Tag: Help Net Security

CVE-2025-61932, an “improper verification of source of a communication channel” vulnerability affecting Lanscope Endpoint Manager, has been exploited as a zero-day since April 2025, the Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) warned on Wednesday. According to information received…

Read more →

If you’ve ever used Wireshark to dig into network traffic you know how vital even small upgrades can be. With version 4.6.0 the team behind the open-source network protocol analyzer has added a number of features that could change how…

Read more →

NETSCOUT announced an innovation designed to meet organizations’ needs for observability within complex cloud environments. With the demands of large, multi-cluster Kubernetes deployments, organizations often face challenges related to visibility and blind spots across their environments. The Omnis KlearSight Sensor…

Read more →

Attackers are trying to exploit CVE-2025-54236, a critical vulnerability affecting Adobe Commerce and Magento Open Source, Sansec researchers have warned. The company blocked over 250 exploitation attempts targeting multiple stores on Wednesday, and expects the attacks to continue at pace.…

Read more →

AuditBoard has reached a definitive agreement to acquire FairNow. The addition of FairNow enhances AuditBoard’s capabilities with intelligent, automated, step-by-step AI compliance guidance. As AI governance requirements expand globally, AuditBoard customers are now uniquely positioned to maintain compliance and mitigate…

Read more →

Large language models depend on outside tools to perform real-world tasks, but connecting them to those tools often slows them down or causes failures. A new study from the University of Hong Kong proposes a way to fix that. The…

Read more →

ESET researchers have uncovered a fresh wave of Operation DreamJob, a long-running campaign linked to North Korea’s Lazarus Group. This latest activity targeted several European defense contractors, including firms deeply involved in drone and UAV development, which may point to…

Read more →

Smartwatches, glucose sensors, and connected drug-monitoring devices are common in care programs. Remote monitoring helps detect changes early and supports personalized treatment and long-term condition management. They give clinicians valuable insight into patient health but also introduce new exposure points.…

Read more →

Organizations are getting better at some aspects of risk management but remain underprepared for the threats reshaping the business landscape, according to a new Riskonnect report. The findings show a growing gap between awareness and action as technology, politics, and…

Read more →

Gartner has unveiled its vision for the technologies that will define 2026, spotlighting the innovations and risks that business and IT leaders can’t afford to ignore. The research firm says organizations are entering a period of change, where AI, connectivity,…

Read more →

A newly uncovered attack campaign mounted by suspected Morocco-based attackers has been hitting global retailers and other businesses issuing gift cards. What makes this campaign stand out is how the threat actors avoid typical malware techniques and endpoint hacking and…

Read more →

Ivanti announced product enhancements across its solution pillars, empowering our customers to accelerate cloud adoption, strengthen security posture and streamline IT operations. Distributed workforce requires seamless and secure access to the applications, endpoints and data essential to every role. Ivanti’s…

Read more →

Rubrik announced the launch of the Rubrik Agent Cloud to accelerate enterprise AI agent adoption while managing risk of AI deployments. AI transformation is now mandatory for most organizations. However, IT leaders are constrained because agentic AI has significant risks…

Read more →

Attackers are increasingly abusing internal OAuth-based applications to gain persistent access to cloud environments, Proofpoint researchers warn. These apps often remain unnoticed for quite some time and allow attackers to maintain access to high-privileged accounts even after passwords are reset…

Read more →

Axoflow has launched its Security Data Layer, extending its pipeline offering with multiple storage solutions. The Security Data Layer addresses challenges in log management, SIEM optimization, pipeline reliability, and data accessibility. In addition to a full-fledged security data pipeline that…

Read more →

Elastic released Agent Builder, a complete set of capabilities powered by Elasticsearch, that makes it easy for developers to build custom AI agents on company data—all within minutes. Agent Builder also provides an out-of-the-box conversational experience for exploring, analyzing, and…

Read more →

Keycard emerged from stealth with its identity and access platform for AI agents that integrates with organizations’ existing user identity solutions. Keycard’s platform identifies AI agents, lets users assign task-based permissions and dynamically enforces policy while tracking all activity. With…

Read more →

The rapid technological advances of recent decades have transformed nearly every aspect of our lives. One major shift is that many of us now maintain extensive digital footprints, spanning countless online accounts, from email and social media to banking, investments,…

Read more →

OpenFGA is an open-source, high-performance, and flexible authorization engine inspired by Google’s Zanzibar system for relationship-based access control. It helps developers model and enforce fine-grained access control in their applications. At its core, OpenFGA enables teams to define who can…

Read more →

Blind and low-vision users face the same password challenges as everyone else, but the tools meant to make security easier often end up getting in the way. A study from the CISPA Helmholtz Center for Information Security and DePaul University…

Read more →