘ResolverRAT’ that is targeting healthcare and... Read more »

Malicious NPM packages target PayPal users

Threat actors deploy malicious NPM packages to steal PayPal credentials and hijack cryptocurrency transfers. Fortinet researchers discovered multiple malicious NPM packages that are used to target PayPal users. The packages were... Read more »

How to Use LastPass Password Manager

Learn how to set up and use LastPass password manager. Start managing and storing your passwords with this step-by-step guide. Read more »

Package hallucination: LLMs may deliver malicious code to careless devs

LLMs’ tendency to “hallucinate” code packages that don’t exist could become the basis for a new type of supply chain attack dubbed “slopsquatting” (courtesy of Seth Larson, Security Developer-in-Residence... Read more »

Tycoon2FA phishing kit rolled out significant updates

The operators of the Phishing-as-a-Service (PhaaS) platform Tycoon2FA have rolled out significant updates to enhance its evasion capabilities. Tycoon2FA, a phishing kit discovered in 2023 by cybersecurity firm Sekoia,... Read more »
Subscribe to our Newsletter