Don’t miss

SolarWinds fixes critical Web Help Desk RCE vulnerability (CVE-2025-26399)

Don't miss, Hot stuff, News, patch, SolarWinds, vulnerability /

SolarWinds fixes critical Web Help Desk RCE vulnerability (CVE-2025-26399) 2025-09-24 at 19:44 By Zeljka Zorz SolarWinds has fixed yet another unauthenticated remote code execution vulnerability (CVE-2025-26399) in Web Help Desk (WHD), its popular web-based IT ticketing and asset management solution. While the vulnerability is currently not being leveraged by attackers, they might soon reverse-engineer the […]

React to this headline:

Loading spinner

SolarWinds fixes critical Web Help Desk RCE vulnerability (CVE-2025-26399) Read More »

Libraesva ESG zero-day vulnerability exploited by attackers (CVE-2025-59689)

0-day, Don't miss, email security, government-backed attacks, Hot stuff, Libraesva, News, security update /

Libraesva ESG zero-day vulnerability exploited by attackers (CVE-2025-59689) 2025-09-24 at 15:17 By Zeljka Zorz Suspected state-sponsored attackers have exploited a zero-day vulnerability (CVE-2025-59689) in the Libraesva Email Security Gateway (ESG), the Italian email security company has confirmed. About CVE-2025-59689 CVE-2025-59689 is a command injection vulnerability caused by improper sanitization when removing active code from files

React to this headline:

Loading spinner

Libraesva ESG zero-day vulnerability exploited by attackers (CVE-2025-59689) Read More »

Kali Linux 2025.3 brings improved virtual machine tooling, 10 new tools

Don't miss, Hot stuff, Kali Linux, News, OffSec, open source, penetration testing, software /

Kali Linux 2025.3 brings improved virtual machine tooling, 10 new tools 2025-09-24 at 12:19 By Zeljka Zorz OffSec has released Kali Linux 2025.3, the most up-to-date version of its popular penetration testing and digital forensics platform. What’s new in Kali Linux 2025.3 Better virtual machine tooling The way Kali builds and ships its VM images

React to this headline:

Loading spinner

Kali Linux 2025.3 brings improved virtual machine tooling, 10 new tools Read More »

Building a stronger SOC through AI augmentation

Artificial Intelligence, cybersecurity, Don't miss, Features, Hot stuff, Incident Response, LLMs, News, OpenText, SOC, strategy /

Building a stronger SOC through AI augmentation 2025-09-24 at 09:22 By Mirko Zorz In this Help Net Security interview, Tim Bramble, Director of Threat Detection and Response at OpenText, discusses how SOC teams are gaining value from AI in detecting and prioritizing threats. By learning what “normal” looks like across users and systems, AI helps

React to this headline:

Loading spinner

Building a stronger SOC through AI augmentation Read More »

APIs and hardware are under attack, and the numbers don’t look good

access control, API security, Bugcrowd, cybersecurity, Don't miss, hardware, News, report, vulnerability /

APIs and hardware are under attack, and the numbers don’t look good 2025-09-24 at 08:35 By Sinisa Markovic Attackers have a new favorite playground, and it’s not where many security teams are looking. According to fresh data from Bugcrowd, vulnerabilities in hardware and APIs are climbing fast, even as website flaws hold steady. The shift

React to this headline:

Loading spinner

APIs and hardware are under attack, and the numbers don’t look good Read More »

Building AI responsibly from day one

Artificial Intelligence, Don't miss, News, strategy, tips, Video /

Building AI responsibly from day one 2025-09-24 at 07:45 By Help Net Security In this Help Net Security video, David Hardoon, Global Head of AI Enablement at Standard Chartered, discusses the role of ethics and safety in AI development. He explains why principles like fairness, accountability, and transparency must be built into AI systems from

React to this headline:

Loading spinner

Building AI responsibly from day one Read More »

SonicWall adds rootkit removal capabilities to the SMA 100 series

Don't miss, firmware, Google, Hot stuff, Mandiant, News, Ransomware, rootkits, security update, SonicWall /

SonicWall adds rootkit removal capabilities to the SMA 100 series 2025-09-23 at 16:24 By Zeljka Zorz SonicWall has released new firmware for its Secure Mobile Access (SMA) 100 series appliances, adding file-checking capabilities that help users remove known rootkit malware. The malware in question is the OVERSTEP user-mode rootkit, deployed by threat group UNC6148. The

React to this headline:

Loading spinner

SonicWall adds rootkit removal capabilities to the SMA 100 series Read More »

Review: Practical Purple Teaming

books, cybersecurity, Don't miss, News, Review, Reviews /

Review: Practical Purple Teaming 2025-09-23 at 10:47 By Mirko Zorz Practical Purple Teaming is a guide to building stronger collaboration between offensive and defensive security teams. The book focuses on how to design and run effective purple team exercises that improve detection and response and strengthen trust between teams. About the author Alfie Champion is

React to this headline:

Loading spinner

Review: Practical Purple Teaming Read More »

Malicious GitHub pages lure MacOS users into installing Atomic infostealer

Don't miss, GitHub, Hot stuff, LastPass, macOS, Malware, News, SEO, social engineering /

Malicious GitHub pages lure MacOS users into installing Atomic infostealer 2025-09-22 at 17:52 By Zeljka Zorz MacOS users looking to download popular software such as LastPass, 1Password, After Effects, Gemini, and many others are in danger of getting saddled with the Atomic infostealer instead, LastPass has warned. The malware delivery campaign is ongoing and widespread

React to this headline:

Loading spinner

Malicious GitHub pages lure MacOS users into installing Atomic infostealer Read More »

Unpatched Fortra GoAnywhere instances at risk of full takeover (CVE-2025-10035)

