Tag: Help Net Security

SolarWinds has fixed yet another unauthenticated remote code execution vulnerability (CVE-2025-26399) in Web Help Desk (WHD), its popular web-based IT ticketing and asset management solution. While the vulnerability is currently not being leveraged by attackers, they might soon reverse-engineer the…

Read more →

Teleport released AI Session Summaries, a new capability in Teleport Identity Security that enables customers to summarize insights from thousands of hours of session recordings in minutes. Teleport generates session recordings of SSH, Kubernetes, and database access events, capturing a…

Read more →

Suspected state-sponsored attackers have exploited a zero-day vulnerability (CVE-2025-59689) in the Libraesva Email Security Gateway (ESG), the Italian email security company has confirmed. About CVE-2025-59689 CVE-2025-59689 is a command injection vulnerability caused by improper sanitization when removing active code from…

Read more →

A cross-border cryptocurrency scam has left investors across Europe with losses of more than €100 million. Authorities in several countries worked together to shut down the operation and arrest those behind it. How the scheme worked The fraudsters ran what…

Read more →

OffSec has released Kali Linux 2025.3, the most up-to-date version of its popular penetration testing and digital forensics platform. What’s new in Kali Linux 2025.3 Better virtual machine tooling The way Kali builds and ships its VM images has been…

Read more →

Sentry released the beta of AI code review, an AI-powered solution that identifies and fixes code issues before they reach production. Following its acquisitions of Codecov (2022) and Emerge Tools (2025), AI code review marks a step in Sentry’s expansion…

Read more →

Proofpoint announced four innovations designed to secure the agentic workspace, where people and AI agents collaborate side by side. Proofpoint’s new collaboration and data security capabilities address the risks of the agentic workspace by solving four challenges: protecting AI assistants…

Read more →

Attackers have a new favorite playground, and it’s not where many security teams are looking. According to fresh data from Bugcrowd, vulnerabilities in hardware and APIs are climbing fast, even as website flaws hold steady. The shift shows how attackers…

Read more →

In this Help Net Security interview, Tim Bramble, Director of Threat Detection and Response at OpenText, discusses how SOC teams are gaining value from AI in detecting and prioritizing threats. By learning what “normal” looks like across users and systems,…

Read more →

Nosey Parker is an open-source command-line tool that helps find secrets and sensitive information hidden in text files. It works like a specialized version of grep, focused on spotting things like passwords, API keys, and other confidential data. The tool…

Read more →

In this Help Net Security video, David Hardoon, Global Head of AI Enablement at Standard Chartered, discusses the role of ethics and safety in AI development. He explains why principles like fairness, accountability, and transparency must be built into AI…

Read more →

Software powers almost every part of business, which means attackers have more chances than ever to exploit insecure code. A new report from CMD+CTRL Security looks at how teams are building their defenses through cyber range training. Based on more…

Read more →

Attackers are constantly finding ways to take over accounts and push malicious packages to the npm registry, the (GitHub-operated) online repository for JavaScript and Node.js packages. But in this month alone, we witnessed the compromise of popular code packages after…

Read more →

Progress Software has released Flowmon ADS 12.5, an anomaly detection system set up to help organizations accelerate threat detection and provide visibility into network activity using AI-driven capabilities. Security teams are dealing with growing challenges, including rising network traffic, alert…

Read more →

The U.S. Secret Service has broken up a network of electronic devices spread across the New York tristate area that officials say posed an imminent threat to national security. The devices were being used to launch telecommunications attacks and to…

Read more →

Obsidian Security has launched a SaaS AI agent defense, providing enterprises with a purpose-built solution to govern how AI agents access data in SaaS environments. With SaaS now one of the most targeted layers of the enterprise stack, Obsidian is…

Read more →

Dragos released Dragos Platform 3.0, providing capabilities that enable industrial defenders to act faster and more confidently against intensifying cyber threats. The Dragos Platform’s new Insights Hub consolidates risk-based vulnerability, asset, and threat alerts into a single prioritized view, while…

Read more →

SonicWall has released new firmware for its Secure Mobile Access (SMA) 100 series appliances, adding file-checking capabilities that help users remove known rootkit malware. The malware in question is the OVERSTEP user-mode rootkit, deployed by threat group UNC6148. The campaign…

Read more →

Outpost24 launched new pen test reporting, giving customers a consolidated view of all penetration testing results within a single platform. This eliminates the need to manage multiple reports from different sources, saving time and improving operational efficiency. Security teams can…

Read more →

Blackdot Solutions unveiled Videris Automate, a platform that delivers new AI capabilities to automate investigations and screening processes. The launch marks a step-change in how organizations can detect risks, uncover hidden connections, and accelerate decision-making at scale. Videris Automate helps…

Read more →