.png)
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
40 open-source tools redefining how security teams secure the stack
Open source security software has become a key way for teams to get flexibility, transparency, and capability without licensing costs. The free tools in this roundup address problems security teams deal with, from managing large environments to catching misconfigurations and understanding how new technologies change threat exposure.
AI agents break rules in unexpected ways
AI agents are starting to take on tasks that used to be handled by people. These systems plan steps, call tools, and carry out actions without a person approving every move. This shift is raising questions for security leaders. A new research paper offers one of the first attempts to measure how well these agents stay inside guardrails when users try to push them off course.
AI-driven threats are heading straight for the factory floor
In this Help Net Security interview, Natalia Oropeza, Chief Cybersecurity Officer at Siemens, discusses how industrial organizations are adapting to a shift in cyber risk driven by AI. She notes that in-house capability, especially for OT response and recovery, is becoming a priority. Oropeza also explains why collaboration and a different mindset are becoming as important as the technology.
LLMs are everywhere in your stack and every layer brings new risk
LLMs are moving deeper into enterprise products and workflows, and that shift is creating new pressure on security leaders. A new guide from DryRun Security outlines how these systems change long standing assumptions about data handling, application behavior, and internal boundaries. It is built around the OWASP Top 10 for LLM Applications, which the company uses as the structure for a full risk model and a reference architecture for teams building with LLMs.
The hidden dynamics shaping who produces influential cybersecurity research
Cybersecurity leaders spend much of their time watching how threats and tools change. A new study asks a different question, how has the research community itself changed over the past two decades. Researchers from the University of Southampton examined two long running conference communities, SOUPS and Financial Cryptography and Data Security, to see how teams form, who contributes, and which kinds of work gain attention.
Henkel CISO on the messy truth of monitoring factories built across decades
In this Help Net Security interview, Stefan Braun, CISO at Henkel, discusses how smart manufacturing environments introduce new cybersecurity risks. He explains where single points of failure hide, how attackers exploit legacy systems, and why monitoring must adapt to mixed-generation equipment. His insights show why resilience depends on visibility, autonomy, and disciplined vendor accountability.
December 2025 Patch Tuesday forecast: And it’s a wrap
It’s hard to believe that we’re in December of 2025 already and the end of the year is fast approaching. Looking back on the year, there are two major items that really stand out in my mind. First, there is the large number of Microsoft products that have come to EOL/EOS near the end of this year. It seemed there was always a reason their products would get official extended support at the last minute, but this time, that didn’t happen – applications and operating systems alike came to an end.
The simple shift that turns threat intel from noise into real insight
In this Help Net Security video, Alankrit Chona, CTO at Simbian, explains how security teams can put threat intelligence to work in a way that supports detection, response, and hunting.
Password habits are changing, and the data shows how far we’ve come
In this Help Net Security video, Andréanne Bergeron, Security Researcher at Flare, explains how changes in user habits, policy shifts, and new tools have shaped password security over nearly twenty years. She walks through research based on leaked passwords from 2007 to 2025 and shows how strength levels rose as standards evolved and breach events pushed users to reset weak credentials.
How to tell if your password manager meets HIPAA expectations
Most healthcare organizations focus on encryption, network monitoring, and phishing prevention, although one simple source of risk still slips through the cracks. Password management continues to open doors for attackers more often than leaders expect. Weak, reused, or shared passwords often play a part in breaches that involve protected health information. The HIPAA Security Rule expects organizations to manage authentication with care, and password managers can help satisfy these expectations when they are chosen and deployed with the right controls.
NVIDIA research shows how agentic AI fails under attack
Enterprises are rushing to deploy agentic systems that plan, use tools, and make decisions with less human guidance than earlier AI models. This new class of systems also brings new kinds of risk that appear in the interactions between models, tools, data sources, and memory stores. A research team from NVIDIA and Lakera AI has released a safety and security framework that tries to map these risks and measure them inside real workflows.
New image signature can survive cropping, stop deepfakes from hijacking trust
Deepfake images can distort public debate, fuel harassment, or shift a news cycle before anyone checks the source. A new study from researchers at the University of Pisa examines one specific part of this problem. They introduced a way to keep image signatures intact even after cropping.
