Don’t miss

Attackers are exploiting auth bypass vulnerability on FortiGate firewalls (CVE-2025-59718)

Arctic Wolf Networks, CISA, Don't miss, firewall, Fortinet, Hot stuff, News, vulnerability /

Attackers are exploiting auth bypass vulnerability on FortiGate firewalls (CVE-2025-59718) 2025-12-17 at 16:31 By Zeljka Zorz Attackers are exploiting a recently revealed vulnerability (CVE-2025-59718) to bypass authentication on Fortinet’s FortiGate firewalls, and are leveraging the achieved access to export their system configuration files, Arctic Wolf researchers warned on Tuesday. Configuration files can expose information about […]

Attackers are exploiting auth bypass vulnerability on FortiGate firewalls (CVE-2025-59718) Read More »

Why vulnerability reports stall inside shared hosting companies

cybersecurity, Don't miss, Features, Hot stuff, News, research, strategy, tips, vulnerability disclosure, vulnerability management /

Why vulnerability reports stall inside shared hosting companies 2025-12-17 at 09:24 By Mirko Zorz Security teams keep sending vulnerability notifications, and the same pattern keeps repeating. Many alerts land, few lead to fixes. A new qualitative study digs into what happens after those reports arrive and explains why remediation so often stops short. The research

Why vulnerability reports stall inside shared hosting companies Read More »

Zabbix: Open-source IT and OT observability solution

automation, Don't miss, GitHub, monitoring, News, open source, security operations, software /

Zabbix: Open-source IT and OT observability solution 2025-12-17 at 08:08 By Anamarija Pogorelec Zabbix is an open source monitoring platform designed to track the availability, performance, and integrity of IT environments. It monitors networks along with servers, virtual machines, applications, services, databases, websites, and cloud resources. For cybersecurity professionals, this visibility matters because operational issues

Zabbix: Open-source IT and OT observability solution Read More »

How exposure management changes cyber defense

cybersecurity, Don't miss, endpoint management, Endpoint Security, News, SixMap, Video /

How exposure management changes cyber defense 2025-12-17 at 07:36 By Help Net Security In this Help Net Security video, Larry Slusser, VP of Strategy at SixMap, explains why endpoint detection and response is only part of the security story. Drawing on his work as an incident responder, engagement manager, and ransomware negotiator, he describes EDR

How exposure management changes cyber defense Read More »

European police busts Ukraine scam call centers

Don't miss, EU, Hot stuff, law enforcement, News, scams, Ukraine /

European police busts Ukraine scam call centers 2025-12-16 at 15:25 By Zeljka Zorz Law enforcement agencies from several European countries have arrested twelve persons suspected of being involved in scamming victims across Europe, Eurojust announced today. “The fraudsters used various scams, such as posing as police officers to withdraw money using their victims’ cards and

European police busts Ukraine scam call centers Read More »

SoundCloud breached, hit by DoS attacks

data breach, Don't miss, DoS, Hot stuff, News, SoundCloud /

SoundCloud breached, hit by DoS attacks 2025-12-16 at 14:05 By Zeljka Zorz Audio streaming service SoundCloud has suffered a breach and has been repeatedly hit by denial of service attacks, the company confirmed on Monday. In the days leading up to the confirmation, users accessing SoundCloud through VPNs reported connection failures and error messages. It

SoundCloud breached, hit by DoS attacks Read More »

The messy data trails of telehealth are becoming a security nightmare

CISO, Compliance, cybersecurity, Data Protection, Don't miss, Features, healthcare, Hot stuff, News, Ro, telehealth /

The messy data trails of telehealth are becoming a security nightmare 2025-12-16 at 09:24 By Mirko Zorz In this Help Net Security interview, Scott Bachand, CIO/CISO at Ro, discusses how telehealth reshapes the flow of patient data and what that means for security. He explains why organizations must strengthen data classification and visibility as systems

The messy data trails of telehealth are becoming a security nightmare Read More »

What Cloudflare’s 2025 internet review says about attacks, outages, and traffic shifts

bot, CISO, Cloudflare, Don't miss, network, News, report, traffic monitoring /

What Cloudflare’s 2025 internet review says about attacks, outages, and traffic shifts 2025-12-15 at 18:02 By Anamarija Pogorelec The internet stayed busy, brittle, and under constant pressure in 2025. Cloudflare’s annual Radar Year in Review offers a wide view of how traffic moved, where attacks clustered, and what failed when systems were stressed. Cloudflare, which

What Cloudflare’s 2025 internet review says about attacks, outages, and traffic shifts Read More »

Kali Linux 2025.4: New tools and “quality-of-life” improvements

Don't miss, Hot stuff, Kali Linux, News, OffSec, penetration testing /

Kali Linux 2025.4: New tools and “quality-of-life” improvements 2025-12-15 at 13:48 By Zeljka Zorz OffSec has released Kali Linux 2025.4, a new version of its widely used penetration testing and digital forensics platform. Most of the changes are related to appearance and usability: Kali’s GNOME desktop environment now organizes Kali tools into folders via the

Kali Linux 2025.4: New tools and “quality-of-life” improvements Read More »

Update your Apple devices to fix actively exploited vulnerabilities! (CVE-2025-14174, CVE-2025-43529)

0-day, apple, Don't miss, Hot stuff, iOS, macOS, News, security update /

Update your Apple devices to fix actively exploited vulnerabilities! (CVE-2025-14174, CVE-2025-43529) 2025-12-15 at 12:58 By Zeljka Zorz Apple has issued security updates with fixes for two WebKit vulnerabilities (CVE-2025-14174, CVE-2025-43529) that have been exploited as zero-days. Several days before the release of these updates, Google fixed CVE-2025-14174 in the desktop version of Chrome, though at

