Don’t miss

Layoffs pose a cybersecurity risk: Here’s why offboarding matters

cyber risk, cybersecurity, Don't miss, Insider Threat, JumpCloud, News, Video /

Layoffs pose a cybersecurity risk: Here’s why offboarding matters 2025-05-12 at 07:39 By Help Net Security In this Help Net Security video, Chase Doelling, Principal Strategist at JumpCloud, discusses the overlooked security risks associated with improper offboarding. Though many organizations focus on securely onboarding new employees, they often overlook the security risks associated with properly […]

Layoffs pose a cybersecurity risk: Here’s why offboarding matters Read More »

Fake AI platforms deliver malware diguised as video content

Artificial Intelligence, cybercrime, Don't miss, Hot stuff, Malware, Morphisec, News, scams, SMBs, social engineering /

Fake AI platforms deliver malware diguised as video content 2025-05-09 at 16:53 By Zeljka Zorz A clever malware campaign delivering the novel Noodlophile malware is targeting creators and small businesses looking to enhance their productivity with AI tools. But, in an unusual twist, the threat actors are not disguising the malware as legitimate software, but

Fake AI platforms deliver malware diguised as video content Read More »

LockBit hacked: What does the leaked data show?

cybercrime, Data leak, Don't miss, Hot stuff, News, Ransomware, Rapid7, Searchlight Cyber /

LockBit hacked: What does the leaked data show? 2025-05-09 at 14:33 By Zeljka Zorz The affiliate panel of the infamous LockBit Ransomware-as-a-Service (RaaS) group has been hacked and defaced, showing a link to a MySQL database dump ostensibly containing leaked data relating to the group’s operations: The defaced dark web affiliate panel (Source: Help Net

LockBit hacked: What does the leaked data show? Read More »

May 2025 Patch Tuesday forecast: Panic, change, and hope

Adobe, apple, CVE, cybersecurity, Don't miss, Expert analysis, Google, Hot stuff, Ivanti, Microsoft, Mozilla, News, Patch Tuesday /

May 2025 Patch Tuesday forecast: Panic, change, and hope 2025-05-09 at 09:11 By Help Net Security April was an event-filled month for cybersecurity. Patch Tuesday came to us quickly on April 8 – the earliest first Tuesday possible in a given month. We again saw large numbers of CVEs addressed with 84 in Windows 11

May 2025 Patch Tuesday forecast: Panic, change, and hope Read More »

The many variants of the ClickFix social engineering tactic

Datadog, Don't miss, Google, Hot stuff, Malware, News, phishing, Proofpoint, Sekoia.io, social engineering /

The many variants of the ClickFix social engineering tactic 2025-05-08 at 18:50 By Zeljka Zorz As new malware delivery campaigns using the ClickFix social engineering tactic are spotted nearly every month, it’s interesting to see how the various attackers are trying to refine the two main elements: the lure and the “instruction” page. In the

The many variants of the ClickFix social engineering tactic Read More »

Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819)

Don't miss, Hot stuff, News, Rapid7, security update, SMBs, SonicWall, VPN, vulnerability /

Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819) 2025-05-08 at 15:38 By Zeljka Zorz SonicWall has fixed multiple vulnerabilities affecting its SMA100 Series devices, one of which (CVE-2025-32819) appears to be a patch bypass for an arbitrary file delete vulnerability that was exploited in zero-day attacks in early 2021, and may have also

Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819) Read More »

How agentic AI and non-human identities are transforming cybersecurity

Artificial Intelligence, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, machine learning, News, Non Human Identities, One Identity, opinion /

How agentic AI and non-human identities are transforming cybersecurity 2025-05-08 at 09:03 By Help Net Security Within the average enterprise, non-human identities (NHIs) now outnumber employees, contractors, and customers by anything between 10-to-1 and 92-to-1. Add to this the fragmentation of human identity management resulting from authorizing a single person’s access to multiple on-premises, cloud

How agentic AI and non-human identities are transforming cybersecurity Read More »

Even the best safeguards can’t stop LLMs from being fooled

Artificial Intelligence, CISO, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, LLMs, News, opinion /

Even the best safeguards can’t stop LLMs from being fooled 2025-05-08 at 08:48 By Mirko Zorz In this Help Net Security interview, Michael Pound, Associate Professor at the University of Nottingham shares his insights on the cybersecurity risks associated with LLMs. He discusses common organizational mistakes and the necessary precautions for securing sensitive data when

Even the best safeguards can’t stop LLMs from being fooled Read More »

Wave of tech layoffs leads to more job scams

CrowdStrike, cybercrime, cybersecurity, Don't miss, Entrust, FTC, Malwarebytes, News, scams, tips /

Wave of tech layoffs leads to more job scams 2025-05-08 at 08:06 By Sinisa Markovic The tech industry is experiencing significant layoffs, leaving thousands of IT and cybersecurity professionals in search of new employment opportunities. Unfortunately, as these individuals search for new opportunities, scammers are actively preying on them. Losing a job, especially when you

Wave of tech layoffs leads to more job scams Read More »

PoC exploit for SysAid pre-auth RCE released, upgrade quickly!

