Don’t miss

Is privacy becoming a luxury? A candid look at consumer data use

cybersecurity, Data Protection, Don't miss, Features, Hot stuff, News, opinion, Privacy, regulation /

Is privacy becoming a luxury? A candid look at consumer data use 2025-05-23 at 09:02 By Mirko Zorz In this Help Net Security interview, Dr. Joy Wu, Assistant Professor, UBC Sauder School of Business, discusses the psychological and societal impacts of data monetization, why current privacy disclosures often fall short, and what it will take […]

React to this headline:

Loading spinner

Is privacy becoming a luxury? A candid look at consumer data use Read More »

Unpatched Windows Server vulnerability allows full domain compromise

Active Directory, Akamai, Don't miss, enterprise, Hot stuff, News, privileged accounts, vulnerability, Windows Server /

Unpatched Windows Server vulnerability allows full domain compromise 2025-05-22 at 18:45 By Zeljka Zorz A privilege escalation vulnerability in Windows Server 2025 can be used by attackers to compromise any user in Active Directory (AD), including Domain Admins. “The [“BadSuccessor”] attack exploits the delegated Managed Service Account (dMSA) feature that was introduced in Windows Server

React to this headline:

Loading spinner

Unpatched Windows Server vulnerability allows full domain compromise Read More »

Signal blocks Microsoft Recall from screenshotting conversations

Don't miss, Hot stuff, News, Privacy, secure communications, Signal, Windows /

Signal blocks Microsoft Recall from screenshotting conversations 2025-05-22 at 14:01 By Zeljka Zorz Signal has released a new version of its end-to-end encrypted communication app for Windows that prevents Microsoft Recall and users from screenshotting text-based conversations happening in the app. The new “Screen security” setting is enabled by default and can be easily disabled

React to this headline:

Loading spinner

Signal blocks Microsoft Recall from screenshotting conversations Read More »

The hidden gaps in your asset inventory, and how to close them

asset discovery, CISO, CXO, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, strategy, ThingsRecon, tips /

The hidden gaps in your asset inventory, and how to close them 2025-05-22 at 09:06 By Mirko Zorz In this Help Net Security interview, Tim Grieveson, CSO at ThingsRecon, breaks down the first steps security teams should take to regain visibility, the most common blind spots in asset discovery, and why context should drive risk

React to this headline:

Loading spinner

The hidden gaps in your asset inventory, and how to close them Read More »

CTM360 report: Ransomware exploits trust more than tech

CTM360, cybercrime, cybersecurity, Don't miss, Europe, Hot stuff, News, Ransomware, report, UK /

CTM360 report: Ransomware exploits trust more than tech 2025-05-22 at 08:35 By Anamarija Pogorelec A recent wave of ransomware attacks has disrupted major retailers across the UK. According to a new report from CTM360, the attackers didn’t need to break down the door, they were invited in through misplaced trust and weak identity safeguards. This

React to this headline:

Loading spinner

CTM360 report: Ransomware exploits trust more than tech Read More »

Lumma Stealer Malware-as-a-Service operation disrupted

BitSight, Cloudflare, data theft, disruption, Don't miss, ESET, Europol, Hot stuff, Lumen, Malware, Microsoft, News, US DoJ /

Lumma Stealer Malware-as-a-Service operation disrupted 2025-05-21 at 21:21 By Zeljka Zorz A coordinated action by US, European and Japanese authorities and tech companies like Microsoft and Cloudflare has disrupted the infrastructure behind Lumma Stealer, the most significant infostealer threat at the moment. What is Lumma Stealer? Lumma Stealer is Malware-as-a-Service offering beloved by a wide

React to this headline:

Loading spinner

Lumma Stealer Malware-as-a-Service operation disrupted Read More »

Data-stealing VS Code extensions removed from official Marketplace

Datadog, Don't miss, Ethereum, extension, Hot stuff, News, programming, VS Code, VS Code Marketplace /

