Don’t miss

RCE flaw in tool for building AI agents exploited by attackers (CVE-2025-3248)

Censys, Don't miss, exploit, Horizon3.ai, Hot stuff, News, PoC, SANS ISC, vulnerability /

RCE flaw in tool for building AI agents exploited by attackers (CVE-2025-3248) 2025-05-06 at 16:19 By Zeljka Zorz A missing authentication vulnerability (CVE-2025-3248) in Langflow, a web application for building AI-driven agents, is being exploited by attackers in the wild, CISA has confirmed by adding it to its Known Exploited Vulnerabilities (KEV) catalog. About CVE-2025-3248 […]

React to this headline:

Loading spinner

RCE flaw in tool for building AI agents exploited by attackers (CVE-2025-3248) Read More »

Exploited: Vulnerability in software for managing Samsung digital displays (CVE-2024-7399)

Arctic Wolf Networks, botnet, Don't miss, Hot stuff, News, PoC, Samsung, SANS ISC, vulnerability /

Exploited: Vulnerability in software for managing Samsung digital displays (CVE-2024-7399) 2025-05-06 at 13:03 By Zeljka Zorz An easily and remotely exploitable vulnerability (CVE-2024-7399) affecting Samsung MagicINFO, a platform for managing content on Samsung commercial displays, is being leveraged by attackers. Exploit attempts have been flagged by the SANS Internet Storm Center and Arctic Wolf researchers:

React to this headline:

Loading spinner

Exploited: Vulnerability in software for managing Samsung digital displays (CVE-2024-7399) Read More »

What a future without CVEs means for cyber defense

CVE, cybersecurity, Don't miss, Expert analysis, Expert corner, Hack The Box, Hot stuff, News, opinion, vulnerability management /

What a future without CVEs means for cyber defense 2025-05-06 at 11:31 By Help Net Security The importance of the MITRE-run Common Vulnerabilities and Exposures (CVE) Program shouldn’t be understated. For 25 years, it has acted as the point of reference for cybersecurity professionals to understand and mitigate security flaws. By providing a standardized method

React to this headline:

Loading spinner

What a future without CVEs means for cyber defense Read More »

What it really takes to build a resilient cyber program

CISO, cyber resilience, cybersecurity, Don't miss, Features, Hot stuff, News, Nightwing, opinion, regulation, strategy, tips, vulnerability management /

What it really takes to build a resilient cyber program 2025-05-06 at 08:32 By Mirko Zorz In this Help Net Security interview, Dylan Owen, CISO at Nightwing, talks about what it really takes to build an effective defense: choosing the right frameworks, setting up processes, and getting everyone on the same page. Drawing on both

React to this headline:

Loading spinner

What it really takes to build a resilient cyber program Read More »

How cybercriminals exploit psychological triggers in social engineering attacks

Avast, cybercrime, cybersecurity, Don't miss, Fortra, News, Proofpoint, Reality Defender, Secure Yeti, social engineering, tips, Zscaler /

How cybercriminals exploit psychological triggers in social engineering attacks 2025-05-06 at 08:03 By Sinisa Markovic Most attacks don’t start with malware; they begin with a message that seems completely normal, whether it comes through email, a phone call, or a chat, and that is exactly what makes them so effective. These threats rely on psychological

React to this headline:

Loading spinner

How cybercriminals exploit psychological triggers in social engineering attacks Read More »

Key tips to stay safe from deepfake and AI threats

deepfakes, Don't miss, News, Polyguard, scams, strategy, threats, tips, Video /

Key tips to stay safe from deepfake and AI threats 2025-05-06 at 07:31 By Help Net Security In this Help Net Security video, Joshua McKenty, CEO of Polyguard, talks about how to protect yourself from deepfake and AI threats, which are getting harder to spot and easier to launch. Attackers can clone your voice or

React to this headline:

Loading spinner

Key tips to stay safe from deepfake and AI threats Read More »

