We may earn a commission from links on this page.

There are a lot of excellent earbuds out there, but if you're in the Apple ecosystem, few options are better than AirPods. While Apple's earbuds offer fantastic audio quality in their own right, their real selling point is how well they work with the company's other products. If you have one device, like an iPhone, your AirPods will instantly pair with it when you pop them in your ears; if you have multiple devices, like a Mac or an iPad, your AirPods will automatically switch between them as you start different audio sources. If you have an Apple TV, you can quickly pair your AirPods with a button press on the remote and watch movies and shows without bothering anyone else in the house. For those of us in the ecosystem, AirPods are pretty great.

AirPods Pro 3

$229.00 at Amazon

$249.00 Save $20.00

$229.00 at Amazon

$249.00 Save $20.00

There is one major downside to AirPods, however, especially for Android users coming from a competitor's earbuds: settings and management. See, AirPods are ideal when you don't have to tinker with the defaults. Auto-pairing, auto-switching, Conversation Awareness: The automated settings make AirPods easy to use. But once you start thinking about changing the settings, things get a bit murky. Rather than a dedicated AirPods app to manage these defaults, Apple instead spreads out your AirPods' options throughout your device's OS. Take iOS, for instance: You can control a number of settings from the volume slider in Control Center, including noise cancellation, Conversation Awareness, and Spatial Audio. But you won't find other settings, especially any that have to do with customizing your AirPods. For that, you'll need to dive into the Settings app. When paired, your AirPods should appear towards the top of the page, but if not, you might need to jump into Bluetooth settings, then tap the (i) next to your AirPods. Here, you'll find all of the settings and features you can adjust on your AirPods, minus EQ. If you want to change that (at least for Apple Music), you'll need to find the Music app's settings page, then "EQ." In short, the whole experience is a bit of a mess.

iOS 27 may improve AirPods management

According to Bloomberg's Mark Gurman, Apple may be improving things with its upcoming iOS 27 update. Gurman says that Apple "has heard the feedback" about the lackluster experience of managing AirPods settings, and while the company isn't necessarily building a dedicated app, it is taking steps to update the AirPods settings menu.

The goal here is to make the menu "more functional, better organized, and more streamlined." Details are thin, but Gurman says the overhaul should make AirPods easier to work with, and users should be able to clearly see all the features their AirPods are capable of from this new menu. Perhaps this means a more permanent placement in the Settings app, as well as a reorganized settings menu, with clearly labeled categories and explanations for all features.

Personally, I think Apple should consider adding graphics and animations in this space. Some features are too complicated for a quick text blurb: People may need to see how things work in order to learn how to use those features themselves. One of my favorite AirPods Pro perks is Adaptive Transparency, which can lower the loudness of sounds without blocking them. Teaching users how to use this feature, and even how to adjust it to make it more or less sensitive, would be an excellent use of this settings redesign.

AirPods really need a dedicated app

While this could be a step in the right direction, AirPods are in desperate need of a dedicated app. Apple can make the new settings menu as clear and easy to follow as possible, but how many people are going to go digging through their Settings app to find these options? I think new AirPods users are much more likely to try an app on their iPhones called "AirPods," and learn about all the things their new earbuds can do for them—and how they can personalize the experience to their needs.

Plus, it's beyond time for Apple to offer some sophisticated EQ and tuning options, which would fit perfectly in an AirPods app. While the overall sound experience is great for most users, plenty of other earbuds come with these adjustments, which let users customize the sound experience to their liking. Apple's built-in EQ presets are far from adequate, since you can't actually customize each. If "Bass Booster" doesn't actually boost the bass enough for you, too bad. Apple doesn't love customers breaking out from its core design, but when it comes to AirPods, especially AirPods Pro, I think the company should relent.

Based on Bloomberg's reporting, it sounds like an AirPods app isn't coming anytime soon, so I should consider myself lucky I'm getting improved AirPods settings at all with iOS 27. But if Apple wants to seriously update the AirPods management experience, I hope they consider a dedicated app for iOS 28—or even a future version of iOS 27.

from Lifehacker https://ift.tt/9oyO2wN

Application Security Engineer

IG Group | India | Hybrid – View job details

As an Application Security Engineer, you will assess the security of web, mobile, and cloud applications through penetration testing, secure code reviews, threat modeling, and architecture reviews. Responsibilities also include integrating security into CI/CD pipelines, managing vulnerability remediation, supporting purple team activities, training developers on secure coding practices, and assisting with application security incident response.

