Collaborate Disseminate
In this Help Net Security interview, Sandra McLeod, CISO at Zoom, reflects on her first year in the role. She talks about moving from reactive firefighting to business strategy, and what she heard from engineers, the board, and customers during her ear… Continue reading A year in, Zoom’s CISO reflects on balancing security and business
Enterprises running customer service bots, data analytics agents, and other AI-driven applications in production handle sensitive records and connect to core business systems every day. LangWatch has released Scenario, an open-source framework that run… Continue reading Scenario: Open-source framework for automated AI app red-teaming
The 2026 InsurSec Report from At-Bay, covering more than 100,000 policy years of claims data, documents a 7% year-over-year rise in overall claim frequency and an all-time high average severity of $221,000. Ransomware severity reached $508,000, up 16% … Continue reading Ransomware, fraud, and lawsuits drive cyber insurance claims to new peaks
Racks of phones and 4G modems, connected to carrier networks and rented out as commercial mobile proxy services, are operating across at least 94 locations in 17 countries. An investigation by infrastructure intelligence firm Infrawatch traced a large … Continue reading A single platform powers SIM farm proxy networks across 17 countries
NFC-based payment fraud is expanding geographically and operationally. A campaign active since November 2025 is targeting Android users in Brazil using a new variant of the NGate malware family, this time embedded in a trojanized version of HandyPay, a… Continue reading NGate NFC malware targets Android users through trojanized payment app
Boost Security has released SmokedMeat, an open-source framework that runs attack chains against CI/CD infrastructure so engineering and security teams can see what an attacker would do in their specific environment. What the tool does SmokedMeat takes… Continue reading SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines
Roughly 40% of employees worldwide said they experienced a lot of stress during the previous day, according to Gallup’s State of the Global Workplace 2026 report, a figure that has remained above pre-pandemic levels for several years. Daily anger… Continue reading Workplace stress in 2026 is still worse than before the pandemic
Proofpoint researchers executed a malicious payload from a threat actor known to target trucking and logistics companies in late February 2026, doing so inside a decoy environment. The environment stayed compromised for more than 30 days, long enough f… Continue reading Cargo theft malware actor spent a month inside a decoy network before researchers pulled the plug
A U.S. Supreme Court ruling issued in March has settled a question that has circulated among platform operators and developers for years: whether a service provider can be held liable for copyright infringement committed by its users without evidence o… Continue reading GitHub lays out copyright liability changes and upcoming DMCA review for developers
Today, the European standards body ETSI sent a formal position paper to the European Commission, calling for changes to the proposed Cybersecurity Act 2 (CSA2), the EU’s planned revision to its existing cybersecurity certification framework. The … Continue reading EU cybersecurity standards are at risk if supplier ban passes