Malicious GitHub pages lure MacOS users into installing Atomic infostealer
MacOS users looking to download popular software such as LastPass, 1Password, After Effects, Gemini, and many others are in danger of getting saddled with the…
Category: HelpnetSecurity
Unpatched Fortra GoAnywhere instances at risk of full takeover (CVE-2025-10035)
If you’re running Fortra’s GoAnywhere managed file transfer solution and you haven’t updated to the latest available version for a while, do so now or…
OpenID Foundation sets new standards for real-time security event sharing
The OpenID Foundation (OIDF) has approved three Final Specifications, establishing the first global standards for real-time security event sharing across digital identity systems. The approved…
Cybersecurity AI (CAI): Open-source framework for AI security
Cybersecurity AI (CAI) is an open-source framework that helps security teams build and run AI-driven tools for offensive and defensive tasks. It’s designed for anyone…
How Juventus protects fans, revenue, and reputation during matchdays
In this Help Net Security interview, Mirko Rinaldini, Head of ICT at Juventus Football Club, discusses the club’s approach to cyber risk strategy. Juventus has…
Kubernetes matures as AI and GitOps reshape operations
Kubernetes has moved well past its early adoption phase. The new Komodor 2025 Enterprise Kubernetes Report shows that technical teams are shifting their focus from…
AI needs ethics to avoid real-world harm
In this Help Net Security video, Brittany Allen, Senior Trust and Safety Architect at Sift, explores how the rise of AI agents is creating new…
Week in review: Chrome 0-day fixed, npm supply chain attack, LinkedIn data used for AI
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Most enterprise AI use is invisible to security teamsMost enterprise…
ImmuniWeb offers free tool to test quantum resilience of TLS stacks
ImmuniWeb has released a free online tool that checks whether websites are protected by post-quantum cryptography (PQC). The tool analyzes SSL/TLS configurations and verifies their…
Astra API Security Platform secures undocumented and vulnerable APIs
Astra Security has launched its API Security Platform, designed to identify undocumented, zombie, and shadow APIs that threaten infrastructure and expose sensitive PII. Instead of…
Shifting supply chains and rules test CPS security strategies
Cyber-physical systems are getting harder to protect as the business landscape keeps shifting. Economic pressures, supply chain changes, and new regulations are creating more openings…
LLMs can boost cybersecurity decisions, but not for everyone
LLMs are moving fast from experimentation to daily use in cybersecurity. Teams are starting to use them to sort through threat intelligence, guide incident response,…