CISO

LianLian | Austria | Hybrid – View job details

As a CISO, you will lead cybersecurity governance, regulatory compliance, and operational resilience efforts, including DORA and MiCA requirements. Responsibilities include overseeing security monitoring, incident response, resilience testing, business continuity, and digital asset security, including wallet, key, and third-party custody controls.

Get weekly updates on new cybersecurity job openings. Subscribe here!

Cyber Security Engineer

MetaComp | Singapore | On-site – View job details

As a Cyber Security Engineer, you will strengthen identity, endpoint, application, and cloud security through SSO, MFA, MDM, DevSecOps, and secrets management initiatives. Responsibilities also include improving threat detection and hunting capabilities, supporting purple team activities, building security automation, and maintaining security controls and compliance standards.

Fraud Investigations & Digital Forensics Manager

ADIB | UAE | On-site – View job details

As a Fraud Investigations & Digital Forensics Manager, you will lead and support fraud investigations and digital forensic activities, including investigating suspected fraud cases, identifying root causes, documenting findings, and recommending remediation actions. Responsibilities include conducting IT and digital forensic investigations, using data analytics to support investigations, maintaining investigation procedures, and coordinating with internal stakeholders to gather information and address control gaps.

GRC Manager

Sigma | USA | On-site – View job details

As a GRC Manager, you will lead governance, risk, and compliance programs by developing policies, oversight frameworks, and reporting processes aligned with business objectives. You will manage enterprise risk activities, including risk assessments, business continuity planning, disaster recovery, and third-party risk management.

Red Team Operator

Swift | USA | Hybrid – View job details

As a Red Team Operator, you will execute adversary simulations and penetration tests across enterprise, cloud, and hybrid environments. Responsibilities include supporting the full attack lifecycle, managing red team infrastructure, developing custom tooling, researching evasion techniques, and aligning operations with frameworks such as MITRE ATT&CK and TIBER.

Senior Cyber Security Engineer / CSET Team

Scientific Research Corporation | USA | On-site – View job details

As a Senior Cyber Security Engineer / CSET Team, you will support offensive security and red team operations by conducting adversarial emulation exercises using real-world tactics, techniques, and procedures (TTPs). Responsibilities include executing red team engagements from planning through reporting, performing security assessments, and providing security engineering guidance and risk reduction recommendations.

Senior Embedded Security Engineer

Cellebrite | Israel | Hybrid – View job details

As a Senior Embedded Security Engineer, you will develop and maintain custom Linux images and Board Support Package (BSP) components for embedded platforms used in digital forensics and law enforcement environments. Responsibilities include improving platform security, identifying and mitigating vulnerabilities, and working with research teams to address security challenges in mobile devices.

Senior Information Security Analyst

TreviPay | USA | Hybrid – View job details

As a Senior Information Security Analyst, you will monitor and investigate security alerts from tools such as SIEM, EDR, IDS/IPS, and CSPM platforms, validate incidents, and support or lead response activities including containment, remediation, and recovery. Responsibilities include developing detection logic and response playbooks, maintaining security tools and platforms, and working with IT and engineering teams to strengthen security controls and address vulnerabilities.

Senior Network Security Engineer

Perma Technologies | USA | On-site – View job details

As a Senior Network Security Engineer, you will manage and secure enterprise network environments with a focus on Palo Alto and Fortinet platforms. Responsibilities include configuring and maintaining firewalls and VPNs, troubleshooting complex network and security issues, improving security policies and automation, monitoring security events, and supporting assessments and compliance efforts.

Senior Penetration Tester

BreachLock | USA | Remote – View job details

As a Senior Penetration Tester, you will perform web application, API, and mobile security assessments with a focus on manual testing techniques, including business logic flaws, authentication weaknesses, authorization issues, and complex attack paths. Responsibilities also include internal and external network assessments and assumed breach engagements involving Active Directory enumeration, lateral movement, privilege escalation, and post-exploitation activities.

