Hot stuff

Attackers upgrade ClickFix with tricks used by online stores

Don't miss, Hot stuff, Malware, News, Push Security, social engineering /

Attackers upgrade ClickFix with tricks used by online stores 2025-11-07 at 15:42 By Zeljka Zorz Attackers have taken the ClickFix technique further, with pages borrowing tricks from online sellers to pressure victims into performing the steps that will lead to a malware infection. Push Security has spotted one of these pages, showing an embedded tutorial […]

React to this headline:

Loading spinner

Attackers upgrade ClickFix with tricks used by online stores Read More »

November 2025 Patch Tuesday forecast: Windows Exchange Server EOL?

Adobe, apple, Don't miss, Expert analysis, Expert corner, Google, Hot stuff, Ivanti, Microsoft, Mozilla, News, Patch Tuesday /

November 2025 Patch Tuesday forecast: Windows Exchange Server EOL? 2025-11-07 at 13:28 By Help Net Security October 2025 Patch Tuesday was one for the record books in so many ways. There was a big push by Microsoft to fix as many open vulnerabilities as possible in products that were reaching end-of-life (EOL). This included 116

React to this headline:

Loading spinner

November 2025 Patch Tuesday forecast: Windows Exchange Server EOL? Read More »

What keeps phishing training from fading over time

CISO, cybersecurity, Don't miss, Features, Hot stuff, News, phishing, research, security awareness, strategy, tips, training /

What keeps phishing training from fading over time 2025-11-07 at 13:28 By Mirko Zorz When employees stop falling for phishing emails, it is rarely luck. A new study shows that steady, mandatory phishing training can cut risky behavior over time. After one year of continuous simulations and follow-up lessons, employees were half as likely to

React to this headline:

Loading spinner

What keeps phishing training from fading over time Read More »

Metrics don’t lie, but they can be misleading when they only tell IT’s side of the story

automation, CIO, CISO, cloud security, Compliance, cybersecurity, Don't miss, Features, Hot stuff, Interval Group, News, orchestration, strategy /

Metrics don’t lie, but they can be misleading when they only tell IT’s side of the story 2025-11-07 at 13:28 By Mirko Zorz In this Help Net Security interview, Rik Mistry, Managing Partner at Interval Group, discusses how to align IT strategy with business goals. He explains how security, governance, and orchestration shape IT operations

React to this headline:

Loading spinner

Metrics don’t lie, but they can be misleading when they only tell IT’s side of the story Read More »

Cisco fixes critical UCCX flaws, patch ASAP! (CVE-2025-20358, CVE-2025-20354)

Cisco, contact center, Don't miss, Hot stuff, News, vulnerability /

Cisco fixes critical UCCX flaws, patch ASAP! (CVE-2025-20358, CVE-2025-20354) 2025-11-06 at 17:16 By Zeljka Zorz Cisco has fixed two critical vulnerabilities (CVE-2025-20358, CVE-2025-20354) affecting Unified Contact Center Express (UCCX), which may allow attackers to bypass authentication, compromise vulnerable installations, and elevate privileges to root. The good news is that there is currently no evidence of

React to this headline:

Loading spinner

Cisco fixes critical UCCX flaws, patch ASAP! (CVE-2025-20358, CVE-2025-20354) Read More »

SonicWall cloud backup hack was the work of a state actor

backup, cloud security, Don't miss, firewall, Hot stuff, Mandiant, News, SonicWall /

SonicWall cloud backup hack was the work of a state actor 2025-11-06 at 15:30 By Zeljka Zorz Incident responders from Mandiant have wrapped up their investigation into the SonicWall cloud backup service hack, and the verdict is in: the culprit is a state-sponsored threat actor (though the specific nation wasn’t disclosed). “[The incident] was isolated

React to this headline:

Loading spinner

SonicWall cloud backup hack was the work of a state actor Read More »

OpenGuardrails: A new open-source model aims to make AI safer for real-world use

Artificial Intelligence, CISO, cybersecurity, Don't miss, Features, GitHub, Hexnode, Hot stuff, InfluxData, LLMs, News, open source, system hardening /