Data-stealing VS Code extensions removed from official Marketplace 2025-05-21 at 16:19 By Zeljka Zorz Developers who specialize in writing smart (primarily Ethereum) contracts using the Solidity programming language have been targeted via malicious VS Code extensions that install malware that steals cryptocurrency wallet credentials. “Based on shared infrastructure and obfuscation characteristics, we attribute all three

React to this headline:

Loading spinner

Data-stealing VS Code extensions removed from official Marketplace Read More »

What good threat intelligence looks like in practice

CISO, cybersecurity, Cyware, Don't miss, Features, Hot stuff, News, opinion, strategy, Threat Intelligence, tips /

What good threat intelligence looks like in practice 2025-05-21 at 08:32 By Mirko Zorz In this Help Net Security interview, Anuj Goel, CEO of Cyware, discusses how threat intelligence is no longer a nice to have, it’s a core cyber defense requirement. But turning intelligence into action remains a challenge for many organizations. The path

React to this headline:

Loading spinner

What good threat intelligence looks like in practice Read More »

AutoPatchBench: Meta’s new way to test AI bug fixing tools

Artificial Intelligence, Don't miss, GitHub, Meta, News, open source, software /

AutoPatchBench: Meta’s new way to test AI bug fixing tools 2025-05-21 at 08:02 By Mirko Zorz AutoPatchBench is a new benchmark that tests how well AI tools can fix code bugs. It focuses on C and C++ vulnerabilities found through fuzzing. The benchmark includes 136 real bugs and their verified fixes, taken from the ARVO

React to this headline:

Loading spinner

AutoPatchBench: Meta’s new way to test AI bug fixing tools Read More »

Third-party cyber risks and what you can do

Blumira, CISO, Don't miss, Hot stuff, News, opinion, strategy, third party compromise, Video /

Third-party cyber risks and what you can do 2025-05-21 at 07:31 By Help Net Security When a third-party tech vendor suffers a cyber incident, your business can feel the effects immediately. That’s why it’s crucial to treat vendor risk as part of your cybersecurity posture. In this Help Net Security video, Mike Toole, Director of

React to this headline:

Loading spinner

Third-party cyber risks and what you can do Read More »

Product showcase: Secure digital and physical access with the Swissbit iShield Key 2

access control, authentication, Don't miss, Hot stuff, News, Product showcase, Swissbit /

Product showcase: Secure digital and physical access with the Swissbit iShield Key 2 2025-05-20 at 16:16 By Help Net Security To meet today’s complex security requirements, organizations need solutions that are not only secure, but also practical and scalable. The Swissbit iShield Key 2 offers a compelling answer by combining two critical security functions –

React to this headline:

Loading spinner

Product showcase: Secure digital and physical access with the Swissbit iShield Key 2 Read More »

Trojanized KeePass opens doors for ransomware attackers

Don't miss, Hot stuff, initial access broker, KeePass, malvertising, Malware, News, open source, Ransomware, typosquatting, WithSecure /

Trojanized KeePass opens doors for ransomware attackers 2025-05-20 at 14:04 By Zeljka Zorz A suspected initial access broker has been leveraging trojanized versions of the open-source KeePass password manager to set the stage for ransomware attacks, WithSecure researchers have discovered. KeeLoader: Passoword manager that acts as data stealer and malware loader In February 2025, WithSecure’s

React to this headline:

Loading spinner

Trojanized KeePass opens doors for ransomware attackers Read More »

Closing security gaps in multi-cloud and SaaS environments

Cloud, cloud security, collaboration, cybersecurity, Don't miss, Features, Hot stuff, News, Qualys, SaaS, strategy /

Closing security gaps in multi-cloud and SaaS environments 2025-05-20 at 09:06 By Mirko Zorz In this Help Net Security interview, Kunal Modasiya, SVP, Product Management, GTM, and Growth at Qualys, discusses recent Qualys research on the state of cloud and SaaS security. He talks about how siloed visibility, fragmented tools, and a lack of incident