Senior Security Consultant (Android Malware Reverse Engineering)

NetSPI | United Kingdom | Remote – View job details

As a Senior Security Consultant focused on Android malware reverse engineering, you will analyze and reverse engineer Android applications, deliver findings to clients, and help develop remediation strategies to improve security posture. Responsibilities include researching new reverse engineering techniques and tools, contributing to service development and thought leadership initiatives, supporting pre-sales activities, and providing technical guidance to internal teams.

Senior Security Engineer

PheedLoop | Canada | On-site – View job details

As a Senior Security Engineer, you will lead internal red team activities and security testing across applications, infrastructure, and users to identify weaknesses and drive remediation. Responsibilities include conducting attack simulations, strengthening software supply chain security, improving endpoint security, leading incident response and threat hunting efforts, and developing security processes and playbooks.

Systems Cybersecurity Test Engineer

Chipright | Ireland | On-site – View job details

As a Systems Cybersecurity Test Engineer, you will design and execute cybersecurity-focused test strategies to validate both functional and security requirements across complex systems. Responsibilities include threat modeling, risk assessments, penetration and fuzz testing, attack analysis, and working with cross-functional teams to strengthen product security and support test automation efforts.

Threat Hunter

Nebulock | USA | Remote – View job details

As a Threat Hunter, you will conduct structured threat hunts across endpoint, identity, and log telemetry to identify post-compromise activity, lateral movement, and insider threats. You will develop hunt hypotheses, refine detection methods, and work with design partners to validate findings and improve detection coverage.

from Help Net Security https://ift.tt/vgS9OwW

AI tools are becoming part of everyday work in organizations, creating new security and oversight requirements as usage grows. To address that, Anthropic introduced 28 integrations with security and compliance tools that allow IT and security teams to manage Claude in the same way they manage other applications in their environments.

The integrations are powered by the Claude Compliance API, which gives enterprise teams programmatic access to two types of data.

The first category involves conversation content from Claude Enterprise, consisting of chats, uploaded files, and projects. Organizations can use this information to apply existing security, monitoring, and data loss prevention (DLP) policies.

The second category focuses on activity events from Claude Enterprise and the Claude Platform. These records include user logins, administrative actions, and configuration changes, providing visibility into usage throughout an organization.

“Anthropic’s Compliance API is a REST API that gives enterprise IT and security teams programmatic access to Claude activity data. Rather than relying on manual exports and periodic reviews, organizations can use the Claude Compliance API for real-time programmatic access to Claude usage data and customer content, enabling them to build continuous monitoring and automated policy enforcement systems,” Netskope stated.

The integrations are available through 28 providers spanning DLP, SASE, data security, SIEM, security operations, identity management, eDiscovery, AI security posture management, and observability tools.

New integrations include Cloudflare, Cribl, CrowdStrike, Cyera, Datadog, Forcepoint, Fortinet, Geordie AI, IBM Guardium, Microsoft Purview, Mimecast, Netskope, Okta, Palo Alto Networks, Proofpoint, Relativity, ReliaQuest, Rubrik, SailPoint, Smarsh, Snyk, Sumo Logic, Tenable, Theta Lake, Trellix, Varonis, Wiz, and Zscaler.

“For organizations already using one of these security and compliance platforms, enabling coverage over your Claude usage is straightforward: connect and configure your Claude instance, and the data flows into the same dashboards and alerting workflows you use for everything else,” Anthropic said.

from Help Net Security https://ift.tt/MrckjVH

Security teams already struggle with long lists of vulnerabilities and limited time to patch them. Cisco believes AI could increase that pressure by accelerating vulnerability discovery and increasing the number of findings security teams need to review.

The company said it is moving further toward a risk-based disclosure approach, placing greater attention on issues under active exploitation or those considered more likely to be used in attacks.

“Cisco is actively leveraging advanced AI Models to accelerate finding vulnerabilities and driving remediation. Deploying these models into our security processes allows us to find and fix vulnerabilities at a pace previously unattainable,” said Russ Smoak, VP Information Security at Cisco.

Smoak also warned that defenders will not be the only ones using these tools. “At the same time, we recognize that adversaries will also take advantage of these evolving AI capabilities, increasing the urgency and complexity of cybersecurity defense,” Smoak added.

The approach also changes how lower-risk findings are disclosed. Cisco said some internally discovered issues that would previously have received standalone advisories may no longer be published separately.

