Hot stuff

Microsoft disrupts the RaccoonO365 Phishing-as-a-Service operation, names alleged leader

Cloudflare, Don't miss, Hot stuff, lawsuit, Microsoft, Microsoft 365, News, phishing /

Microsoft disrupts the RaccoonO365 Phishing-as-a-Service operation, names alleged leader 2025-09-17 at 15:23 By Zeljka Zorz Microsoft and Cloudflare have disrupted a Phishing-as-a-Service operation selling the RaccoonO365 kit for stealing Microsoft 365 account credentials. “Using a court order granted by the Southern District of New York, [we] seized 338 websites associated with the popular service, disrupting […]

React to this headline:

Loading spinner

Microsoft disrupts the RaccoonO365 Phishing-as-a-Service operation, names alleged leader Read More »

How a fake ICS network can reveal real cyberattacks

BforeAI, critical infrastructure, cybersecurity, Don't miss, Features, honeypots, Hot stuff, ICS/SCADA, News, research, strategy, tips /

How a fake ICS network can reveal real cyberattacks 2025-09-17 at 09:03 By Mirko Zorz Researchers have introduced a new way to study and defend against ICS threats. Their project, called ICSLure, is a honeynet built to closely mimic a real industrial environment. Why traditional honeypots fall short Honeypots are systems designed to attract attackers

React to this headline:

Loading spinner

How a fake ICS network can reveal real cyberattacks Read More »

Creating a compliance strategy that works across borders

Compliance, cybersecurity, data security, Don't miss, EQS Group, EU, Features, Hot stuff, News, regulation, USA /

Creating a compliance strategy that works across borders 2025-09-17 at 08:37 By Mirko Zorz In this Help Net Security interview, Marco Goldberg, Managing Director at EQS Group, discusses how compliance and regulation are evolving worldwide. He talks about how organizations can stay compliant with international rules while keeping their systems practical and user-friendly. Goldberg points

React to this headline:

Loading spinner

Creating a compliance strategy that works across borders Read More »

Self-replicating worm hits 180+ npm packages in (largely) automated supply chain attack

Aikido Security, Don't miss, Hot stuff, JavaScript, News, Node.js, open source, ReversingLabs, StepSecurity, supply chain attacks, Wiz, worms /

Self-replicating worm hits 180+ npm packages in (largely) automated supply chain attack 2025-09-17 at 01:18 By Zeljka Zorz A potentially monumental supply chain attack is underway, thanks to a self-replicating worm-like payload that has been compromising packages published on the npm Registry. The worm has been dubbed “Shai-hulud” as it steals credentials from victims who

React to this headline:

Loading spinner

Self-replicating worm hits 180+ npm packages in (largely) automated supply chain attack Read More »

Ransomware attackers used incorrectly stored recovery codes to disable EDR agents

credentials, Don't miss, Endpoint Security, enterprise, Hot stuff, Huntress, News, Ransomware, Rapid7, SMBs, SonicWall /

Ransomware attackers used incorrectly stored recovery codes to disable EDR agents 2025-09-16 at 15:46 By Zeljka Zorz All target organizations are different, but ransomware attackers are highly adaptive and appreciate – and will exploit – any mistake you make. The latest Akira ransomware attacks Managed security service providers and external incident responders have had a

React to this headline:

Loading spinner

Ransomware attackers used incorrectly stored recovery codes to disable EDR agents Read More »

Building security that protects customers, not just auditors

cybersecurity, Don't miss, Features, framework, Hot stuff, monitoring, News, Rapyd, security standard /

Building security that protects customers, not just auditors 2025-09-16 at 09:31 By Mirko Zorz In this Help Net Security interview, Nir Rothenberg, CISO at Rapyd, discusses global differences in payment security maturity and the lessons that can be learned from leading regions. He points out that good engineering usually leads to strong security, and cautions

React to this headline:

Loading spinner

Building security that protects customers, not just auditors Read More »

Phishing campaign targets Rust developers

Don't miss, GitHub, Hot stuff, News, programming, rust, spear-phishing /

Phishing campaign targets Rust developers 2025-09-15 at 19:27 By Zeljka Zorz Developers publishing crates (binaries and libraries written in Rust) on crates.io, Rust’s main public package registry, have been targeted with emails echoing the recent npm phishing campaign. The phishing email The emails started hitting developers’ inboxes on Friday, minutes after they published a (new)

React to this headline:

Loading spinner

Phishing campaign targets Rust developers Read More »

What could a secure 6G network look like?

