Anubis: Open-source web AI firewall to protect from scraper bots
Anubis is an open-source tool designed to protect websites from automated scraping and abusive traffic by adding computational friction before a request is served. Maintained…
Category: HelpnetSecurity
NIST issues guidance on securing smart speakers
Smart home devices, such as voice-activated digital assistants, are increasingly used in home health care, with risks involved. An attacker could change a prescription, steal…
Week in review: Exploited zero-day in Cisco email security appliances, Kali Linux 2025.4 released
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How researchers are teaching AI agents to ask for permission…
Identity risk is changing faster than most security teams expect
Security leaders are starting to see a shift in digital identity risk. Fraud activity is becoming coordinated, automated, and self-improving. Synthetic personas, credential replay, and…
AI isn’t one system, and your threat model shouldn’t be either
In this Help Net Security interview, Naor Penso, CISO at Cerebras Systems, explains how to threat model modern AI stacks without treating them as a…
LLMs work better together in smart contract audits
Smart contract bugs continue to drain real money from blockchain systems, even after years of tooling and research. A new academic study suggests that large…
Product showcase: NAKIVO v11.1 advances MSP service delivery with secure multi-tenant management
NAKIVO Backup & Replication v11.1 brings a host of benefits to MSPs and their clients. It eliminates the need for client-side port configuration, enhances security…
New infosec products of the week: December 19, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Apiiro, Astra Security, Push Security, Trellix, and XM Cyber. Apiiro…
Crypto theft in 2025: North Korean hackers continue to dominate
When they strike cryptocurrency-related targets, North Korean hacking groups are increasingly aiming for large services where a single breach can move serious money, a new…
Apiiro unveils AI SAST built on deep code analysis to eliminate false positives
Apiiro introduced Apiiro AI SAST, a new approach to static application security testing (SAST) that automates code risk detection, validation and fixes with the precision…
Microsoft 365 users targeted in device code phishing attacks
Attackers are targeting Microsoft 365 users with device code authorization phishing, a technique that fools users into approving access tokens, Proofpoint warns. The method abuses…
More than half of public vulnerabilities bypass leading WAFs
Miggo Security has released a new report that examines how web application firewalls are used across real-world security programs. The research outlines the role WAFs…