Instead, the company plans to provide higher-level information about software releases containing security patches and direct customers to security-hardened versions. Additional details describing software changes made to address findings may be published after the initial release.

Detailed disclosures will continue for issues considered critical, findings under active exploitation, and vulnerabilities viewed as more likely to be exploited. Cisco added that its handling of third-party and open-source vulnerabilities will remain unchanged.

“Cisco will use our voice in the vulnerability disclosure space with the intent of driving pragmatic changes that help the industry align and scale to this expected increase in volume,” Smoak concluded.

from Help Net Security https://ift.tt/am2t9QM

Source-guided vulnerability research increasingly leans on coding harnesses such as Claude Code, Codex, and Cursor to drive agent-based reviews of application code. A new MIT-licensed project from the Dutch security firm Hadrian, called OpenHack, packages that approach into a file-based workspace that any of those harnesses can run.

OpenHack is a set of agents and tools that mimics how Hadrian’s research team performs automated vulnerability research. The workflow runs inside a coding harness or a custom runner, with durable state kept in plain files such as cloned source, recon items, scenario prompts, scenario results, finding candidates, triage decisions, findings, and logs. The harness supplies model execution, terminal access, repository access, and human-in-the-loop approval.

“We’ve been working on this for some time, but our discovery of critical vulnerabilities made it concrete. OpenHack’s effectiveness proves that security teams don’t need Mythos to find critical vulnerabilities,” said Rogier Fischer, CEO of Hadrian.

Checkpointed, scenario-first review

The operating model is built around a state machine over files. A command advances the run to the next durable state, an agent answers the prompt for that state, and a recorder command validates the answer before materializing new work. A human operator approves every phase transition, including expert scope before reconnaissance, scenario routing after recon, the scenario backlog after the router answers, and the finding-triage backlog after candidate creation.

The durable chain runs from recon item to routing unit, scenario, scenario result, finding candidate, and triage decision. Recon agents discover review surfaces such as routes, sinks, auth boundaries, upload paths, parser entrypoints, manifests, and admin areas. A scenario-router agent turns those surfaces into scoped scenarios. Expert agents then prove or reject each scenario, and an independent triage agent decides which verified candidates become final findings.

Twelve expert families aligned to OWASP and MITRE

The current registry defines 12 expert families as Markdown manifests, each declaring its id, category, ownership, standards, and routing signals. The set covers OWASP Top 10:2025 categories including Broken Access Control, Security Misconfiguration, Software Supply Chain Failures, Cryptographic Failures, Injection, Insecure Design, Authentication Failures, and Software or Data Integrity Failures. Additional families cover CWE-119 memory buffer errors, CWE-200 sensitive information exposure, CWE-22 and CWE-434 path traversal and unrestricted upload, and API4:2023 unrestricted resource consumption. SSRF is folded into Broken Access Control, matching the OWASP 2025 mapping of CWE-918 to A01:2025.

Optional enrichment with bundled Semgrep rules is available during the recon phase. Semgrep hits are treated as hints, with verified vulnerabilities required to come through the recorded scenario and triage chain.

OpenHack is available for free on GitHub.

Must read:

Subscribe to the Help Net Security ad-free monthly newsletter to stay informed on the essential open-source cybersecurity tools. Subscribe here!

from Help Net Security https://ift.tt/1ERi6Uy

Senior decision-makers are the heaviest users of unapproved AI tools, and they continue using them despite being aware of the security and privacy risks linked to shadow AI, according to TrustedTech’s Shadow AI in the Workplace report. The study found that 65% of decision-makers use shadow AI, compared with 31% of employees below decision-maker level.

Net Shadow AI use (Source: TrustedTech)

The data suggests that shadow AI is not mainly driven by junior employees experimenting with consumer tools. The people creating policies and overseeing teams appear to be some of the most active users of unapproved AI systems.

Employees continue using AI because they see practical value in it. Around 70% of respondents said AI tools have improved team performance, and more than half reported saving at least three hours a week through AI use.

Most respondents said they understand the risks associated with unapproved AI tools, including security and data privacy concerns. Employees continue using them because approved alternatives do not meet their needs or because organizations have not provided suitable options.

Around 14% of employees said they use AI tools at work without knowing whether those tools are approved by their employer. The number exceeds the share of respondents who said they never use AI at work.