Don't miss, enterprise, Hot stuff, ITSM, News, PoC, SMBs, SysAid, vulnerability, WatchTowr /

PoC exploit for SysAid pre-auth RCE released, upgrade quickly! 2025-05-07 at 15:45 By Zeljka Zorz WatchTowr researchers have released a proof-of-concept (PoC) exploit that chains two vulnerabilities in SysAid On-Prem – the self-hosted version of the platform behind SysAid’s popular IT service management and IT helpdesk solutions – to achieve unauthenticated remote code execution on

PoC exploit for SysAid pre-auth RCE released, upgrade quickly! Read More »

Actively exploited FreeType flaw fixed in Android (CVE-2025-27363)

Android, Don't miss, Google, Hot stuff, News, security update, vulnerability /

Actively exploited FreeType flaw fixed in Android (CVE-2025-27363) 2025-05-07 at 13:03 By Zeljka Zorz Google has released fixes for a bucketload of Android security vulnerabilities, including a FreeType flaw (CVE-2025-27363) that “may be under limited, targeted exploitation.” About CVE-2025-27363 CVE-2025-27363 is an out of bounds write vulnerability in FreeType, an open-source software library that renders

Actively exploited FreeType flaw fixed in Android (CVE-2025-27363) Read More »

Digital welfare fraud: ALTSRUS syndicate exploits the financially vulnerable

cybercrime, Don't miss, fraud, Kasada, News, report, survey /

Digital welfare fraud: ALTSRUS syndicate exploits the financially vulnerable 2025-05-07 at 09:46 By Mirko Zorz A new report from bot defense firm Kasada has exposed the growing threat of ALTSRUS, a fraud syndicate targeting some of the most vulnerable corners of the digital economy. Researchers revealed how the group has scaled its operations to steal

Digital welfare fraud: ALTSRUS syndicate exploits the financially vulnerable Read More »

Rethinking AppSec: How DevOps, containers, and serverless are changing the rules

Application Security, automation, Bright, CISO, cybersecurity, DevOps, Don't miss, Features, Hot stuff, News, opinion, serverless, strategy, tips /

Rethinking AppSec: How DevOps, containers, and serverless are changing the rules 2025-05-07 at 08:32 By Mirko Zorz Application security is changing fast. In this Help Net Security interview, Loris Gutic, Global CISO at Bright, talks about what it takes to keep up. Gutic explains how DevOps, containers, and serverless tools are shaping security, and shares

Rethinking AppSec: How DevOps, containers, and serverless are changing the rules Read More »

Autorize: Burp Suite extension for automatic authorization enforcement detection

Don't miss, GitHub, News, open source, penetration testing, software /

Autorize: Burp Suite extension for automatic authorization enforcement detection 2025-05-07 at 08:02 By Help Net Security Autorize is an open-source Burp Suite extension that checks if users can access things they shouldn’t. It runs automatic tests to help security testers find authorization problems. Autorize installation To use Autorize, you’ll need Burp Suite and Jython. Here’s

Autorize: Burp Suite extension for automatic authorization enforcement detection Read More »

RCE flaw in tool for building AI agents exploited by attackers (CVE-2025-3248)

Censys, Don't miss, exploit, Horizon3.ai, Hot stuff, News, PoC, SANS ISC, vulnerability /

RCE flaw in tool for building AI agents exploited by attackers (CVE-2025-3248) 2025-05-06 at 16:19 By Zeljka Zorz A missing authentication vulnerability (CVE-2025-3248) in Langflow, a web application for building AI-driven agents, is being exploited by attackers in the wild, CISA has confirmed by adding it to its Known Exploited Vulnerabilities (KEV) catalog. About CVE-2025-3248

RCE flaw in tool for building AI agents exploited by attackers (CVE-2025-3248) Read More »

Exploited: Vulnerability in software for managing Samsung digital displays (CVE-2024-7399)

Arctic Wolf Networks, botnet, Don't miss, Hot stuff, News, PoC, Samsung, SANS ISC, vulnerability /

Exploited: Vulnerability in software for managing Samsung digital displays (CVE-2024-7399) 2025-05-06 at 13:03 By Zeljka Zorz An easily and remotely exploitable vulnerability (CVE-2024-7399) affecting Samsung MagicINFO, a platform for managing content on Samsung commercial displays, is being leveraged by attackers. Exploit attempts have been flagged by the SANS Internet Storm Center and Arctic Wolf researchers:

Exploited: Vulnerability in software for managing Samsung digital displays (CVE-2024-7399) Read More »

What a future without CVEs means for cyber defense

CVE, cybersecurity, Don't miss, Expert analysis, Expert corner, Hack The Box, Hot stuff, News, opinion, vulnerability management /

What a future without CVEs means for cyber defense 2025-05-06 at 11:31 By Help Net Security The importance of the MITRE-run Common Vulnerabilities and Exposures (CVE) Program shouldn’t be understated. For 25 years, it has acted as the point of reference for cybersecurity professionals to understand and mitigate security flaws. By providing a standardized method

What a future without CVEs means for cyber defense Read More »

What it really takes to build a resilient cyber program

CISO, cyber resilience, cybersecurity, Don't miss, Features, Hot stuff, News, Nightwing, opinion, regulation, strategy, tips, vulnerability management /

What it really takes to build a resilient cyber program 2025-05-06 at 08:32 By Mirko Zorz In this Help Net Security interview, Dylan Owen, CISO at Nightwing, talks about what it really takes to build an effective defense: choosing the right frameworks, setting up processes, and getting everyone on the same page. Drawing on both

What it really takes to build a resilient cyber program Read More »

How cybercriminals exploit psychological triggers in social engineering attacks

Avast, cybercrime, cybersecurity, Don't miss, Fortra, News, Proofpoint, Reality Defender, Secure Yeti, social engineering, tips, Zscaler /

How cybercriminals exploit psychological triggers in social engineering attacks 2025-05-06 at 08:03 By Sinisa Markovic Most attacks don’t start with malware; they begin with a message that seems completely normal, whether it comes through email, a phone call, or a chat, and that is exactly what makes them so effective. These threats rely on psychological

How cybercriminals exploit psychological triggers in social engineering attacks Read More »

Scroll to Top