Don't miss, enterprise, Fortra, News, security update, SMBs, VulnCheck, vulnerability /

Unpatched Fortra GoAnywhere instances at risk of full takeover (CVE-2025-10035) 2025-09-22 at 14:20 By Zeljka Zorz If you’re running Fortra’s GoAnywhere managed file transfer solution and you haven’t updated to the latest available version for a while, do so now or risk getting your instance compromised via CVE-2025-10035. About CVE-2025-10035 CVE-2025-10035 is a critical deserialization

React to this headline:

Loading spinner

Unpatched Fortra GoAnywhere instances at risk of full takeover (CVE-2025-10035) Read More »

Cybersecurity AI (CAI): Open-source framework for AI security

agentic AI, Artificial Intelligence, Don't miss, framework, GitHub, News, open source, software /

Cybersecurity AI (CAI): Open-source framework for AI security 2025-09-22 at 10:29 By Anamarija Pogorelec Cybersecurity AI (CAI) is an open-source framework that helps security teams build and run AI-driven tools for offensive and defensive tasks. It’s designed for anyone working in security, including researchers, ethical hackers, IT staff, and organizations that want to use AI

React to this headline:

Loading spinner

Cybersecurity AI (CAI): Open-source framework for AI security Read More »

How Juventus protects fans, revenue, and reputation during matchdays

CISO, Compliance, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, News, resilience, Risk Management, security awareness, software development, strategy /

How Juventus protects fans, revenue, and reputation during matchdays 2025-09-22 at 10:29 By Mirko Zorz In this Help Net Security interview, Mirko Rinaldini, Head of ICT at Juventus Football Club, discusses the club’s approach to cyber risk strategy. Juventus has developed a threat-led, outcomes-driven program that balances innovation with protections across matchdays, e-commerce, and digital

React to this headline:

Loading spinner

How Juventus protects fans, revenue, and reputation during matchdays Read More »

AI needs ethics to avoid real-world harm

agentic AI, Artificial Intelligence, Don't miss, fraud, News, Sift, strategy, tips, Video /

AI needs ethics to avoid real-world harm 2025-09-22 at 08:09 By Help Net Security In this Help Net Security video, Brittany Allen, Senior Trust and Safety Architect at Sift, explores how the rise of AI agents is creating new fraud risks. She explains how these agents, while designed to assist users, can unintentionally help fraudsters

React to this headline:

Loading spinner

AI needs ethics to avoid real-world harm Read More »

LLMs can boost cybersecurity decisions, but not for everyone

Artificial Intelligence, automation, CISO, cybersecurity, Don't miss, Features, Hot stuff, LLMs, News, research, security operations, tips /

LLMs can boost cybersecurity decisions, but not for everyone 2025-09-19 at 09:11 By Mirko Zorz LLMs are moving fast from experimentation to daily use in cybersecurity. Teams are starting to use them to sort through threat intelligence, guide incident response, and help analysts handle repetitive work. But adding AI into the decision-making process brings new

React to this headline:

Loading spinner

LLMs can boost cybersecurity decisions, but not for everyone Read More »

The unseen side of malware and how to find it

cybersecurity, Don't miss, Malware, malware detection, News, report, Stairwell, threat detection, threats /

The unseen side of malware and how to find it 2025-09-19 at 08:31 By Anamarija Pogorelec Security teams rely on threat reports to understand what’s out there and to keep their organizations safe. But a new report shows that these reports might only reveal part of the story. Hidden malware variants are quietly slipping past

React to this headline:

Loading spinner

The unseen side of malware and how to find it Read More »

SonicWall says attackers compromised some firewall configuration backup files

cybersecurity, Don't miss, firewall, Hot stuff, News, SonicWall /

SonicWall says attackers compromised some firewall configuration backup files 2025-09-18 at 18:49 By Zeljka Zorz Between attackers exploiting 0-day and n-day vulnerabilities in the company’s firewalls and Secure Mobile Access appliances, SonicWall and its customers have had a tough year. And, unfortunately for them, the troubles are not over: unknown attackers have managed to brute-force

React to this headline:

Loading spinner

SonicWall says attackers compromised some firewall configuration backup files Read More »

Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585)

0-day, Chrome, Don't miss, Google, Hot stuff, News /

Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585) 2025-09-18 at 16:00 By Zeljka Zorz Google has released a security update for the Chrome stable channel to fix a zero‑day vulnerability (CVE-2025-10585) reported by its Threat Analysis Group (TAG) on Tuesday. “Google is aware that an exploit for CVE-2025-10585 exists in the wild,” the company announced.

React to this headline:

Loading spinner

Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585) Read More »

LinkedIn now uses your data for AI by default, opt out now!

data collection, Don't miss, LinkedIn, News, Privacy, social media /

LinkedIn now uses your data for AI by default, opt out now! 2025-09-18 at 16:00 By Sinisa Markovic LinkedIn is making major changes to its User Agreement and Privacy Policy, effective November 3, 2025. Among the most notable updates, the company will now use member data by default to improve its generative AI models, unless

React to this headline:

Loading spinner

LinkedIn now uses your data for AI by default, opt out now! Read More »

Behind the scenes of cURL with its founder: Releases, updates, and security

code, cybersecurity, Don't miss, Features, Hot stuff, how-to, News, open source, opinion, patching, software, software development, strategy, tips, vulnerability management /

Behind the scenes of cURL with its founder: Releases, updates, and security 2025-09-18 at 09:01 By Mirko Zorz In this Help Net Security interview, Daniel Stenberg, lead developer od cURL, discusses how the widely used tool remains secure across billions of devices, from cloud services to IoT. He shares insights into cURL’s decades-long journey of

React to this headline:

Loading spinner

Behind the scenes of cURL with its founder: Releases, updates, and security Read More »

Scroll to Top