“Organizations have been trying to control employee behavior, but what this data shows is that leadership teams are moving faster than the policies designed to guide them. When executives are using unapproved tools to move quickly, it creates a ripple effect across the entire organization,” said Julian Hamood, Founder of TrustedTech.

Senior employees are driving shadow AI use

Decision-makers were more likely than other employees to believe their organization monitors AI use. Some may avoid approved platforms because they do not want their activity tracked or connected to their name. For employees whose professional reputation depends on appearing knowledgeable and capable, visible AI usage can create concerns about how they are perceived.

The research showed differences between the US and UK. US employees reported slightly higher shadow AI usage, with more intensive use among workers who rely on these tools regularly. The study noted that US organizations often combine formal AI programs with informal workarounds inside the same workplace.

Workers are learning AI on their own

Differences in AI confidence and training exist between senior employees and the rest of the workforce. Nearly 78% of decision-makers said they felt confident using AI tools in their role, compared with 43% of employees below decision-maker level.

Self-learning was the most common source of AI knowledge, with workers relying on videos, blogs, and online resources more often than formal employer training. Employees below decision-maker level relied more on self-learning, while senior employees were more likely to receive structured training.

Around 44% of respondents believe their organization lacks training on how to use AI safely and securely.

Bans may not stop AI use

Restrictions alone may not prevent shadow AI use. Nearly one-third of employees said they would continue using AI tools even if workplace rules prohibited them and disciplinary action was possible.

Employees said they would likely turn to personal AI tools if organizations limited access because of higher software costs.

Download: The IT and security field guide to AI adoption

from Help Net Security https://ift.tt/8jvmAop

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension
Following TeamPCP’s claim that they’ve breached GitHub’s own private code repositories, the Microsoft-owned company launched an investigation and confirmed the compromise.

Earbud sensors can authenticate users by their heartbeat, study finds
Researchers built a continuous authentication system called AccLock that identifies a wearer by the tiny vibrations a heartbeat makes inside the ear canal.

Attackers are exploiting critical NGINX vulnerability (CVE-2026-42945)
A critical NGINX vulnerability (CVE-2026-42945) disclosed last week is being exploited by attackers, VulnCheck security researcher Patrick Garrity revealed on Saturday.

Communicating cyber risk in dollars boards understand
In this Help Net Security interview, Nick Nieuwenhuis, Cybersecurity Architect at Nedscaper, explains why cybersecurity has not delivered the resilience that decades of investment have promised.

Microsoft provides mitigation for “YellowKey” BitLocker bypass flaw (CVE-2026-45585)
Microsoft is working on a fix for CVE-2026-45585 (aka “Yellowkey”), a vulnerability that can be used by attackers to bypass protections offered by BitLocker, the full-disk encryption feature built into Windows, and access users’ data.

Why AI changed the threat model for travel technology
In this Help Net Security interview, Devon Bryan, SVP, Global CSO at Booking Holdings, reflects on his path from Air Force network security engineer to global CSO across financial services, hospitality, and travel technology.

Deleted Google API keys keep working for up to 23 minutes, researchers warn
Google API keys are credentials that let applications access Google services, from Maps to the Gemini AI. If a key is leaked, an attacker can use it to make API calls, rack up charges, and, if Gemini is enabled, access uploaded files and cached conversations. The assumed fix is simple: delete the key. But Aikido Security has found that deletion doesn’t actually work right away.

Microsoft open-sources tools for designing and testing AI agents
Microsoft has open-sourced two tools aimed at bringing security discipline to AI agent development: Clarity, a structured design review tool, and RAMPART, a continuous testing framework.

AI red teaming agents change how LLMs get tested
Adversarial probing of LLMs has piled up a sprawling toolkit over the past three years. Attack techniques with names like Tree of Attacks with Pruning, Crescendo, and Skeleton Key sit alongside hundreds of prompt transforms and scoring methods across open-source frameworks including Microsoft’s PyRIT, NVIDIA’s Garak, and Promptfoo.

GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise
GitHub CISO Alexis Wales has named the malicious VS Code extension behind the breach they suffered at the hands of the threat group TeamPCP: Nx Console, a popular developer tool with 2.2 million installs.

Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)
Attackers are exploiting two Microsoft Defender vulnerabilities (CVE-2026-41091 and CVE-2026-45498), Microsoft acknowledged and CISA confirmed by adding them to its Known Exploited Vulnerabilities catalog.

