No one knows how many old shims can still bypass UEFI Secure Boot

The vast majority of UEFI computers carry a Microsoft certificate that will trust a small first-stage loader called a shim, a program Microsoft signs so that Linux and assorted boot tools can run with Secure Boot on. Eleven of those signed shims turned… Continue reading No one knows how many old shims can still bypass UEFI Secure Boot

The best defense against AI attacks turns out to be a skeptical human

Analysts across the security industry now run generative AI through their daily work, from log triage to incident write-ups. Active use in cybersecurity strategy reached 78% of practitioners in 2026, up from half the field a year earlier. The 2026 SANS… Continue reading The best defense against AI attacks turns out to be a skeptical human

Fake OAuth client IDs are helping attackers slip past sign-in logs

Attackers running account enumeration against Microsoft cloud tenants have added a step that keeps their probing out of the usual telemetry. They spoof the OAuth client ID, the globally unique identifier assigned to an application and passed as client_… Continue reading Fake OAuth client IDs are helping attackers slip past sign-in logs

Cynative: Open-source deep research agent

Running a large language model against a live cloud account to hunt for security holes comes with an obvious hazard. An agent that holds real credentials and a mandate to poke around can delete a bucket, flip a permission, or leak a secret on its way t… Continue reading Cynative: Open-source deep research agent

Orbia CISO Miranda Ritchie on building security into sustainable infrastructure

In this interview with Help Net Security, industrial cybersecurity, CISO at Orbia, talks about protecting industrial systems where software runs water, chemical and manufacturing processes. She explains why a cyber incident in these settings can harm p… Continue reading Orbia CISO Miranda Ritchie on building security into sustainable infrastructure

OpenAI and Anthropic are pulling in different directions

Companies are handing routine operational decisions to AI agents that plan, remember, and act on their behalf. These agents run on statistical models, and their behavior can drift across weeks and months. That drift opens a security gap outside the rea… Continue reading OpenAI and Anthropic are pulling in different directions

Researchers make the case for a cybersecurity AI scientist

Autonomous AI agents have started doing real security work. Language-model agents probe software for flaws, run penetration tests, and chain together attack steps that once needed a human operator. Research about security has stayed slower and more man… Continue reading Researchers make the case for a cybersecurity AI scientist

Securing the inbox: Where identity, brand and security meet

Getting a verified logo to appear next to your email has traditionally meant having to work with two separate entities. You have to work with a DMARC partner for setting up DMARC and BIMI, then use a trusted Certificate Authority (CA) to purchase a Mar… Continue reading Securing the inbox: Where identity, brand and security meet

The endpoint recovery gap many teams discover during an incident

In this interview with Help Net Security, IGEL CTO Matthias Haas explains why backups alone do not equal recovery. He makes the case that endpoint recovery is often overlooked, leaving organizations exposed when thousands of devices go down at once. Ha… Continue reading The endpoint recovery gap many teams discover during an incident