Help Net Security

LLMs’ tendency to “hallucinate” code packages that don’t exist could become the basis for a new type of supply chain attack dubbed “slopsquatting” (courtesy of Seth Larson, Security Developer-in-Residence at the Python Software Foundation). A known occurrence Many software developers nowadays use large language models (LLMs) to help with their programming. And, unfortunately, LLMs’ known tendency to spit out fabrications and confidently present them as facts when asked questions on various topics extends to coding. … More →

The post Package hallucination: LLMs may deliver malicious code to careless devs appeared first on Help Net Security.

As AI becomes embedded in daily business workflows, the risk of data exposure increases. Prompt leaks are not rare exceptions. They are a natural outcome of how employees use large language models. CISOs cannot treat this as a secondary concern. To reduce risk, security leaders should focus on policy, visibility, and culture. Set clear rules about what data can and cannot be entered into AI systems. Monitor usage to identify shadow AI before it becomes … More →

The post The quiet data breach hiding in AI workflows appeared first on Help Net Security.

Tirreno is an open-source fraud prevention platform designed as a universal analytics tool to monitor online platforms, web applications, SaaS products, digital communities, mobile apps, intranets, and e-commerce websites. “Our aim is to liberate online fraud protection technologies, making them widely available for organizations of any size. Tirreno is designed to be as easy to set up as typical website analytics tools. Unlike most cyberfraud prevention services, Tirreno is not solely focused on transactions or … More →

The post Tirreno: Open-source fraud prevention platform appeared first on Help Net Security.

Data breaches are rising across industries, hitting healthcare, finance, and retail especially hard. The damage goes beyond lost data, as it’s financial, operational, and reputational.

The post Sector by sector: How data breaches are wrecking bottom lines appeared first on Help Net Security.

Non-compliance can cost organizations 2.71 times more than maintaining compliance programs, according to Secureframe. That’s because non-compliance can result in business disruption, productivity losses, fines, penalties, and settlement costs, among other factors that come with a hefty price tag. Even data breaches are more expensive if an organization is non-compliant. In recent years, organizations across various sectors have faced significant fines for non-compliance with regulations such as HIPAA, GDPR, and CCPA. The high cost of … More →

The post Organizations can’t afford to be non-compliant appeared first on Help Net Security.

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) April 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 120+ vulnerabilities, including a zero-day (CVE-2025-29824) that’s under active attack. WinRAR MotW bypass flaw fixed, update ASAP (CVE-2025-31334) WinRAR users, upgrade your software as soon as possible: a vulnerability (CVE-2025-31334) that could allow attackers to bypass Windows’ Mark of the … More →

The post Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed appeared first on Help Net Security.

A threat actor that has been using known old FortiOS vulnerabilities to breach FortiGate devices for years has also been leveraging a clever trick to maintain undetected read-only access to them after the original access vector was locked down, Fortinet has revealed on Thursday. “[Read-only access] was achieved via creating a symbolic link connecting the user filesystem and the root filesystem in a folder used to serve language files for the SSL-VPN,” Fortinet CISO Carl … More →

The post Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices appeared first on Help Net Security.

Today, in the age of quantum threats, AI and sophisticated digital manipulations, the question is: where does the human factor end, and where does technology begin? This reality, primarily in the context of cybersecurity, will be discussed at the Span Cyber Security Arena conference, which will be held in Opatija, May 19-21. After last year’s conference gathered more than 500 visitors in Zagreb in just one day, this year’s three-day edition brings more than 30 … More →

The post Span Cyber Security Arena 2025: Infosec leaders to discuss the future of digital defense appeared first on Help Net Security.

KELA unveiled Digital Cyber Analysts, next-generation AI-powered digital employees designed to transform how security teams consume, prioritize, and act on threat intelligence. These always-on, interactive agents enhance the speed and efficiency of both enterprise security teams, government and law enforcement organizations and security service providers delivering reliable, context-rich insights in seconds that dramatically reduce analyst workload. While the industry faces an increasing cybersecurity talent shortage, combined with the proliferation of threat actors leveraging dark AI … More →

The post KELA Digital Cyber Analysts improves security teams’ efficiency appeared first on Help Net Security.

In this Help Net Security interview, Norah Beers, CISO at Grayscale, discusses key security challenges in managing crypto assets, adversary tactics, private key management, and securing both hot and cold wallets. From a threat modeling perspective, what unique adversary tactics do you see in the crypto space that don’t often appear in traditional finance? The adversaries themselves aren’t fundamentally different between traditional finance and the crypto industry, but certain of the tactics they employ are … More →

The post Why security culture is crypto’s strongest asset appeared first on Help Net Security.