OpenGuardrails: A new open-source model aims to make AI safer for real-world use 2025-11-06 at 10:28 By Mirko Zorz When you ask a large language model to summarize a policy or write code, you probably assume it will behave safely. But what happens when someone tries to trick it into leaking data or generating harmful

React to this headline:

Loading spinner

OpenGuardrails: A new open-source model aims to make AI safer for real-world use Read More »

Google uncovers malware using LLMs to operate and evade detection

APT, Artificial Intelligence, cybercriminals, data theft, Don't miss, Google, Hot stuff, LLMs, Malware, News, Threat Intelligence /

Google uncovers malware using LLMs to operate and evade detection 2025-11-05 at 20:53 By Zeljka Zorz PromptLock, the AI-powered proof-of-concept ransomware developed by researchers at NYU Tandon and initially mistaken for an active threat by ESET, is no longer an isolated example: Google’s latest report shows attackers are now creating and deploying other malware that

React to this headline:

Loading spinner

Google uncovers malware using LLMs to operate and evade detection Read More »

Critical Control Web Panel vulnerability is actively exploited (CVE-2025-48703)

CISA, Control Web Panel, Don't miss, Fenrisk, FindSec, Hot stuff, Linux, News, vulnerability, web hosting /

Critical Control Web Panel vulnerability is actively exploited (CVE-2025-48703) 2025-11-05 at 14:59 By Zeljka Zorz On Tuesday, CISA added two vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2025-11371, which affects Gladinet’s CentreStack and Triofox file-sharing and remote access platforms, and CVE-2025-48703, a vulnerability in Control Web Panel (CWP), a web hosting control panel designed for

React to this headline:

Loading spinner

Critical Control Web Panel vulnerability is actively exploited (CVE-2025-48703) Read More »

PortGPT: How researchers taught an AI to backport security patches automatically

Artificial Intelligence, automation, Canonical, CISO, cybersecurity, DevSecOps, Don't miss, Features, Git, Hot stuff, Linux, LLMs, News, open source, patching, research, strategy, tips /

PortGPT: How researchers taught an AI to backport security patches automatically 2025-11-05 at 09:07 By Mirko Zorz Keeping older software versions secure often means backporting patches from newer releases. It is a routine but tedious job, especially for large open-source projects such as the Linux kernel. A new research effort has built a tool that

React to this headline:

Loading spinner

PortGPT: How researchers taught an AI to backport security patches automatically Read More »

Connected homes: Is bystander privacy anyone’s responsibility?

CCTV, cybersecurity, Don't miss, Features, hardware, Hot stuff, Internet of Things, News, Privacy, research, smart home, surveillance /

Connected homes: Is bystander privacy anyone’s responsibility? 2025-11-05 at 09:07 By Sinisa Markovic Smart doorbells, connected cameras, and home monitoring systems have become common sights on doorsteps and living rooms. They promise safety and convenience, but they also raise a problem. These devices record more than their owners. They capture neighbors, visitors, and anyone passing

React to this headline:

Loading spinner

Connected homes: Is bystander privacy anyone’s responsibility? Read More »

Former ransomware negotiators allegedly targeted US firms with ALPHV/BlackCat ransomware

arrest, cybercrime, Don't miss, Hot stuff, News, Ransomware, US DoJ, USA /

Former ransomware negotiators allegedly targeted US firms with ALPHV/BlackCat ransomware 2025-11-04 at 15:04 By Zeljka Zorz A ransomware negotiator and an incident response manager have been indicted in Florida for allegedly conspiring to deploy the ALPHV/BlackCat ransomware against multiple US companies and extorting nearly $1.3 million from one of the victims. According to a federal

React to this headline:

Loading spinner

Former ransomware negotiators allegedly targeted US firms with ALPHV/BlackCat ransomware Read More »

How nations build and defend their cyberspace capabilities

attacks, CERT, CISO, cyber attribution, cybersecurity, Cyberwarfare, Don't miss, Features, Government, Hot stuff, News, strategy, tips /