Artificial Intelligence, attacks, cybersecurity, Don't miss, ETSI, Expert analysis, Expert corner, Hot stuff, network, News, opinion, security standard, telecommunications, wireless /

What could a secure 6G network look like? 2025-09-15 at 08:47 By Help Net Security The official standards for 6G are set to be announced by the end of 2029. While the industry is moving towards consensus around how the 6G network will be built, it also needs to anticipate how it will be compromised

React to this headline:

Loading spinner

What could a secure 6G network look like? Read More »

HybridPetya: (Proof-of-concept?) ransomware can bypass UEFI Secure Boot

bootkit, Don't miss, ESET, Hot stuff, News, Ransomware /

HybridPetya: (Proof-of-concept?) ransomware can bypass UEFI Secure Boot 2025-09-12 at 19:00 By Help Net Security ESET researchers have discovered HybridPetya, a bootkit-and-ransomware combo that’s a copycat of the infamous Petya/NotPetya malware, augmented with the capability of compromising UEFI-based systems and weaponizing CVE-2024-7344 to bypass UEFI Secure Boot on outdated systems. The sample was uploaded from

React to this headline:

Loading spinner

HybridPetya: (Proof-of-concept?) ransomware can bypass UEFI Secure Boot Read More »

CISA looks to partners to shore up the future of the CVE Program

CISA, CVE, Don't miss, Government, Hot stuff, MITRE, News, USA, vulnerability assessment /

CISA looks to partners to shore up the future of the CVE Program 2025-09-12 at 15:32 By Zeljka Zorz The US Cybersecurity and Infrastructure Security Agency (CISA) has affirmed its continuing support for the Common Vulnerabilities and Exposures (CVE) program. “If we want to outpace and outmaneuver our adversaries, we must first ensure that defenders

React to this headline:

Loading spinner

CISA looks to partners to shore up the future of the CVE Program Read More »

Your heartbeat could reveal your identity, even in anonymized datasets

biometrics, data security, Don't miss, Features, hardware, healthcare, Hot stuff, News, Privacy, research, wearable tech /

Your heartbeat could reveal your identity, even in anonymized datasets 2025-09-12 at 09:12 By Mirko Zorz A new study has found that electrocardiogram (ECG) signals, often shared publicly for medical research, can be linked back to individuals. Researchers were able to re-identify people in anonymous datasets with surprising accuracy, raising questions about how health data

React to this headline:

Loading spinner

Your heartbeat could reveal your identity, even in anonymized datasets Read More »

Akira ransomware affiliates continue breaching organizations via SonicWall firewalls

ACSC, Australia, Don't miss, Hot stuff, News, Ransomware, Rapid7, SonicWall, vulnerability /

Akira ransomware affiliates continue breaching organizations via SonicWall firewalls 2025-09-11 at 18:25 By Zeljka Zorz Over a year after SonicWall patched CVE-2024-40766, a critical flaw in its next-gen firewalls, ransomware attackers are still gaining a foothold in organizations by exploiting it. Like last September and earlier this year, the attackers are affiliates of the Akira

React to this headline:

Loading spinner

Akira ransomware affiliates continue breaching organizations via SonicWall firewalls Read More »

Default Cursor setting can be exploited to run malicious code on developers’ machines

Cursor, Don't miss, Hot stuff, News, Oasis Security, programming, software development, vulnerability /

Default Cursor setting can be exploited to run malicious code on developers’ machines 2025-09-11 at 14:02 By Zeljka Zorz An out-of-the-box setting in Cursor, a popular AI source-code editor, could be leveraged by attackers to covertly run malicious code on users’ computers, researchers have warned. An exploitable vulnerability in the Cursor AI editor Cursor is

