Category: Help Net Security

In this Help Net Security interview, Benjamin Schilz, CEO of Wire, discusses Europe’s push for digital sovereignty through initiatives like Gaia-X and the EU AI Act. As the continent redefines its technological future, the focus shifts from regulation to building…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from Akeyless, Bitdefender, Malwarebytes, ManageEngine, PlexTrac, and Seemplicity. PlexTrac Workflow Automation Engine enhancements accelerate time to remediation PlexTrac launched enhanced Workflow Automation Engine, a major product…

Read more →

It’s been six months since the EU’s Digital Operational Resilience Act (DORA) came into effect, but a new Censuswide survey shows that nearly all financial services organizations in EMEA still feel unprepared. An overwhelming 96% of respondents said their current…

Read more →

One of the groups that, in the past few weeks, has been exploiting vulnerabilities in on-prem SharePoint installation has been observed deploying Warlock ransomware, Microsoft shared on Wednesday. First attack spotted on July 7th On Saturday, Microsoft announced that attackers…

Read more →

Intel 471 launched Guided Threat Hunts, a new method-driven tool within the Hunt Management Module, part of our HUNTER solution. As threat hunting for advanced adversaries continues to be an increasingly complex, time-consuming and resource-heavy process, Intel 471 is empowering…

Read more →

The annual CISO New York summit will be held on September 9, 2025, uniting over 150 senior cybersecurity executives for a full day of insight, strategy, and collaboration at Convene, 601 Lexington Avenue. This highly curated summit is tailored for…

Read more →

Sonicwall is asking customers running specific Secure Mobile Access (SMA) 100 Series devices to patch a newly uncovered vulnerability (CVE-2025-40599) as soon as possible. “While there is currently no evidence that this vulnerability is being actively exploited in the wild,”…

Read more →

Autoswagger is a free, open-source tool that scans OpenAPI-documented APIs for broken authorization vulnerabilities. These flaws are still common, even at large enterprises with mature security teams, and are especially dangerous because they can be exploited with little technical skill.…

Read more →

Application-layer attacks have become one of the most common and consequential methods adversaries use to gain access and compromise organizations, according to Contrast Security. These attacks target the custom code, APIs, and logic that power applications, often slipping past detection…

Read more →

In this Help Net Security interview, Aleksandar Stančin, Board Member Adriatics, Exclusive Networks, discusses the state of cybersecurity in the Adriatic region. He talks about how local markets often lag behind EU regulations, despite facing threats comparable to those in…

Read more →

The Identity Theft Resource Center (ITRC) reports 1,732 publicly disclosed data breaches in H1 2025, marking a 5% increase over the same period in 2024. The ITRC could track a record number of compromises in 2025 if the current data…

Read more →

With the latest Windows 11 update, Microsoft is saying goodbye to the infamous “Blue Screen of Death” and has enabled the quick machine recovery feature by default for Home users. “For nearly four decades, the blue screen shown during an…

Read more →

The suspected administrator of xss.is, one of the world’s most influential Russian-speaking cybercrime forums, was arrested in Kyiv, Ukraine, on 22 July. The takedown followed a long-running investigation led by the French Police and Paris Prosecutor, in close cooperation with…

Read more →

Bitdefender expanded support for Facebook and Instagram for Bitdefender Security for Creators, a dedicated cybersecurity solution for digital content creators, social media influencers, and online creatives. With this expansion, the service delivers powerful, multi-platform protection across YouTube, Instagram, and Facebook,…

Read more →

PlexTrac launched enhanced Workflow Automation Engine, a major product update designed to standardize workflows across the vulnerability lifecycle, automate pentest findings delivery, accelerate time to remediation, and increase operational efficiency. By leveraging the unified security data already centralized in PlexTrac,…

Read more →

One or more vulnerabilities affecting Cisco Identity Services Engine (ISE) are being exploited in the wild, Cisco has confirmed by updating the security advisory for the flaws. About the vulnerabilities The three vulnerabilities affect Cisco’s Identity Services Engine (ISE) –…

Read more →

A new phishing campaign is targeting users of the U.S. Department of Education’s G5 portal, a site used by educational institutions and vendors to manage grants and federal education funding. Threat researchers at BforeAI uncovered a cluster of lookalike domains…

Read more →

ManageEngine announced identity risk exposure management and local user MFA features in AD360, its converged identity and access management (IAM) platform. The release enables security teams to detect privilege escalation risks and secure unmanaged local accounts, two common identity attack…

Read more →

Akeyless launched NHI Federation, a solution that delivers Single Sign-On (SSO) for machines. As organizations increasingly operate workloads across on-premises and multi-cloud environments, platform and security teams face growing challenges in enabling secure and seamless access across these diverse ecosystems.…

Read more →

Cervantes is an open-source collaborative platform built for pentesters and red teams. It offers a centralized workspace to manage projects, clients, vulnerabilities, and reports, all in one place. By streamlining data organization and team coordination, it helps reduce the time…

Read more →