Ransomware attacks increased by nearly 20% in 2024, and the severity rose by 13%, according to At-Bay. The blast radius of ransomware continues to grow as businesses impacted by attacks on vendors and partners increased 43%, while the average cost of these third-party incidents jumped by 72%. “Remote access tools like VPNs and RDP continue to attract a high level of attention from cybercriminals. In 2024, they were correlated with 80% of ransomware attacks, up … More →

The post Ransomware groups push negotiations to new levels of uncertainty appeared first on Help Net Security.

Remote work is seen as more than a temporary solution, it’s a long-term strategy for many organizations. Remote work cybersecurity challenges Unsecured networks: Workers often operate from home or public Wi-Fi networks that don’t have the security features of corporate environments. Bring Your Own Device (BYOD): Personal devices are frequently used for work, but these devices may not have the same security protections as company-issued ones. They often lack up-to-date software, antivirus protection, and can … More →

The post Why remote work is a security minefield (and what you can do about it) appeared first on Help Net Security.

2024 brought about countless new cybersecurity challenges including significant growth of the mobile threat landscape, according to Lookout. Threat actors, ranging from nation-states to individuals, are increasingly targeting mobile devices for the onset of their attacks to steal credentials and infiltrate the enterprise cloud in a pathway known as the modern kill chain. More than ever, organizations of every size across every industry must view mobile targeting as a canary in the coal mine – … More →

The post iOS devices face twice the phishing attacks of Android appeared first on Help Net Security.

Here’s a look at the most interesting products from the past week, featuring releases from Forescout, Index Engines, Jit, RunSafe Security, and Seal Security. Jit launches AI agents to ease AppSec workload Jit has launched its new AI agents to offload specific and tedious tasks from AppSec teams such as creating risk assessments, threat models, and compliance reports; while making it easy to take action on mitigating security risk. As a result, AppSec teams can … More →

The post New infosec products of the week: April 11, 2025 appeared first on Help Net Security.

CyberArk announced the CyberArk Secure AI Agents Solution, which will allow organizations to implement identity-first security for agentic AI using the CyberArk Identity Security Platform. The solution will help organizations mitigate new and unique identity-centric risks as AI agents autonomously communicate with other agents, access sensitive information, escalate privileges, interact with critical infrastructure, and modify their behaviors to accomplish complex tasks. According to Gartner, “By 2028, 25% of enterprise breaches will be traced back to … More →

The post CyberArk releases identity security solution for AI agents appeared first on Help Net Security.

US President Donald Trump has signed an Executive Order on Wednesday to revoke security clearance held by Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency (CISA), and his colleagues at SentinelOne. “The Order also suspends any active security clearance held by individuals at entities associated with Krebs, including SentinelOne, pending a review of whether such clearances are consistent with the national interest,” the White House announced. The EO also effectively orders … More →

The post Trump orders revocation of security clearances for Chris Krebs, SentinelOne appeared first on Help Net Security.

Fortinet has released patches for flaws affecting many of its products, among them a critical vulnerability (CVE-2024-48887) in its FortiSwitch appliances that could allow unauthenticated attackers to gain access to and administrative privileges on vulnerable devices. About CVE-2024-48887 Fortinet offers a range of FortiSwitch networking appliances, including access switches, distribution switches (for managing traffic), industrial/rugged switches, and core switches designed for data centers. Fortinet describes CVE-2024-48887 as an unverified password change vulnerability in the FortiSwitch … More →

The post FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887) appeared first on Help Net Security.

Seal Security launched Seal Base Images, a solution designed to future-proof containerized applications. Seal Base Images delivers secure, continuously updated, and vulnerability-free base images, effectively eliminating up to 99% of potential future vulnerabilities. Standard container base images frequently contain unpatched vulnerabilities, creating significant security risks. Slow and inconsistent patching processes, coupled with unclear SBOMs, leave applications exposed. Seal Base Images directly addresses these challenges by providing hardened, reliably maintained base images with fast, consistent vulnerability … More →

The post Seal Base Images mitigates container vulnerabilities appeared first on Help Net Security.

Keysight Technologies announces the Next-Generation Embedded Security Testbench, a consolidated and scalable test solution designed to address the increasing complex security testing demands of modern chips and embedded devices. This new solution offers enhanced flexibility, reduces test setup complexities, and improves the reliability and repeatability of critical security evaluations. The proliferation of connected devices and the escalating sophistication of security threats create significant challenges for developers and security labs. Traditional security testing often involves cumbersome … More →

The post Keysight simplifies security testing for modern chips and embedded devices appeared first on Help Net Security.

One of the most pressing concerns with AI adoption is data leakage. Consider this: An employee logs into their favorite AI chatbot, pastes sensitive corporate data, and asks for a summary. Just like that, confidential information is ingested into a third-party model beyond your control. Even with data loss prevention (DLP) policies, AI data leaks are challenging to prevent. If the AI system is cloud-based and employees can access it externally, companies may never know … More →

The post How to find out if your AI vendor is a security risk appeared first on Help Net Security.