Category: Help Net Security

Trellix announced advancements to Trellix DLP Endpoint Complete, available globally in Q2 2025. New offerings and features incorporate intelligent capabilities to enhance Trellix’s data loss prevention (DLP) solutions, enabling customers to protect sensitive information in non-text file formats, strengthen compliance…

Read more →

The mobile threat landscape has shifted. According to Zimperium’s 2025 Global Mobile Threat Report, attackers are now prioritizing mobile devices over desktops. For enterprises, mobile is no longer a secondary risk. It’s now one of the primary attack surfaces. CVE…

Read more →

Villain is an open-source Stage 0/1 command-and-control (C2) framework designed to manage multiple reverse TCP and HoaxShell-based shells. Beyond simply handling connections, Villain enhances these shells with added functionality, offering commands and utilities, and allowing for shell sessions sharing across…

Read more →

Adversaries are infiltrating upstream software, hardware, and vendor relationships to quietly compromise downstream targets. Whether it’s a malicious update injected into a CI/CD pipeline, a rogue dependency hidden in open-source code, or tampered hardware components, these attacks bypass traditional defenses…

Read more →

As AI brings about excitement and transformative potential, the report reveals that organizations are forging ahead with innovations despite increased security concerns, according to LevelBlue’s 2025 Futures Report. In fact, just 29% of executives surveyed say they are reluctant to…

Read more →

In 2024, threat actors exploited 75 zero-days – i.e., vulnerabilities previously unknown to vendors, thus without a readily available patch – in a wide variety of attacks. Of these, 33 vulnerabilities (44%) affected enterprise solutions, which is up from 37%…

Read more →

Bitwarden launched Access Intelligence, a set of new capabilities that enables enterprises to proactively defend against internal credential risks and external phishing threats. Access Intelligence introduces two core functionalities: Risk Insights, which allows IT teams to identify, prioritize, and remediate…

Read more →

ExtraHop launched all-in-one sensor designed to unify network traffic collection that scales across a number of security use cases. This further advances ExtraHop’s vision to consolidate NDR, network performance monitoring (NPM), intrusion detection (IDS), and full packet forensics into an…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has added three new flaws to its Known Exploited Vulnerabilities catalog on Monday, affecting Commvault (CVE-2025-3928), Active! Mail (CVE-2025-42599), and Broadcom Brocade (CVE-2025-1976) solutions. CISA’s KEV catalog is constantly updated and provides IT…

Read more →

The “cyber incident” that British multinational retailer Marks & Spencer has been struggling with for over a week is a ransomware attack, multiple sources have asserted. The Telegraph’s sources say ransomware was deployed by a unnamed criminal gang. Bleeping Computer’s…

Read more →

Huntress has unveiled its newly enhanced Managed Identity Threat Detection and Response (ITDR) solution, purpose-built to wreck hacker identity tradecraft, alongside new research on the growing threat of identity-based attacks and organizations’ ability to defend against them. Drawing insights from…

Read more →

Varonis announced always-on AI risk defense that continuously identifies data exposure in real time, flags violations, and automatically fixes issues before they can become data breaches. In organizations with poor data security posture, employees and AI agents are only one…

Read more →

Aqua Security has unveiled the next phase of its AI security strategy with the introduction of Secure AI, full lifecycle security from code to cloud to prompt. These new capabilities secure AI applications through the development process and into production,…

Read more →

Bugcrowd’s new service connects customers with a global network of vetted ethical hackers for a variety of red team engagements—fully managed through the Bugcrowd Platform. This release sets a new benchmark in the red team services market, enabling organizations to…

Read more →

Netwrix unveiled new solutions and capabilities across its 1Secure SaaS platform. Its new Data Security Posture Management (DSPM) solution identifies and eliminates data exposures within Microsoft 365 environments and will be available in May. Netwrix also announced new risk assessment…

Read more →

Arctic Wolf has introduced Cipher, an AI security assistant that provides customers with self-guided access to deeper security insights directly within the Arctic Wolf Aurora Platform. Cipher enhances investigations and alert comprehension by delivering instant answers, contextual enrichment, and actionable…

Read more →

Lumu released Lumu SecOps Platform, a fully integrated Security Operations (SecOps) platform that unifies threat detection, response, automation, compliance, and intelligence across the network, identities and endpoints—delivering full attack context and enabling security teams to autonomously detect and neutralize complex…

Read more →

Oasis Security launched Oasis NHI Provisioning, a capability that automates the creation, governance, and security of non-human identities (NHIs) from their inception. Built into the Oasis NHI Security Cloud, this solution addresses the critical challenges of fragmented processes, ungoverned sprawl,…

Read more →

I’ve never quite seen anything like this in my two decades of working in the Internet of Things (IoT) space. In just a few years, devices at home and work started including cameras to see and microphones to hear. Now,…

Read more →

Cyber hygiene sounds simple. Patch your systems, remove old accounts, update your software. But for large organizations, this gets messy fast. Systems number in the thousands. Teams are scattered. Some machines haven’t been rebooted in months. Automation can help. But…

Read more →