Zscaler, Palo Alto Networks, SpyCloud among the affected by Salesloft breach
In the wake of last week’s revelation of a breach at Salesloft by a group tracked by Google as UNC6395, several companies – including Zscaler,…
Category: HelpnetSecurity
Can AI agents catch what your SOC misses?
A new research project called NetMoniAI shows how AI agents might reshape network monitoring and security. Developed by a team at Texas Tech University, the…
Complexity and AI put identity protection to the test
Identity has become a core pillar of cybersecurity strategy. Remote work, cloud-first adoption, and distributed supply chains have moved identity from “a tactical IT consideration…
GenAI is fueling smarter fraud, but broken teamwork is the real problem
More than 80 percent of large U.S. companies were targeted by socially engineered fraud in the past year, according to Trustmi’s 2025 Socially Engineered Fraud…
AIDEFEND: Free AI defense framework
AIDEFEND (Artificial Intelligence Defense Framework) is an open knowledge base dedicated to AI security, providing defensive countermeasures and best practices to help security pros safeguard…
KillChainGraph: Researchers test machine learning framework for mapping attacker behavior
A team of researchers from Frondeur Labs, DistributedApps.ai, and OWASP has developed a new machine learning framework designed to help defenders anticipate attacker behavior across…
Boards are being told to rethink their role in cybersecurity
Boards of directors are being told that cybersecurity is now central to business resilience and growth, and that they must engage more directly in the…
Cybersecurity signals: Connecting controls and incident outcomes
There is constant pressure on security leaders to decide which controls deserve the most attention and budget. A new study offers evidence on which measures…
Week in review: 300k+ Plex Media Server instances still vulnerable to attack, exploited Git RCE flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 300k+ Plex Media Server instances still vulnerable to attack via…
Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms
A recently uncovered phishing campaign – carefully designed to bypass security defenses and avoid detection by its intended victims – is targeting firms in industrial…
New framework aims to outsmart malware evasion tricks
Attackers have learned how to trick machine learning malware detectors with small but clever code changes, and researchers say they may finally have an answer.…
Finding connection and resilience as a CISO
With sensitive information to protect and reputational risk always in the background, it isn’t easy for security leaders to have open conversations about what’s working…