React to this headline:

Loading spinner

Closing security gaps in multi-cloud and SaaS environments Read More »

Containers are just processes: The illusion of namespace security

containers, cybersecurity, Don't miss, Edera, Expert analysis, Expert corner, Hot stuff, Kubernetes, Linux, News, open source, opinion /

Containers are just processes: The illusion of namespace security 2025-05-20 at 08:31 By Help Net Security In the early days of commercial open source, major vendors cast doubt on its security, claiming transparency was a flaw. In fact, that openness fueled strong communities and faster security improvements, making OSS often more secure than proprietary code.

React to this headline:

Loading spinner

Containers are just processes: The illusion of namespace security Read More »

Why legal must lead on AI governance before it’s too late

CISO, Compliance, CXO, Don't miss, Features, Hot stuff, Ivanti, law, News, opinion, strategy /

Why legal must lead on AI governance before it’s too late 2025-05-20 at 08:05 By Mirko Zorz In this Help Net Security interview, Brooke Johnson, Chief Legal Counsel and SVP of HR and Security, Ivanti, explores the legal responsibilities in AI governance, highlighting how cross-functional collaboration enables safe, ethical AI use while mitigating risk and

React to this headline:

Loading spinner

Why legal must lead on AI governance before it’s too late Read More »

AI voice hijacking: How well can you trust your ears?

cybercrime, cybersecurity, deepfakes, Don't miss, News, scams, tips /

AI voice hijacking: How well can you trust your ears? 2025-05-20 at 07:32 By Sinisa Markovic How sure are you that you can recognize an AI-cloned voice? If you think you’re completely certain, you might be wrong. Why it’s a growing threat With only three seconds of audio, criminals can now clone a person’s voice,

React to this headline:

Loading spinner

AI voice hijacking: How well can you trust your ears? Read More »

CTM360 maps out real-time phishing infrastructure targeting corporate banking worldwide

CTM360, cybercrime, cybersecurity, Don't miss, Hot stuff, News, phishing, report, scams /

CTM360 maps out real-time phishing infrastructure targeting corporate banking worldwide 2025-05-19 at 16:50 By Anamarija Pogorelec A phishing operation that targets corporate banking accounts across the globe has been analyzed in a new report by CTM360. The campaign uses fake Google ads, advanced filtering techniques, to steal sensitive login credentials and bypass MFA. Researchers uncovered

React to this headline:

Loading spinner

CTM360 maps out real-time phishing infrastructure targeting corporate banking worldwide Read More »

Malicious RVTools installer found on official site, researcher warns

Dell, Don't miss, Hot stuff, News, supply chain compromise, virtualization, VMWare /

Malicious RVTools installer found on official site, researcher warns 2025-05-19 at 15:05 By Zeljka Zorz The official site for RVTools has apparently been hacked to serve a compromised installer for the popular utility, a security researcher has warned. It’s difficult to say how long the malicious version has been available for download, but the website

React to this headline:

Loading spinner

Malicious RVTools installer found on official site, researcher warns Read More »

AI hallucinations and their risk to cybersecurity operations

Artificial Intelligence, CISO, Don't miss, Features, GuidePoint Security, Hot stuff, ImmuniWeb, News, opinion, Qwiet AI, security operations, strategy, Tanium, tips /

AI hallucinations and their risk to cybersecurity operations 2025-05-19 at 08:31 By Mirko Zorz AI systems can sometimes produce outputs that are incorrect or misleading, a phenomenon known as hallucinations. These errors can range from minor inaccuracies to misrepresentations that can misguide decision-making processes. Real world implications “If a company’s AI agent leverages outdated or

React to this headline:

Loading spinner

AI hallucinations and their risk to cybersecurity operations Read More »

Scroll to Top