Building SOX compliance through smarter training and stronger password practices
A SOX audit can reveal uncomfortable truths about how a company handles access to financial systems. Even organizations that invest in strong infrastructure often discover that everyday password habits weaken the controls they thought were solid. CISOs know that passwords still sit at the center of most access decisions, and any weakness in how people create, store or share them can undermine internal control over financial reporting.
UTMStack: Open-source unified threat management platform
UTMStack is an open-source unified threat management platform that brings SIEM and XDR features into one system. The project focuses on real time correlation of log data, threat intelligence, and malware activity patterns gathered from different sources. The goal is to help organizations identify and halt complex threats that rely on stealthy techniques.
LLM vulnerability patching skills remain limited
Security teams are wondering whether LLMs can help speed up patching. A new study tests that idea and shows where the tools hold up and where they fall short. The researchers tested LLMs from OpenAI, Meta, DeepSeek, and Mistral to see how well they could fix vulnerable Java functions in a single attempt.
LLM privacy policies keep getting longer, denser, and nearly impossible to decode
People expect privacy policies to explain what happens to their data. What users get instead is a growing wall of text that feels harder to read each year. In a new study, researchers reviewed privacy policies for LLMs and traced how they changed.
CISOs are spending big and still losing ground
Security leaders are entering another budget cycle with more money to work with, but many still feel no safer. A new benchmark study from Wiz shows a widening gap between investment and impact. Budgets keep rising, cloud programs keep expanding, and AI is reshaping both threats and defenses. Still, CISOs say the fundamentals of risk reduction are not improving fast enough.
Invisible IT is becoming the next workplace priority
IT leaders want their employees to work without running into digital hurdles, but many still struggle with fragmented systems that slow teams down. A new report from Lenovo sheds light on how widespread the problem has become and what organizations can do to reduce workplace friction.
The Bastion: Open-source access control for complex infrastructure
Operational teams know that access sprawl grows fast. Servers, virtual machines and network gear all need hands-on work and each new system adds more identities to manage. A bastion host tries to bring order to this problem. It acts as a single entry point for sysadmins and developers who connect to infrastructure through ssh. This model is old in theory, but The Bastion open-source project shows how far a purpose-built access layer can go.
Teamwork is failing in slow motion and security feels it
Security leaders often track threats in code, networks, and policies. But a quieter risk is taking shape in the everyday work of teams. Collaboration is getting harder even as AI use spreads across the enterprise. That tension creates openings for mistakes, shadow tools, and uncontrolled data flows. A recent Forrester study shows how this break in teamwork forms and how leaders can respond before it grows.
Uneven regulatory demands expose gaps in mobile security
Mobile networks carry a great deal of the world’s digital activity, which makes operators a frequent target for attacks. A study released by the GSMA shows that operators spend between $15 and $19 billion a year on core cybersecurity functions. Spending could reach more than $40 billion by 2030. These figures do not include expenses tied to resilience, training, or governance.
Ransomware keeps widening its reach
Ransomware keeps shifting into new territory, pulling in victims from sectors and regions that once saw fewer attacks. The latest Global Threat Briefing for H2 2025 from CyberCube shows incidents spreading in ways that make it harder for security leaders to predict where threats will rise next.
What 35 years of privacy law say about the state of data protection
Privacy laws have expanded around the world, and security leaders now work within a crowded field of requirements. New research shows that these laws provide stronger rights and duties, but the protections do not always translate into reductions in harm. The study looks at thirty five years of privacy history, from the rise of early data protection efforts to the current landscape of AI driven risk, cross border transfers, and uneven enforcement.
Download: Evaluating Password Monitoring Vendors
Organizations using Active Directory must update their password policies to block and detect compromised passwords. However, comparing vendors in this area can be challenging.
Product showcase: Tuta – secure, encrypted, private email
Tuta, formerly known as Tutanota, is built for anyone who wants email that stays private. Instead of treating encryption like a bonus feature, the service encrypts almost everything by default. That means your messages are locked down from the moment you hit send until they reach the other side.
Cybersecurity jobs available right now: December 9, 2025
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.
New infosec products of the week: December 12, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Apptega, Backslash Security, BigID, Black Kite, Bugcrowd, NinjaOne, Nudge Security, and Veza.
from Help Net Security https://ift.tt/7B5iNVZ
0 comments:
Post a Comment