React to this headline:

Loading spinner

Default Cursor setting can be exploited to run malicious code on developers’ machines Read More »

When typing becomes tracking: Study reveals widespread silent keystroke interception

data collection, data security, Don't miss, Features, Hot stuff, News, Privacy, research, surveillance /

When typing becomes tracking: Study reveals widespread silent keystroke interception 2025-09-11 at 09:17 By Mirko Zorz You type your email address into a website form but never hit submit. Hours later, a marketing email shows up in your inbox. According to new research, that is not a coincidence. A team of researchers from UC Davis,

React to this headline:

Loading spinner

When typing becomes tracking: Study reveals widespread silent keystroke interception Read More »

How attackers weaponize communications networks

BlackBerry, cybersecurity, data security, Don't miss, Features, Hot stuff, network, network monitoring, News, regulation, secure communications, telecommunications /

How attackers weaponize communications networks 2025-09-11 at 08:30 By Mirko Zorz In this Help Net Security interview, Gregory Richardson, Vice President, Advisory CISO Worldwide, at BlackBerry, talks about the growing risks to communications networks. He explains why attackers focus on these networks and how their motivations range from corporate espionage to geopolitical influence. The discussion

React to this headline:

Loading spinner

How attackers weaponize communications networks Read More »

Microsoft, Adobe, SAP deliver critical fixes for September 2025 Patch Tuesday

Adobe, Adobe ColdFusion, Don't miss, Hot stuff, Immersive, magento, News, Patch Tuesday, Sansec, SAP, security update, Tenable, Trend Micro, vulnerability /

Microsoft, Adobe, SAP deliver critical fixes for September 2025 Patch Tuesday 2025-09-10 at 13:56 By Zeljka Zorz On September 2025 Patch Tuesday, Microsoft has released patches for 80+ vulnerabilities in its various software products, but the good news is that none of them are actively exploited. Among the critical and important vulnerabilities patched by Microsoft

React to this headline:

Loading spinner

Microsoft, Adobe, SAP deliver critical fixes for September 2025 Patch Tuesday Read More »

Automated network pentesting uncovers what traditional tests missed

automation, cybersecurity, Don't miss, Hot stuff, network, News, patching, penetration testing, Vonahi Security /

Automated network pentesting uncovers what traditional tests missed 2025-09-10 at 11:45 By Zeljka Zorz Most organizations run an annual network penetration test, remediate the issues it uncovers, and move on. But attackers are probing networks every day, using publicly available tools to exploit common misconfigurations and overlooked vulnerabilities. A new report, based on over 50,000

React to this headline:

Loading spinner

Automated network pentesting uncovers what traditional tests missed Read More »

Fixing silent failures in security controls with adversarial exposure validation

Don't miss, Expert analysis, Expert corner, Hot stuff, News, Picus Security, report, security controls, Whitepapers and webinars /

Fixing silent failures in security controls with adversarial exposure validation 2025-09-10 at 08:16 By Help Net Security Organizations often operate as if their security controls are fully effective simply because they’re deployed, configured, and monitored. Firewalls are in place, endpoints are protected, and SIEM rules are running. All good, right? Not so fast. Appearances can

React to this headline:

Loading spinner

Fixing silent failures in security controls with adversarial exposure validation Read More »

Plex tells users to change passwords due to data breach, pushes server owners to upgrade

data breach, Don't miss, Hot stuff, News, Plex Media Server, security update, streaming device, vulnerability /

Plex tells users to change passwords due to data breach, pushes server owners to upgrade 2025-09-09 at 19:42 By Zeljka Zorz Media streaming company Plex has suffered a data breach and is urging users to reset their account password and enable two-factor authentication. “An unauthorized third party accessed a limited subset of customer data from

React to this headline:

Loading spinner

Plex tells users to change passwords due to data breach, pushes server owners to upgrade Read More »

Scroll to Top