Six new dnsmasq vulnerabilities open the door to DNS cache poisoning, local root
Recent disclosures have revealed that open-source networking tool dnsmasq is grappling with a serious set of vulnerabilities. The problems span memory safety...
Help Net Security
20 articles
Škoda confirms unauthorized access to its online shop
Car manufacturer Škoda discovered that attackers had exploited a vulnerability in its online shop software and gained temporary unauthorized access to the sy...
OpenAI’s Daybreak uses Codex Security to identify risky attack paths
OpenAI Daybreak is the company’s cybersecurity initiative focused on building AI-assisted software defense into the development process from the start. It co...
HEIDI: Free IDE security plugin for open-source vulnerability checks
Open-source dependencies make up a large percentage of the code in production applications, and most vulnerability checks still run late in the pipeline, ins...
The hidden smart fridge risks that emerge years after purchase
Household refrigerators are built to last more than a decade. The software, cloud services, and mobile apps that control them are not.
Cybersecurity jobs available right now: May 12, 2026
Application Security Engineer Total Quality Logistics | USA | On-site – View job details As an Application Security Engineer, you will design, implement, and...
iOS 26.5 is out, bringing encrypted RCS messaging to iPhone and Android users
Apple is bringing long-awaited end-to-end encryption to Rich Communication Services (RCS) messaging between iPhone and Android users in iOS 26.5.
Zimperium Mobile App Response Agent helps security teams counter mobile attacks
Zimperium launched Mobile App Response Agent, enabling security teams to respond faster than ever before to fraud and security threats.
Red Hat extends open source technology into space
Red Hat and Voyager Technologies announced the successful deployment of Red Hat Enterprise Linux 10.1 and Red Hat Universal Base Image (UBI) to Voyager’s LEO...
Poor security left hackers inside water company network for nearly two years
The UK’s data protection regulator, the Information Commissioner’s Office (ICO), fined South Staffordshire Water’s parent company £963,900 over security fail...
Google researchers uncover criminal zero-day exploit likely built with AI
Google’s threat intelligence researchers have linked a zero-day exploit to AI-assisted development by a criminal group. The exploit targeted a popular open-s...
Alation AI Governance creates a system of record for AI oversight
Alation has introduced Alation AI Governance, a new offering that gives enterprises the system of record they are missing for AI compliance. Enterprises are ...
Linux developers weigh emergency “killswitch” for vulnerable kernel functions
Linux kernel developers are reviewing a proposal for an emergency risk mitigation mechanism (“Killswitch”) that would allow administrators to disable vulnera...
SailPoint Agentic Fabric expands identity governance to autonomous AI agents
SailPoint has introduced SailPoint Agentic Fabric, a new platform designed to help enterprises secure AI agents and other non-human identities at scale. As o...
Police take down relaunched criminal marketplace with 22,000 users, €3.6 million in revenue
German authorities shut down a relaunched version of the criminal marketplace Crimenetwork and arrested its suspected operator. The domain seizure notice (So...
Instagram messaging encryption removed, and privacy advocates are pushing back
After introducing optional end-to-end encrypted messaging in 2023, Instagram announced in March 2026 that encryption for direct messages would be discontinue...
The questionnaire-based TPRM model is broken, and TrustCloud has a fix
TrustCloud announced a new version of TrustLens, its third party risk management (TPRM) solution. The new TrustLens agentic AI capabilities focus on deliveri...
The scam economy has found its AI upgrade
Scam attempts continue to reach consumers via email, text messages, social media, online advertising, and phone calls. The volume of exposure has remained st...
Rustinel: Open-source endpoint detection for Windows and Linux
Open-source endpoint detection has long been split between Windows-focused tools built around Sysmon and Linux tools built around eBPF or auditd. Defenders r...
Review: Foundations of Cybersecurity, 2nd edition
Jason Andress has refreshed his introductory security text for No Starch Press. He writes in the introduction that the term security now extends past data ce...