Don’t miss

Your heartbeat could reveal your identity, even in anonymized datasets

biometrics, data security, Don't miss, Features, hardware, healthcare, Hot stuff, News, Privacy, research, wearable tech /

Your heartbeat could reveal your identity, even in anonymized datasets 2025-09-12 at 09:12 By Mirko Zorz A new study has found that electrocardiogram (ECG) signals, often shared publicly for medical research, can be linked back to individuals. Researchers were able to re-identify people in anonymous datasets with surprising accuracy, raising questions about how health data […]

Your heartbeat could reveal your identity, even in anonymized datasets Read More »

Attackers are coming for drug formulas and patient data

CISO, critical infrastructure, cyber risk, cybersecurity, Don't miss, healthcare, IBM, Internet of Things, Madaket Health, News, strategy /

Attackers are coming for drug formulas and patient data 2025-09-12 at 08:18 By Sinisa Markovic In the pharmaceutical industry, clinical trial data, patient records, and proprietary drug formulas are prime targets for cybercriminals. These high-value assets make the sector a constant focus for attacks. Disruptions to research or medicine distribution can have life-threatening consequences. “During

Attackers are coming for drug formulas and patient data Read More »

Akira ransomware affiliates continue breaching organizations via SonicWall firewalls

ACSC, Australia, Don't miss, Hot stuff, News, Ransomware, Rapid7, SonicWall, vulnerability /

Akira ransomware affiliates continue breaching organizations via SonicWall firewalls 2025-09-11 at 18:25 By Zeljka Zorz Over a year after SonicWall patched CVE-2024-40766, a critical flaw in its next-gen firewalls, ransomware attackers are still gaining a foothold in organizations by exploiting it. Like last September and earlier this year, the attackers are affiliates of the Akira

Akira ransomware affiliates continue breaching organizations via SonicWall firewalls Read More »

Default Cursor setting can be exploited to run malicious code on developers’ machines

Cursor, Don't miss, Hot stuff, News, Oasis Security, programming, software development, vulnerability /

Default Cursor setting can be exploited to run malicious code on developers’ machines 2025-09-11 at 14:02 By Zeljka Zorz An out-of-the-box setting in Cursor, a popular AI source-code editor, could be leveraged by attackers to covertly run malicious code on users’ computers, researchers have warned. An exploitable vulnerability in the Cursor AI editor Cursor is

Default Cursor setting can be exploited to run malicious code on developers’ machines Read More »

When typing becomes tracking: Study reveals widespread silent keystroke interception

data collection, data security, Don't miss, Features, Hot stuff, News, Privacy, research, surveillance /

When typing becomes tracking: Study reveals widespread silent keystroke interception 2025-09-11 at 09:17 By Mirko Zorz You type your email address into a website form but never hit submit. Hours later, a marketing email shows up in your inbox. According to new research, that is not a coincidence. A team of researchers from UC Davis,

When typing becomes tracking: Study reveals widespread silent keystroke interception Read More »

How attackers weaponize communications networks

BlackBerry, cybersecurity, data security, Don't miss, Features, Hot stuff, network, network monitoring, News, regulation, secure communications, telecommunications /

How attackers weaponize communications networks 2025-09-11 at 08:30 By Mirko Zorz In this Help Net Security interview, Gregory Richardson, Vice President, Advisory CISO Worldwide, at BlackBerry, talks about the growing risks to communications networks. He explains why attackers focus on these networks and how their motivations range from corporate espionage to geopolitical influence. The discussion

How attackers weaponize communications networks Read More »

The state of DMARC adoption: What 10M domains reveal

cybersecurity, DMARC, Don't miss, email security, Fortra, News, Video /

The state of DMARC adoption: What 10M domains reveal 2025-09-11 at 07:43 By Help Net Security In this Help Net Security video, John Wilson, Senior Fellow, Threat Research at Fortra, explores the state of DMARC adoption across the top 10 million internet domains. He explains how SPF, DKIM, and DMARC work together to prevent email

The state of DMARC adoption: What 10M domains reveal Read More »

Microsoft, Adobe, SAP deliver critical fixes for September 2025 Patch Tuesday

Adobe, Adobe ColdFusion, Don't miss, Hot stuff, Immersive, magento, News, Patch Tuesday, Sansec, SAP, security update, Tenable, Trend Micro, vulnerability /

Microsoft, Adobe, SAP deliver critical fixes for September 2025 Patch Tuesday 2025-09-10 at 13:56 By Zeljka Zorz On September 2025 Patch Tuesday, Microsoft has released patches for 80+ vulnerabilities in its various software products, but the good news is that none of them are actively exploited. Among the critical and important vulnerabilities patched by Microsoft

Microsoft, Adobe, SAP deliver critical fixes for September 2025 Patch Tuesday Read More »

Automated network pentesting uncovers what traditional tests missed

automation, cybersecurity, Don't miss, Hot stuff, network, News, patching, penetration testing, Vonahi Security /

Automated network pentesting uncovers what traditional tests missed 2025-09-10 at 11:45 By Zeljka Zorz Most organizations run an annual network penetration test, remediate the issues it uncovers, and move on. But attackers are probing networks every day, using publicly available tools to exploit common misconfigurations and overlooked vulnerabilities. A new report, based on over 50,000