Update your Apple devices to fix actively exploited vulnerabilities! (CVE-2025-14174, CVE-2025-43529) Read More »

How researchers are teaching AI agents to ask for permission the right way

Artificial Intelligence, cybersecurity, data security, Don't miss, Features, Hot stuff, Iterate.ai, machine learning, News, research, USA /

How researchers are teaching AI agents to ask for permission the right way 2025-12-15 at 09:06 By Mirko Zorz People are starting to hand more decisions to AI agents, from booking trips to sorting digital files. The idea sounds simple. Tell the agent what you want, then let it work through the steps. The hard

How researchers are teaching AI agents to ask for permission the right way Read More »

Prometheus: Open-source metrics and monitoring systems and services

Cloud Native Computing Foundation, cybersecurity, DevOps, Don't miss, GitHub, Hot stuff, monitoring, News, open source, security metrics, software /

Prometheus: Open-source metrics and monitoring systems and services 2025-12-15 at 08:43 By Anamarija Pogorelec Prometheus is an open-source monitoring and alerting system built for environments where services change often and failures can spread fast. For security teams and DevOps engineers, it has become a common way to track system behavior, spot early warning signs, and

Prometheus: Open-source metrics and monitoring systems and services Read More »

What types of compliance should your password manager support?

Compliance, Don't miss, Hot stuff, News, password management, password manager, Passwork, security standard /

What types of compliance should your password manager support? 2025-12-15 at 07:49 By Sinisa Markovic Lost credentials and weak authentication controls still sit at the center of many security incidents. IT leaders and CISOs know this problem well. They also know that regulators watch how organizations protect passwords, track access, and document security decisions. That

What types of compliance should your password manager support? Read More »

What 35 years of privacy law say about the state of data protection

CCPA, Compliance, CPRA, Data Protection, Don't miss, GDPR, News, Privacy, regulation, research /

What 35 years of privacy law say about the state of data protection 2025-12-12 at 09:52 By Anamarija Pogorelec Privacy laws have expanded around the world, and security leaders now work within a crowded field of requirements. New research shows that these laws provide stronger rights and duties, but the protections do not always translate

What 35 years of privacy law say about the state of data protection Read More »

40 open-source tools redefining how security teams secure the stack

Android, cybersecurity, Don't miss, GitHub, Hot stuff, Linux, macOS, News, open source, software, Windows /

40 open-source tools redefining how security teams secure the stack 2025-12-11 at 09:07 By Anamarija Pogorelec Open source security software has become a key way for teams to get flexibility, transparency, and capability without licensing costs. The free tools in this roundup address problems security teams deal with, from managing large environments to catching misconfigurations

40 open-source tools redefining how security teams secure the stack Read More »

Password habits are changing, and the data shows how far we’ve come

Don't miss, Flare, News, password management, passwords, Video /

Password habits are changing, and the data shows how far we’ve come 2025-12-11 at 08:13 By Help Net Security In this Help Net Security video, Andréanne Bergeron, Security Researcher at Flare, explains how changes in user habits, policy shifts, and new tools have shaped password security over nearly twenty years. She walks through research based

Password habits are changing, and the data shows how far we’ve come Read More »

Product showcase: Tuta – secure, encrypted, private email

Don't miss, Email, Encryption, News, Privacy, Product showcase /

Product showcase: Tuta – secure, encrypted, private email 2025-12-11 at 08:13 By Help Net Security Tuta, formerly known as Tutanota, is built for anyone who wants email that stays private. Instead of treating encryption like a bonus feature, the service encrypts almost everything by default. That means your messages are locked down from the moment

Product showcase: Tuta – secure, encrypted, private email Read More »

Henkel CISO on the messy truth of monitoring factories built across decades

CISO, Cloud, cybersecurity, Don't miss, Features, firmware, Henkel, Hot stuff, Internet of Things, manufacturing sector, News, SaaS /

Henkel CISO on the messy truth of monitoring factories built across decades 2025-12-10 at 09:08 By Mirko Zorz In this Help Net Security interview, Stefan Braun, CISO at Henkel, discusses how smart manufacturing environments introduce new cybersecurity risks. He explains where single points of failure hide, how attackers exploit legacy systems, and why monitoring must

Henkel CISO on the messy truth of monitoring factories built across decades Read More »

The hidden dynamics shaping who produces influential cybersecurity research

cybersecurity, Don't miss, Features, Hot stuff, News, research /

The hidden dynamics shaping who produces influential cybersecurity research 2025-12-10 at 08:52 By Mirko Zorz Cybersecurity leaders spend much of their time watching how threats and tools change. A new study asks a different question, how has the research community itself changed over the past two decades. Researchers from the University of Southampton examined two

The hidden dynamics shaping who produces influential cybersecurity research Read More »

UTMStack: Open-source unified threat management platform

cybersecurity, Don't miss, GitHub, News, open source, software, Threat Intelligence /

UTMStack: Open-source unified threat management platform 2025-12-10 at 08:52 By Sinisa Markovic UTMStack is an open-source unified threat management platform that brings SIEM and XDR features into one system. The project focuses on real time correlation of log data, threat intelligence, and malware activity patterns gathered from different sources. The goal is to help organizations

UTMStack: Open-source unified threat management platform Read More »

Scroll to Top