Collaborate Disseminate
In this Help Net Security interview, Aqsa Taylor, Chief Security Evangelist, Exaforce, explains vibe hunting, an AI-driven approach to threat detection that inverts traditional hypothesis-driven methods. Instead of analysts defining attack vectors upfr… Continue reading What vibe hunting gets right about AI threat hunting, and where it breaks down
Lead generation websites that offer health insurance quotes collect sensitive personal data and sell it to multiple buyers within seconds of a user clicking submit. A study by researchers at UC Davis, Stanford University, and Maastricht University mapp… Continue reading Health insurance lead sites sell personal data within seconds of form submission
In this Help Net Security video, Itamar Apelblat, CEO of Token Security, walks through findings from the company’s research, which shows that 65% of agentic chatbots have never been used yet still hold live access credentials. He explains why org… Continue reading AI agent intent is a starting point, not a security strategy
AI agents are executing consequential tasks autonomously, often across multiple systems and with little record of what they did or why. Asqav, a Python SDK released under the MIT license, addresses that gap by attaching a cryptographic signature to eac… Continue reading Asqav: Open-source SDK for AI agent governance
Chaos, Go-based malware first documented by Lumen’s Black Lotus Labs, has historically targeted routers and edge devices. A new variant observed in March 2026 shows the malware operating against misconfigured Linux cloud servers, a category of in… Continue reading Chaos malware expands from routers to Linux cloud servers
In this Help Net Security interview, Kumar Ravi is the Chief Security & Resilience Officer at TMF Group, argues that over-privileged access and weak workflow controls pose more danger than ransomware attacks, precisely because they accumulate quie… Continue reading What managing partners should ask AI vendors before signing any contract
Wireless network operators are preparing for a generation of infrastructure where AI is built into the architecture from the start. Sixth-generation networks, expected to reach commercial development over the coming decade, are being designed with AI a… Continue reading 6G network design puts AI at the center of spectrum, routing, and fault management
Cloudflare announced it is targeting 2029 to complete post-quantum security across its entire product suite, including post-quantum authentication. The company is following a revised roadmap that Google also adopted after announcing that it had improve… Continue reading Cloudflare moves up its post-quantum deadline as researchers narrow the path to Q-Day
In this Help Net Security interview, Alec Summers, MITRE CVE/CWE Project Lead, discusses how CWE is moving from a background reference into active use in vulnerability disclosure. More CVE records now include CWE mappings from CNAs, which tends to prod… Continue reading The case for fixing CWE weakness patterns instead of patching one bug at a time
In this Help Net Security interview, John O’Rourke, CISO at PPG, talks about what it means for security to drive business value. He explains how mature security programs reduce friction in sales cycles and M&A processes, and how trust is bui… Continue reading Trust, friction, and ROI: A CISO’s take on making security work for the business