Automated network pentesting uncovers what traditional tests missed Read More »

Deepfakes are rewriting the rules of geopolitics

cyber risk, cybersecurity, deepfakes, Don't miss, Entrust, Features, Government, News /

Deepfakes are rewriting the rules of geopolitics 2025-09-10 at 09:21 By Sinisa Markovic Deception and media manipulation have always been part of warfare, but AI has taken them to a new level. Entrust reports that deepfakes were created every five minutes in 2024, while the European Parliament estimates that 8 million will circulate across the

Deepfakes are rewriting the rules of geopolitics Read More »

Garak: Open-source LLM vulnerability scanner

Artificial Intelligence, Don't miss, GitHub, LLMs, News, open source, scanner, software /

Garak: Open-source LLM vulnerability scanner 2025-09-10 at 09:00 By Help Net Security LLMs can make mistakes, leak data, or be tricked into doing things they were not meant to do. Garak is a free, open-source tool designed to test these weaknesses. It checks for problems like hallucinations, prompt injections, jailbreaks, and toxic outputs. By running

Garak: Open-source LLM vulnerability scanner Read More »

Fixing silent failures in security controls with adversarial exposure validation

Don't miss, Expert analysis, Expert corner, Hot stuff, News, Picus Security, report, security controls, Whitepapers and webinars /

Fixing silent failures in security controls with adversarial exposure validation 2025-09-10 at 08:16 By Help Net Security Organizations often operate as if their security controls are fully effective simply because they’re deployed, configured, and monitored. Firewalls are in place, endpoints are protected, and SIEM rules are running. All good, right? Not so fast. Appearances can

Fixing silent failures in security controls with adversarial exposure validation Read More »

Plex tells users to change passwords due to data breach, pushes server owners to upgrade

data breach, Don't miss, Hot stuff, News, Plex Media Server, security update, streaming device, vulnerability /

Plex tells users to change passwords due to data breach, pushes server owners to upgrade 2025-09-09 at 19:42 By Zeljka Zorz Media streaming company Plex has suffered a data breach and is urging users to reset their account password and enable two-factor authentication. “An unauthorized third party accessed a limited subset of customer data from

Plex tells users to change passwords due to data breach, pushes server owners to upgrade Read More »

Download: Cyber defense guide for the financial sector

Center for Internet Security, Don't miss, Hot stuff, News, Whitepapers and webinars /

Download: Cyber defense guide for the financial sector 2025-09-09 at 15:46 By Help Net Security Data breaches cost more for financial organizations than they do for those in many other industries. In attempting to strengthen your financial organization’s cybersecurity, you must contend with evolving regulatory obligations, outdated IT infrastructure, and other challenges. How do you

Download: Cyber defense guide for the financial sector Read More »

Nearly 500 researchers urge EU to rethink controversial CSAM scanning proposal

Don't miss, Encryption, EU, Europe, European Commission, News, Privacy, regulation, scanning, smartphones, surveillance /

Nearly 500 researchers urge EU to rethink controversial CSAM scanning proposal 2025-09-09 at 10:22 By Mirko Zorz Nearly 500 scientists and researchers have signed an open letter warning that the latest version of the EU’s Chat Control Proposal would weaken digital security while failing to deliver meaningful protection for children. The signatories represent 34 countries

Nearly 500 researchers urge EU to rethink controversial CSAM scanning proposal Read More »

Ongoing malvertising campaign targets European IT workers with fake GitHub Desktop installers

Arctic Wolf Networks, data theft, Don't miss, enterprise, Hot stuff, malvertising, Malware, malware analysis, News, SMBs /

Ongoing malvertising campaign targets European IT workers with fake GitHub Desktop installers 2025-09-09 at 09:46 By Zeljka Zorz Researchers have spotted a malvertising (and clever malware delivery) campaign targeting IT workers in the European Union with fake GitHub Desktop installers. “We believe the goal of this campaign was to gain initial access to organizations for

Ongoing malvertising campaign targets European IT workers with fake GitHub Desktop installers Read More »

Connected cars are racing ahead, but security is stuck in neutral

car, connected cars, cyber risk, Don't miss, Features, hardware, Hot stuff, News, supply chain /

Connected cars are racing ahead, but security is stuck in neutral 2025-09-09 at 09:46 By Mirko Zorz Connected cars are already on Europe’s roads, loaded with software, sensors, and constant data connections. Drivers love the features these vehicles bring, from remote apps to smart navigation, but each new connection also opens a door to potential

Connected cars are racing ahead, but security is stuck in neutral Read More »

Salesloft Drift data breach: Investigation reveals how attackers got in

credentials, data theft, Don't miss, Hot stuff, Mandiant, News, Salesforce, Salesloft, supply chain compromise /

Salesloft Drift data breach: Investigation reveals how attackers got in 2025-09-08 at 14:33 By Zeljka Zorz The attack that resulted in the Salesloft Drift data breach started with the compromise of the company’s GitHub account, Salesloft confirmed this weekend. Supply chain compromise On August 26, the company publicly revealed that earlier that month, a threat

Salesloft Drift data breach: Investigation reveals how attackers got in Read More »

Scroll to Top