Tag: Help Net Security

Cisco has fixed 14 vulnerabilities in IOS and IOS XE software, among them CVE-2025-20352, a high-severity vulnerability that has been exploited in zero-day attacks. About CVE-2025-20352 Cisco IOS software can be found on older models of Cisco Catalyst switches, Integrated…

Read more →

ESET Research has published new findings on DeceptiveDevelopment, also called Contagious Interview. This North Korea-aligned group has become more active in recent years and focuses on stealing cryptocurrency. It targets freelance developers working on Windows, Linux, and macOS systems. A…

Read more →

Secure Code Warrior has launched a beta program to expand the AI capabilities of its Trust Agent product. The new offering provides CISOs with security traceability, visibility, and governance over developers’ use of AI coding tools. This upgrade, collectively referred…

Read more →

Distributed denial-of-service (DDoS) attacks remain one of the most common and disruptive forms of cybercrime. Defenders have traditionally focused on detecting these attacks once they are underway. New research suggests that predicting DDoS attacks in advance may be possible, giving…

Read more →

Authorities around the world have recovered $439 million from criminals following a months-long operation led by INTERPOL. The effort, called HAECHI VI, ran from April through August 2025 and involved police in 40 countries and territories working together to track…

Read more →

Managing security across dozens or even hundreds of SaaS apps has become a major headache. Each tool has its own settings, permissions, and logs, and most third-party risk processes only look at the vendor’s overall security, not the app itself.…

Read more →

Drones have already shown their impact in military operations, and their influence is spreading across the agricultural and industrial sectors. Given their technological capabilities, we need to be aware of the risks they bring. Drones as a new attack vector…

Read more →

Sensitive data is everywhere and growing fast. A new report from Concentric AI highlights how unstructured data, duplicate files, and risky sharing practices are creating serious problems for security teams. The findings show how generative AI tools like Microsoft Copilot…

Read more →

Enterprise security teams are underprepared to detect new, adaptive AI-powered threats. The study, published by Lenovo, surveyed 600 IT leaders across major markets and shows widespread concern about external and internal risks, along with low confidence in current defenses. External…

Read more →

SolarWinds has fixed yet another unauthenticated remote code execution vulnerability (CVE-2025-26399) in Web Help Desk (WHD), its popular web-based IT ticketing and asset management solution. While the vulnerability is currently not being leveraged by attackers, they might soon reverse-engineer the…

Read more →

Teleport released AI Session Summaries, a new capability in Teleport Identity Security that enables customers to summarize insights from thousands of hours of session recordings in minutes. Teleport generates session recordings of SSH, Kubernetes, and database access events, capturing a…

Read more →

Suspected state-sponsored attackers have exploited a zero-day vulnerability (CVE-2025-59689) in the Libraesva Email Security Gateway (ESG), the Italian email security company has confirmed. About CVE-2025-59689 CVE-2025-59689 is a command injection vulnerability caused by improper sanitization when removing active code from…

Read more →

A cross-border cryptocurrency scam has left investors across Europe with losses of more than €100 million. Authorities in several countries worked together to shut down the operation and arrest those behind it. How the scheme worked The fraudsters ran what…

Read more →

OffSec has released Kali Linux 2025.3, the most up-to-date version of its popular penetration testing and digital forensics platform. What’s new in Kali Linux 2025.3 Better virtual machine tooling The way Kali builds and ships its VM images has been…

Read more →

Sentry released the beta of AI code review, an AI-powered solution that identifies and fixes code issues before they reach production. Following its acquisitions of Codecov (2022) and Emerge Tools (2025), AI code review marks a step in Sentry’s expansion…

Read more →

Proofpoint announced four innovations designed to secure the agentic workspace, where people and AI agents collaborate side by side. Proofpoint’s new collaboration and data security capabilities address the risks of the agentic workspace by solving four challenges: protecting AI assistants…

Read more →

Attackers have a new favorite playground, and it’s not where many security teams are looking. According to fresh data from Bugcrowd, vulnerabilities in hardware and APIs are climbing fast, even as website flaws hold steady. The shift shows how attackers…

Read more →

In this Help Net Security interview, Tim Bramble, Director of Threat Detection and Response at OpenText, discusses how SOC teams are gaining value from AI in detecting and prioritizing threats. By learning what “normal” looks like across users and systems,…

Read more →

Nosey Parker is an open-source command-line tool that helps find secrets and sensitive information hidden in text files. It works like a specialized version of grep, focused on spotting things like passwords, API keys, and other confidential data. The tool…

Read more →

In this Help Net Security video, David Hardoon, Global Head of AI Enablement at Standard Chartered, discusses the role of ethics and safety in AI development. He explains why principles like fairness, accountability, and transparency must be built into AI…

Read more →