How nations build and defend their cyberspace capabilities 2025-11-04 at 11:54 By Mirko Zorz In this Help Net Security interview, Dr. Bernhards Blumbergs, Lead Cyber Security Expert at CERT.LV, discusses how cyberspace has become an integral part of national and military operations. He explains how countries develop capabilities to act and defend in this domain,

React to this headline:

Loading spinner

How nations build and defend their cyberspace capabilities Read More »

Product showcase: Cogent Community democratizes vulnerability intelligence with agentic AI

Cogent Security, Don't miss, Hot stuff, News, Product showcase, vulnerability management /

Product showcase: Cogent Community democratizes vulnerability intelligence with agentic AI 2025-11-03 at 18:13 By Help Net Security The volume of threat intelligence data has grown exponentially, but the ability to interpret and act on it has not. Every day brings new CVE disclosures, exploit releases, and vendor advisories. Teams are buried under overlapping feeds, inconsistent

React to this headline:

Loading spinner

Product showcase: Cogent Community democratizes vulnerability intelligence with agentic AI Read More »

Cyber-espionage campaign mirroring Sandworm TTPs hit Russian and Belarusian military

Belarus, cyber espionage, Cyble, Don't miss, Hot stuff, News, Russian Federation, Seqrite, spear-phishing /

Cyber-espionage campaign mirroring Sandworm TTPs hit Russian and Belarusian military 2025-11-03 at 15:57 By Zeljka Zorz A spear-phishing campaign aimed to compromise Russian and Belarusian military personnel by using military-themed documents as a lure has been flagged by Cyble and Seqrite security researchers. The goal of the campaign is to get targets to download and

React to this headline:

Loading spinner

Cyber-espionage campaign mirroring Sandworm TTPs hit Russian and Belarusian military Read More »

A new way to think about zero trust for workloads

CISO, cybersecurity, Don't miss, enterprise, Features, framework, Hot stuff, News, OpenID, research, SentinelOne, strategy, Zero Networks, zero trust /

A new way to think about zero trust for workloads 2025-11-03 at 09:10 By Mirko Zorz Static credentials have been a weak point in cloud security for years. A new paper by researchers from SentinelOne takes direct aim at that issue with a practical model for authenticating workloads without long-lived secrets. Instead of relying on

React to this headline:

Loading spinner

A new way to think about zero trust for workloads Read More »

Securing real-time payments without slowing them down

cybersecurity, Don't miss, Features, financial industry, fraud, Hot stuff, identity verification, News, regulation, security controls, Tyro /

Securing real-time payments without slowing them down 2025-11-03 at 08:00 By Mirko Zorz In this Help Net Security interview, Arun Singh, CISO at Tyro, discusses what it takes to secure real-time payments without slowing them down. He explains how analytics, authentication, and better industry cooperation can help stay ahead of fraud. Singh also touches on

React to this headline:

Loading spinner

Securing real-time payments without slowing them down Read More »

CISA and partners take action as Microsoft Exchange security risks mount

CISA, Don't miss, email security, guidelines, Hot stuff, Microsoft Exchange, News, NSA, tips /

CISA and partners take action as Microsoft Exchange security risks mount 2025-10-31 at 19:32 By Zeljka Zorz In partnership with international cybersecurity agencies, the US Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) outlined security best practices for organizations that use on-premises versions of Microsoft Exchange Server. Microsoft Exchange servers are

React to this headline:

Loading spinner

CISA and partners take action as Microsoft Exchange security risks mount Read More »

Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491)

Arctic Wolf Networks, China, cyber espionage, Don't miss, government-backed attacks, Hot stuff, News, Trend Micro, vulnerability, Windows /

Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491) 2025-10-31 at 17:09 By Zeljka Zorz A Windows vulnerability (CVE-2025-9491, aka ZDI-CAN-25373) that state-sponsored threat actors and cybercrime groups have been quietly leveraging since at least 2017 continues to be exploited for attacks. “Arctic Wolf Labs assesses with high confidence that [the campaign they detected]

React to this headline:

Loading spinner

Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491) Read More »

Scroll to Top