Category: EN

Shai-Hulud Worm – A Self Propagating Supply Chain Threat

Cybersecurity Worms, Steganography Attacks, Municipal Cyber Incidents and More… In this episode of Cybersecurity Today, host Jim Love delves into multiple cybersecurity threats affecting the tech landscape. He discusses the ‘Shai Hulud’ worm, which has infiltrated over 187 JavaScript libraries…

Read more →

Supply Chain Attack “Shai-Halud” Targets 477 NPM Packages

A major supply chain attack dubbed “Shai-Halud” has impacted the JavaScript ecosystem by targeting over 477 NPM packages, raising serious concerns among developers and organizations relying on software from the Node Package Manager (NPM) registry. This incident reveals both the…

Read more →

Apple backports fix for actively exploited CVE-2025-43300

Apple announced it has backported patches for a recently addressed actively exploited vulnerability tracked as CVE-2025-43300. Apple has backported security patches released to address an actively exploited vulnerability tracked as CVE-2025-43300. In August 2025, Apple addressed the actively exploited zero-day…

Read more →

How a fake ICS network can reveal real cyberattacks

Researchers have introduced a new way to study and defend against ICS threats. Their project, called ICSLure, is a honeynet built to closely mimic a real industrial environment. Why traditional honeypots fall short Honeypots are systems designed to attract attackers…

Read more →

Wave of 40,000+ Cyberattacks Target API Environments

The cybersecurity landscape has witnessed a dramatic escalation in API-targeted attacks during the first half of 2025, with security researchers documenting over 40,000 API incidents across more than 4,000 monitored environments. This surge represents a fundamental shift in how cybercriminals approach digital…

Read more →

Ruh-roh. DDR5 memory vulnerable to new Rowhammer attack

Google and ETH Zurich found problems with AMD/SK Hynix combo, will probe other hardware Researchers from Google and Swiss university ETH Zurich have found a new class of Rowhammer vulnerability that could allow attackers to access info stored in DDR5…

Read more →

Creating a compliance strategy that works across borders

In this Help Net Security interview, Marco Goldberg, Managing Director at EQS Group, discusses how compliance and regulation are evolving worldwide. He talks about how organizations can stay compliant with international rules while keeping their systems practical and user-friendly. Goldberg…

Read more →

Linux Kernel KSMBD Flaw Lets Remote Attackers Drain Server Resources

A critical vulnerability in the Linux kernel’s KSMBD implementation has been discovered that allows remote attackers to completely exhaust server connection resources through a simple denial-of-service attack. The flaw, tracked as CVE-2025-38501 and dubbed “KSMBDrain,” enables malicious actors to render…

Read more →

Bots vs. humans? Why intent is the game-changer

In this Help Net Security video, Jérôme Segura, VP of Threat Research at Datadome, explains why intent, not just identifying bots, must be the new focus for cybersecurity teams. He explores how advanced AI agents and sophisticated bots blur the…

Read more →