UK retailers under cyber attack: Co-op member data compromised

CISA, Don't miss, Hot stuff, NCSC, News, Ransomware, Retail, social engineering, UK /

UK retailers under cyber attack: Co-op member data compromised 2025-05-05 at 15:17 By Zeljka Zorz UK-based retailers Marks & Spencer, Co-op, and Harrods have been targeted by cyber attackers in the last few weeks. Whether the attacks have been mounted by the same group is difficult to say for sure: the victimized businesses are sharing

React to this headline:

Loading spinner

UK retailers under cyber attack: Co-op member data compromised Read More »

How CISOs can talk cybersecurity so it makes sense to executives

boardroom, CISO, CXO, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Optiv Security, security controls, security ROI, Splunk, strategy, Team8, tips /

How CISOs can talk cybersecurity so it makes sense to executives 2025-05-05 at 09:02 By Mirko Zorz CISOs know cyber risk is business risk. Boards don’t always see it that way.​ For years, CISOs have struggled to get boards to understand security beyond buzzwords. Many feel they’re either ignored or misunderstood. But with threats growing

React to this headline:

Loading spinner

How CISOs can talk cybersecurity so it makes sense to executives Read More »

How OSINT supports financial crime investigations

Blackdot Solutions, crime, cybersecurity, data, Don't miss, Features, financial industry, Hot stuff, News, opinion, OSINT, regulation /

How OSINT supports financial crime investigations 2025-05-05 at 08:31 By Mirko Zorz In this Help Net Security interview, Stuart Clarke, CEO at Blackdot Solutions, discusses the strategic use of open-source intelligence (OSINT) in tackling financial crime. He outlines its application in areas such as fraud, sanctions evasion, and money laundering, and addresses the legal, ethical,

React to this headline:

Loading spinner

How OSINT supports financial crime investigations Read More »

Review: Effective Vulnerability Management

Aquia, books, Don't miss, News, Reviews, skill development, strategy, tips, vulnerability management /

Review: Effective Vulnerability Management 2025-05-05 at 08:03 By Mirko Zorz Effective Vulnerability Management offers a view of a key part of cybersecurity, showing how practices, tools, and processes can help organizations reduce risk. About the authors Chris Hughes is the President of Aquia, a cybersecurity leader with 20 years of public and private sector experience,

React to this headline:

Loading spinner

Review: Effective Vulnerability Management Read More »

Vuls: Open-source agentless vulnerability scanner

Don't miss, GitHub, News, open source, scanning, software /

Vuls: Open-source agentless vulnerability scanner 2025-05-05 at 07:33 By Help Net Security Vuls is an open-source tool that helps users find and manage security vulnerabilities. It was created to solve the daily problems admins face when trying to keep servers secure. Many administrators choose not to use automatic software updates because they want to avoid

React to this headline:

Loading spinner

Vuls: Open-source agentless vulnerability scanner Read More »

Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)

CISA, Don't miss, exploit, Hot stuff, News, PoC, SMBs, SonicWall, vulnerability, WatchTowr /

Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221) 2025-05-02 at 16:18 By Zeljka Zorz Attackers have been using two previously known vulnerabilities (CVE-2024-38475, CVE-2023-44221) to compromise Sonicwall secure mobile access devices, the vendor has confirmed by updating the associated advisories. CISA has added the two flaws to its Known Exploited Vulnerabilities catalog,

React to this headline:

Loading spinner

Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221) Read More »

Why SMEs can no longer afford to ignore cyber risk

CISO, cybersecurity, Don't miss, Europe, Features, Government, Hot stuff, News, opinion, strategy, tips, UK /

Why SMEs can no longer afford to ignore cyber risk 2025-05-01 at 09:32 By Mirko Zorz In this Help Net Security interview, Steven Furnell, Professor of Cyber Security at the University of Nottingham, illustrates how small and medium-sized businesses (SMEs) must reassess their risk exposure and prioritize resilience to safeguard their long-term growth and stability.

