Don’t miss

Trojanized SonicWall NetExtender app exfiltrates VPN credentials

data theft, Don't miss, Hot stuff, Microsoft, News, SonicWall, trojan, VPN /

Trojanized SonicWall NetExtender app exfiltrates VPN credentials 2025-06-24 at 15:00 By Zeljka Zorz Unknown attackers have trojanized SonicWall’s SSL-VPN NetExtender application, the company has warned on Monday, and have been tricking users into downloading it from a lookalike site(s?). The trojanized SonicWall NetExtender installer SonicWall NetExtender is an SSL‑VPN client used by companies to give remote […]

React to this headline:

Loading spinner

Trojanized SonicWall NetExtender app exfiltrates VPN credentials Read More »

High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218)

Don't miss, Hot stuff, News, Trend Micro, vulnerability, Windows, WinRAR /

High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218) 2025-06-24 at 12:45 By Zeljka Zorz A recently patched directory traversal vulnerability (CVE-2025-6218) in WinRAR could be leveraged by remote attackers to execute arbitrary code on affected installations. The vulnerability has been patched in WinRAR 7.12 beta 1, released on June 10, 2025, and users are advised

React to this headline:

Loading spinner

High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218) Read More »

Why work-life balance in cybersecurity must start with executive support

burnout, CISO, communication, cybersecurity, Don't miss, Features, Hot stuff, News, professional /

Why work-life balance in cybersecurity must start with executive support 2025-06-24 at 08:34 By Mirko Zorz In this Help Net Security interview, Stacy Wallace, CISO at Arizona Department of Revenue, talks about the realities of work-life balance in cybersecurity leadership. She shares how her team handles constant pressure, sets boundaries, and deals with stress. Wallace

React to this headline:

Loading spinner

Why work-life balance in cybersecurity must start with executive support Read More »

Reconmap: Open-source vulnerability assessment, pentesting management platform

Don't miss, GitHub, News, open source, reconnaissance, software /

Reconmap: Open-source vulnerability assessment, pentesting management platform 2025-06-24 at 08:03 By Help Net Security Reconmap is an open source tool for vulnerability assessments and penetration testing. It helps security teams plan, carry out, and report on security tests from start to finish. The platform simplifies tasks and makes it easier for teams to work together,

React to this headline:

Loading spinner

Reconmap: Open-source vulnerability assessment, pentesting management platform Read More »

Microsoft will start removing legacy drivers from Windows Update

Don't miss, drivers, Hot stuff, Microsoft, News, Windows /

Microsoft will start removing legacy drivers from Windows Update 2025-06-23 at 17:47 By Zeljka Zorz Microsoft will start removing legacy drivers from Windows Update to improve driver quality for Windows users but, most importantly, to increase security, the company has announced. This is intended to be an ongoing process and Microsoft is planning to introduce

React to this headline:

Loading spinner

Microsoft will start removing legacy drivers from Windows Update Read More »

CoinMarketCap, Cointelegraph compromised to serve pop-ups to drain crypto wallets

Blockaid, C/side, Cryptocurrency, Don't miss, Hot stuff, JavaScript, News, supply chain attacks /

CoinMarketCap, Cointelegraph compromised to serve pop-ups to drain crypto wallets 2025-06-23 at 16:38 By Zeljka Zorz The CoinMarketCap and CoinTelegraph websites have been compromised over the weekend to serve clever phishing pop-ups to visitors, asking them to verify/connect their crypto wallets. The CoinMarketCap compromise CoinMarketCap (aka CMC) is a website popular with crypto investors as

React to this headline:

Loading spinner

CoinMarketCap, Cointelegraph compromised to serve pop-ups to drain crypto wallets Read More »

Critical Citrix NetScaler bug fixed, upgrade ASAP! (CVE-2025-5777)

Citrix, Don't miss, enterprise, Hot stuff, NetScaler, News, security update, vulnerability /

Critical Citrix NetScaler bug fixed, upgrade ASAP! (CVE-2025-5777) 2025-06-23 at 14:14 By Zeljka Zorz Citrix has fixed a critical vulnerability (CVE-2025-5777) in NetScaler ADC and NetScaler Gateway reminiscent of the infamous and widely exploited CitrixBleed flaw. The vulnerabilities have been privately disclosed and there is no indication that they are under active exploitation. Nevertheless, the

React to this headline:

Loading spinner

Critical Citrix NetScaler bug fixed, upgrade ASAP! (CVE-2025-5777) Read More »

Stealthy backdoor found hiding in SOHO devices running Linux

Asus, backdoor, China, Cisco, CISO, cybercrime, D-Link, Don't miss, hardware, Linksys, Microsoft, News, router, Ruckus Networks, security cameras, SecurityScorecard, Synology /

Stealthy backdoor found hiding in SOHO devices running Linux 2025-06-23 at 11:02 By Mirko Zorz SecurityScorecard’s STRIKE team has uncovered a network of compromised small office and home office (SOHO) devices they’re calling LapDogs. The threat is part of a broader shift in how China-Nexus threat actors are using Operational Relay Box (ORB) networks to

React to this headline:

Loading spinner

Stealthy backdoor found hiding in SOHO devices running Linux Read More »

How CISOs can justify security investments in financial terms

CBIZ, CISO, cybersecurity, Don't miss, Features, financial industry, Hot stuff, News, risk, Risk Management, strategy /

How CISOs can justify security investments in financial terms 2025-06-23 at 09:06 By Mirko Zorz In this Help Net Security interview, John Verry, Managing Director at CBIZ, discusses how insurers and financial risk professionals evaluate cybersecurity maturity through different lenses. He also shows how framing cyber risk in business terms can strengthen investment cases and

