Category: Help Net Security

CISA has added CVE-2025-21042, a vulnerability affecting Samsung mobile devices, to its Known Exploited Vulnerabilities (KEV) catalog, and has ordered US federal civilian agencies to address it by the start of December. “This type of vulnerability is a frequent attack…

Read more →

Red Hat has announced OpenShift 4.20, the latest version of its hybrid cloud application platform built on Kubernetes. Red Hat OpenShift 4.20 introduces capabilities for accelerating AI workloads, strengthening core platform security and enhancing virtualization strategies consistently from the datacenter,…

Read more →

Action1 announced new integrations that extend Microsoft Intune with advanced patching and vulnerability management. The enhancements close security and compliance gaps in Intune by adding comprehensive third-party application patching, risk-based vulnerability prioritization, and real-time visibility across Windows, macOS, and Linux.…

Read more →

Since its introduction in 2010, Germany’s national ID card with its built-in online identification feature has set a high standard for security. The next generation must now withstand potential quantum-computer attacks, covering both hardware and software, as each card will…

Read more →

GNU Coreutils is the backbone of many enterprise Linux environments. It provides the basic file, shell, and text utilities that every GNU-based system depends on. The latest release, version 9.9, refines these tools with fixes and performance improvements. Several long-standing…

Read more →

Attackers have exploited a now-fixed vulnerability (CVE-2025-12480) in the Gladinet Triofox secure file sharing and remote access platform while it was still a zero-day, Mandiant revealed on Monday. CVE-2025-12480 exploitation and attack details Gladinet’s Triofox solution is used by medium…

Read more →

Firewalla has announced the release of MSP 2.9, the latest update to its Managed Security Portal (MSP). The update is now available to all MSP Early Access users. Firewalla MSP is a web-based platform designed for security and infosec professionals…

Read more →

Police use drones, body cameras, and license plate readers as part of their daily work. Supporters say these tools make communities safer. Critics see something different, a system that collects too much data and opens the door to abuse. When…

Read more →

In this Help Net Security interview, Chris Wheeler, CISO at Resilience, talks about how CISOs are managing changing cybersecurity budgets. While overall spending is up, many say the increases don’t match their most pressing needs. Wheeler explains how organizations are…

Read more →

When a cyber attack hits a major bank or trading platform, attention usually turns to the institution. But new research suggests the real danger may lie elsewhere. BitSight researchers found that many of the technology providers serving the financial sector…

Read more →

Cybersecurity leaders are hitting their limit. A new report from Nagomi Security shows that most CISOs are stretched thin, dealing with nonstop incidents, too many tools, and growing pressure from their boards. The pressures are so intense that many say…

Read more →

Academy Cyber Threat Intelligence Analyst Bridewell | United Kingdom | Hybrid – View job details As an Academy Cyber Threat Intelligence Analyst, you will manage OpenCTI data, triage and escalate attack surface monitoring alerts, and raise internal alerts for critical…

Read more →

Identity threats are escalating. Attackers increasingly exploit compromised credentials, often undetected by organizations, and use social engineering to gain access. Most companies lack visibility into service account activity and don’t have the tools to detect identity-led threats. New identity security…

Read more →

In this Help Net Security interview, Andrea Succi, Group CISO at Ferrari Group, discusses how cybersecurity is integrated into every aspect of the logistics industry. He explains why protecting data can be as critical as securing physical assets and how…

Read more →

Imagine walking into a secure building where the door unlocks the moment your hand hovers near it. No keycards, no PINs, no fingerprints. Instead, the system identifies you by the way your palm distorts the surrounding Wi-Fi signal. That is…

Read more →

Finding and exploiting SQL injection vulnerabilities is one of the oldest and most common steps in web application testing. sqlmap streamlines this process. It is an open-source penetration testing tool that automates the detection and exploitation of SQL injection flaws…

Read more →

In this Help Net Security video, Josh Harguess, CTO of Fire Mountain Labs, explains how to evaluate, deploy, and govern AI-driven security tools. He talks about the growing role of AI in security operations and the new kinds of risks…

Read more →

AI has become part of everyday software development, shaping how code is written and how fast products reach users. A new report from Cycode, The 2026 State of Product Security for the AI Era, explores how deeply AI now runs…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Securing real-time payments without slowing them down In this Help Net Security interview, Arun Singh, CISO at Tyro, discusses what it takes to secure real-time…

Read more →

Attackers have taken the ClickFix technique further, with pages borrowing tricks from online sellers to pressure victims into performing the steps that will lead to a malware infection. Push Security has spotted one of these pages, showing an embedded tutorial…

Read more →