React to this headline:

Loading spinner

Why SMEs can no longer afford to ignore cyber risk Read More »

Preparing for the next wave of machine identity growth

CXO, cybersecurity, Don't miss, Features, Hot stuff, identity management, identity protection, News, opinion, report, SailPoint /

Preparing for the next wave of machine identity growth 2025-05-01 at 09:21 By Mirko Zorz Machine identities are multiplying fast, and many organizations are struggling to keep up. In this Help Net Security interview, Wendy Wu, CMO at SailPoint, explains why machine identity security matters, where most companies go wrong, how automation can help, and

React to this headline:

Loading spinner

Preparing for the next wave of machine identity growth Read More »

Hottest cybersecurity open-source tools of the month: April 2025

cybersecurity, Don't miss, GitHub, News, open source, software /

Hottest cybersecurity open-source tools of the month: April 2025 2025-05-01 at 08:36 By Help Net Security This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. GoSearch: Open-source OSINT tool for uncovering digital footprints GoSearch is an open-source OSINT tool built to uncover digital footprints linked to

React to this headline:

Loading spinner

Hottest cybersecurity open-source tools of the month: April 2025 Read More »

Top solutions to watch after RSAC 2025

Abnormal AI, AppViewX, Arctic Wolf Networks, BreachLock, Don't miss, Flashpoint, LastPass, News, PowerDMARC, RSAC 2025, Saviynt, Swimlane, Varonis /

Top solutions to watch after RSAC 2025 2025-05-01 at 08:03 By Help Net Security RSAC 2025 showcased a wave of innovation, with vendors unveiling technologies poised to redefine cybersecurity. From AI-powered defense to breakthroughs in identity protection, this year’s conference delivered a glimpse into the future. Here are the most interesting products that caught our

React to this headline:

Loading spinner

Top solutions to watch after RSAC 2025 Read More »

Online fraud peaks as breaches rise

Don't miss, fraud, News, report, scams, TransUnion, Video /

Online fraud peaks as breaches rise 2025-05-01 at 07:31 By Help Net Security Data breaches played a key role in significant financial losses faced by consumers due to fraud. In this Help Net Security video, Steve Yin, Global Head of Fraud at TransUnion, and Brad Daughdrill, VP, Data Science, Head of Global Fraud Analytics, TransUnion,

React to this headline:

Loading spinner

Online fraud peaks as breaches rise Read More »

Airplay-enabled devices open to attack via “AirBorne” vulnerabilities

apple, Don't miss, Hot stuff, IoT, News, Oligo Security, vulnerability /

Airplay-enabled devices open to attack via “AirBorne” vulnerabilities 2025-04-30 at 16:31 By Zeljka Zorz Vulnerabilities in Apple’s AirPlay Protocol, AirPlay Software Development Kits (SDKs), and the CarPlay Communication Plug-in could allow attackers to compromise AirPlay-enabled devices developed and sold by Apple and by other companies. “Because AirPlay is a fundamental piece of software for Apple

React to this headline:

Loading spinner

Airplay-enabled devices open to attack via “AirBorne” vulnerabilities Read More »

Download: Edgescan 2025 Vulnerability Statistics Report

Don't miss, Edgescan, News, Whitepapers and webinars /

Download: Edgescan 2025 Vulnerability Statistics Report 2025-04-30 at 16:03 By Help Net Security Edgescan’s 2025 Vulnerability Statistics Report explores risk density patterns across network/device and application layers, uncovers complex vulnerabilities that automated tools consistently miss, and evaluates the real-world effectiveness of leading vulnerability scoring methodologies, including EPSS, CISA KEV, CVSS, and our proprietary EVSS system.

React to this headline:

Loading spinner

Download: Edgescan 2025 Vulnerability Statistics Report Read More »

Scroll to Top