React to this headline:

Loading spinner

How CISOs can justify security investments in financial terms Read More »

Quantum risk is already changing cybersecurity

CISO, cyber resilience, cyber risk, Cyber Threat Alliance, cybersecurity, Don't miss, Hot stuff, News, quantum computing, report, Risk Management /

Quantum risk is already changing cybersecurity 2025-06-23 at 08:18 By Mirko Zorz A new report from the Cyber Threat Alliance warns that the era of quantum risk is already underway, and security teams need to stop treating it like a problem for tomorrow. The report, Approaching Quantum Dawn: Closing the Cybersecurity Readiness Gap Before It’s

React to this headline:

Loading spinner

Quantum risk is already changing cybersecurity Read More »

Microsoft boosts default security of Windows 365 Cloud PCs

cloud computing, Don't miss, Hot stuff, hybrid workforce, Microsoft 365, News, remote working, virtualization, Windows /

Microsoft boosts default security of Windows 365 Cloud PCs 2025-06-20 at 15:05 By Zeljka Zorz Windows 365 Cloud PCs now come with new default settings aimed at preventing / minimizing data exfiltration and malicious exploits, Microsoft has announced. Windows 365 Cloud PCs are Azure (i.e., Windows 365 service)-hosted virtual Windows PCs the company offers as

React to this headline:

Loading spinner

Microsoft boosts default security of Windows 365 Cloud PCs Read More »

Strategies to secure long-life IoT devices

Artificial Intelligence, authentication, CISO, cybersecurity, Don't miss, Features, Hot stuff, IoT, network, News, Signify /

Strategies to secure long-life IoT devices 2025-06-20 at 09:07 By Mirko Zorz In this Help Net Security interview, Rob ter Linden, CISO at Signify, discusses priorities for CISOs working on IoT security, including the need for compliant infrastructure, easy device management, and preparing for future tech like quantum computing and AI. He also covers challenges

React to this headline:

Loading spinner

Strategies to secure long-life IoT devices Read More »

Why AI code assistants need a security reality check

Artificial Intelligence, code, cybersecurity, DevSecOps, Don't miss, Features, Hot stuff, News, Sonar /

Why AI code assistants need a security reality check 2025-06-19 at 09:02 By Mirko Zorz In this Help Net Security interview, Silviu Asandei, Security Specialist and Security Governance at Sonar, discusses how AI code assistants are transforming development workflows and impacting security. He explains how these tools can boost productivity but may also propagate vulnerabilities

React to this headline:

Loading spinner

Why AI code assistants need a security reality check Read More »

GPS tracker detection made easy with off-the-shelf hardware

451 Research, car, cyberstalking, Don't miss, hardware, Internet of Things, location tracking, News, Privacy, scanner, tracking /

GPS tracker detection made easy with off-the-shelf hardware 2025-06-19 at 08:33 By Mirko Zorz Cyberstalkers are increasingly turning to cheap GPS trackers to secretly monitor people in real time. These devices, which often cost less than $30 and run on 4G LTE networks, are small, easy to hide under a bumper or in a glovebox,

React to this headline:

Loading spinner

GPS tracker detection made easy with off-the-shelf hardware Read More »

91% noise: A look at what’s wrong with traditional SAST tools

Application Security, automation, cybersecurity, Don't miss, Ghost Security, News, report, scanning /

91% noise: A look at what’s wrong with traditional SAST tools 2025-06-19 at 07:32 By Mirko Zorz Traditional static application security testing (SAST) tools are falling short. That’s the key takeaway from a recent report that tested these tools against nearly 3,000 open-source code repositories. The results: more than 91% of flagged vulnerabilities were false

React to this headline:

Loading spinner

91% noise: A look at what’s wrong with traditional SAST tools Read More »

Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019)

Debian, Don't miss, Fedora, Hot stuff, Linux, News, openSUSE, Qualys, Ubuntu, vulnerability /

Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019) 2025-06-18 at 14:49 By Zeljka Zorz Qualys researchers have unearthed two local privilege escalation vulnerabilities (CVE-2025-6018, CVE-2025-6019) that can be exploited in tandem to achieve root access on most Linux distributions “with minimal effort.” About the vulnerabilities (CVE-2025-6018, CVE-2025-6019) CVE-2025-6018 affects the Pluggable

React to this headline:

Loading spinner

Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019) Read More »

Kernel-level container insights: Utilizing eBPF with Cilium, Tetragon, and SBOMs for security

containers, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Kubernetes, News, opinion, Rootly /

Kernel-level container insights: Utilizing eBPF with Cilium, Tetragon, and SBOMs for security 2025-06-18 at 09:02 By Help Net Security As applications become more distributed, traditional monitoring and security tools are failing to keep pace. This article explores how eBPF, when utilized by the graduated CNCF Cilium and its sub-project Tetragon, combined with Software Bills of

React to this headline:

Loading spinner

Kernel-level container insights: Utilizing eBPF with Cilium, Tetragon, and SBOMs for security Read More »

AI is changing cybersecurity roles, and entry-level jobs are at risk

Artificial Intelligence, automation, Cato Networks, cybersecurity, Don't miss, Exabeam, News, Perspective Intelligence, Wipro /

AI is changing cybersecurity roles, and entry-level jobs are at risk 2025-06-18 at 08:00 By Sinisa Markovic Will humans remain essential in cybersecurity, or is AI set to take over? According to Wipro, many CISOs are leveraging AI to improve threat detection and response times and to build enhanced incident response capabilities. What’s changing AI

React to this headline:

Loading spinner

AI is changing cybersecurity roles, and entry-level jobs are at risk Read More »

Scroll to Top