NVIDIA research shows how agentic AI fails under attack
Enterprises are rushing to deploy agentic systems that plan, use tools, and make decisions with less human guidance than earlier AI models. This new class…
Category: HelpnetSecurity
The Bastion: Open-source access control for complex infrastructure
Operational teams know that access sprawl grows fast. Servers, virtual machines and network gear all need hands-on work and each new system adds more identities…
Invisible IT is becoming the next workplace priority
IT leaders want their employees to work without running into digital hurdles, but many still struggle with fragmented systems that slow teams down. A new…
CISOs are spending big and still losing ground
Security leaders are entering another budget cycle with more money to work with, but many still feel no safer. A new benchmark study from Wiz…
Week in review: React, Node.js flaw patched, ransomware intrusion exposes espionage foothold
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Creative cybersecurity strategies for resource-constrained institutionsIn this Help Net Security…
Building the missing layers for an internet of agents
Cybersecurity teams are starting to think about how large language model agents might interact at scale. A new paper from Cisco Research argues that the…
Data brokers are exposing medical professionals, and turning their personal lives into open files
Large amounts of personal information about medical professionals are available on people search sites. A new analysis by Incogni’s researchers shows how much data about…
New infosec products of the week: December 5, 2025
Here’s a look at the most interesting products from the past week, featuring releases from BlackFog, Datadog, Forward Edge-AI, SandboxAQ, and Upwind. BlackFog releases ADX…
Malicious Rust packages targeted Web3 developers
A malicious Rust crate (package) named evm-units, aimed at stealing cryptocurrency from unsuspecting developers, has been pulled from the official public package registry for the…
Darktrace / Email strengthens behavioral detection, DLP, and SOC integrations
Darktrace announced a series of enhancements to Darktrace / EMAIL designed to detect and stop attacks spanning communications channels, strengthen outbound email protections, and streamline…
Max-severity vulnerability in React, Node.js patched, update ASAP (CVE-2025-55182)
A critical vulnerability (CVE-2025-55182) in React Server Components (RSC) may allow unauthenticated attackers to achieve remote code exection on the application server, the React development…
A day in the life of the internet tells a bigger story
On any given day, the internet carries countless signals that hint at how networks behave behind the scenes. Researchers from RIPE NCC and several universities…