Verizon DBIR: Vulnerability exploitation is the dominant initial access vector
Vulnerability exploitation has overtaken stolen credentials as the most common way attackers gain initial access to target networks, according to the 2026 Verizon Data Breach Investigations Report.

PureLogs infostealer is stealing credentials worldwide
A phishing campaign is smuggling the powerful PureLogs information stealer onto targets’ Windows machines by hiding encrypted malicious payloads inside cat photos, Fortinet researchers discovered.

New macOS infostealer impersonates Apple, Microsoft, and Google in a single attack chain
A SHub macOS infostealer variant called Reaper impersonates Apple, Microsoft, and Google to trick users into executing malicious code, then targets browser data, password managers, and cryptocurrency wallets while establishing persistence for continued access, SentinelOne found.

AI is drowning software maintainers in junk security reports
AI-assisted vulnerability research has exploded, unleashing a firehose of low-quality reports on overworked software maintainers who are wasting hours sifting through noise instead of fixing real problems.

Attackers accessed, downloaded code from Grafana Labs’ GitHub
A threat actor has managed to access Grafana Labs’ GitHub environment and download the company’s codebase, the open-source observability and data visualization firm announced on Sunday.

The end of unencrypted Discord calls is here
Discord has protected voice and video calls in DMs, group DMs, voice channels, and Go Live streams with end-to-end encryption (E2EE) by default.

The AI backdoor your security stack is not built to see
Enterprises deploying LLMs have spent the past two years building defenses around a reasonable assumption: malicious behavior leaves a trace in the input. Scan for suspicious tokens, filter unusual characters, watch for prompt injection patterns. New research from Microsoft and the Institute of Science Tokyo demonstrates that this defensive posture has a blind spot, and the cost of that blind spot could be measured in leaked proprietary data and regulatory exposure.

When ransomware hits, confidence doesn’t restore endpoints
Ransomware, supply chain vulnerabilities, insider threats, compliance failures, and software disruptions remain major concerns for security leaders, according to The Ransomware Reality: Zero Days to Recover report by Absolute Security.

AI shrinks vulnerability exploitation window to hours
Time has become organizations’ biggest vulnerability because the gap between vulnerability discovery and exploitation has narrowed to hours, according to Synack’s 2026 State of Vulnerabilities Report.

Most dark web activity revolves around a handful of topics
A six-year dataset covering more than 25,000 dark web sites tracked what people discussed in underground forums and marketplaces and how those discussions changed over time.

Public Instagram posts provide raw material for AI phishing campaigns
A handful of public Instagram posts can give attackers enough material to generate convincing phishing emails with GenAI. Research from the University of Texas at Arlington and Louisiana State University showed how public social media activity can be turned into phishing messages that appear personal and credible to human recipients.

CVE Lite CLI: Open-source dependency vulnerability scanner
Dependency vulnerability scanning in JavaScript and TypeScript projects has long sat at the end of the development pipeline. Pull requests get opened, continuous integration runs, and a security scanner returns a list of CVE identifiers that developers then have to triage hours or days after writing the code. CVE Lite CLI, now an officially recognized OWASP Incubator Project, moves that check to the developer’s terminal.

What happens when your identity provider becomes the kill chain
In this Help Net Security video, Colin Constable, CTO at Atsign, explains why your identity provider (IdP) has become the kill chain in cyberattacks. Attackers steal session cookies, tokens, or consent grants you’ve already issued and walk in behind you.

7 hard truths security pros should know: 2026 DevOps Threats Report
In 2025, trusted Git hosting platforms became a playground for cyber criminals. This is the main conclusion from the latest “DevOps Threat Unwrapped Report 2026” by GitProtect.

Product showcase: Bitdefender Mobile Security for iOS protects privacy where scams begin
Bitdefender Mobile Security for iOS is a security and privacy application for iPhone and iPad that helps protect against phishing attempts, online scams, unsafe websites, and account exposure.

Cybersecurity jobs available right now: May 19, 2026
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.

New infosec products of the week: May 22, 2026
Here’s a look at the most interesting products from the past week, featuring releases from ASAPP, Babel Street, CTERA, Forward, Riverbed, and Trust3 AI.

from Help Net Security https://ift.tt/jG1lB7C