Hot stuff

Cisco fixes critical UCCX flaws, patch ASAP! (CVE-2025-20358, CVE-2025-20354)

Cisco fixes critical UCCX flaws, patch ASAP! (CVE-2025-20358, CVE-2025-20354) 2025-11-06 at 17:16 By Zeljka Zorz Cisco has fixed two critical vulnerabilities (CVE-2025-20358, CVE-2025-20354) affecting Unified Contact Center Express (UCCX), which may allow attackers to bypass authentication, compromise vulnerable installations, and elevate privileges to root. The good news is that there is currently no evidence of […]

Cisco fixes critical UCCX flaws, patch ASAP! (CVE-2025-20358, CVE-2025-20354) Read More »

SonicWall cloud backup hack was the work of a state actor

SonicWall cloud backup hack was the work of a state actor 2025-11-06 at 15:30 By Zeljka Zorz Incident responders from Mandiant have wrapped up their investigation into the SonicWall cloud backup service hack, and the verdict is in: the culprit is a state-sponsored threat actor (though the specific nation wasn’t disclosed). “[The incident] was isolated

SonicWall cloud backup hack was the work of a state actor Read More »

OpenGuardrails: A new open-source model aims to make AI safer for real-world use

OpenGuardrails: A new open-source model aims to make AI safer for real-world use 2025-11-06 at 10:28 By Mirko Zorz When you ask a large language model to summarize a policy or write code, you probably assume it will behave safely. But what happens when someone tries to trick it into leaking data or generating harmful

OpenGuardrails: A new open-source model aims to make AI safer for real-world use Read More »

Google uncovers malware using LLMs to operate and evade detection

Google uncovers malware using LLMs to operate and evade detection 2025-11-05 at 20:53 By Zeljka Zorz PromptLock, the AI-powered proof-of-concept ransomware developed by researchers at NYU Tandon and initially mistaken for an active threat by ESET, is no longer an isolated example: Google’s latest report shows attackers are now creating and deploying other malware that

Google uncovers malware using LLMs to operate and evade detection Read More »

Critical Control Web Panel vulnerability is actively exploited (CVE-2025-48703)

Critical Control Web Panel vulnerability is actively exploited (CVE-2025-48703) 2025-11-05 at 14:59 By Zeljka Zorz On Tuesday, CISA added two vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2025-11371, which affects Gladinet’s CentreStack and Triofox file-sharing and remote access platforms, and CVE-2025-48703, a vulnerability in Control Web Panel (CWP), a web hosting control panel designed for

Critical Control Web Panel vulnerability is actively exploited (CVE-2025-48703) Read More »

PortGPT: How researchers taught an AI to backport security patches automatically

PortGPT: How researchers taught an AI to backport security patches automatically 2025-11-05 at 09:07 By Mirko Zorz Keeping older software versions secure often means backporting patches from newer releases. It is a routine but tedious job, especially for large open-source projects such as the Linux kernel. A new research effort has built a tool that

PortGPT: How researchers taught an AI to backport security patches automatically Read More »

Connected homes: Is bystander privacy anyone’s responsibility?

Connected homes: Is bystander privacy anyone’s responsibility? 2025-11-05 at 09:07 By Sinisa Markovic Smart doorbells, connected cameras, and home monitoring systems have become common sights on doorsteps and living rooms. They promise safety and convenience, but they also raise a problem. These devices record more than their owners. They capture neighbors, visitors, and anyone passing

Connected homes: Is bystander privacy anyone’s responsibility? Read More »

Former ransomware negotiators allegedly targeted US firms with ALPHV/BlackCat ransomware

Former ransomware negotiators allegedly targeted US firms with ALPHV/BlackCat ransomware 2025-11-04 at 15:04 By Zeljka Zorz A ransomware negotiator and an incident response manager have been indicted in Florida for allegedly conspiring to deploy the ALPHV/BlackCat ransomware against multiple US companies and extorting nearly $1.3 million from one of the victims. According to a federal

Former ransomware negotiators allegedly targeted US firms with ALPHV/BlackCat ransomware Read More »

How nations build and defend their cyberspace capabilities

How nations build and defend their cyberspace capabilities 2025-11-04 at 11:54 By Mirko Zorz In this Help Net Security interview, Dr. Bernhards Blumbergs, Lead Cyber Security Expert at CERT.LV, discusses how cyberspace has become an integral part of national and military operations. He explains how countries develop capabilities to act and defend in this domain,

How nations build and defend their cyberspace capabilities Read More »

Product showcase: Cogent Community democratizes vulnerability intelligence with agentic AI

Product showcase: Cogent Community democratizes vulnerability intelligence with agentic AI 2025-11-03 at 18:13 By Help Net Security The volume of threat intelligence data has grown exponentially, but the ability to interpret and act on it has not. Every day brings new CVE disclosures, exploit releases, and vendor advisories. Teams are buried under overlapping feeds, inconsistent

Product showcase: Cogent Community democratizes vulnerability intelligence with agentic AI Read More »

Cyber-espionage campaign mirroring Sandworm TTPs hit Russian and Belarusian military

Cyber-espionage campaign mirroring Sandworm TTPs hit Russian and Belarusian military 2025-11-03 at 15:57 By Zeljka Zorz A spear-phishing campaign aimed to compromise Russian and Belarusian military personnel by using military-themed documents as a lure has been flagged by Cyble and Seqrite security researchers. The goal of the campaign is to get targets to download and

Cyber-espionage campaign mirroring Sandworm TTPs hit Russian and Belarusian military Read More »

A new way to think about zero trust for workloads

A new way to think about zero trust for workloads 2025-11-03 at 09:10 By Mirko Zorz Static credentials have been a weak point in cloud security for years. A new paper by researchers from SentinelOne takes direct aim at that issue with a practical model for authenticating workloads without long-lived secrets. Instead of relying on

A new way to think about zero trust for workloads Read More »

Securing real-time payments without slowing them down

Securing real-time payments without slowing them down 2025-11-03 at 08:00 By Mirko Zorz In this Help Net Security interview, Arun Singh, CISO at Tyro, discusses what it takes to secure real-time payments without slowing them down. He explains how analytics, authentication, and better industry cooperation can help stay ahead of fraud. Singh also touches on

Securing real-time payments without slowing them down Read More »

CISA and partners take action as Microsoft Exchange security risks mount

CISA and partners take action as Microsoft Exchange security risks mount 2025-10-31 at 19:32 By Zeljka Zorz In partnership with international cybersecurity agencies, the US Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) outlined security best practices for organizations that use on-premises versions of Microsoft Exchange Server. Microsoft Exchange servers are

CISA and partners take action as Microsoft Exchange security risks mount Read More »

Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491)

Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491) 2025-10-31 at 17:09 By Zeljka Zorz A Windows vulnerability (CVE-2025-9491, aka ZDI-CAN-25373) that state-sponsored threat actors and cybercrime groups have been quietly leveraging since at least 2017 continues to be exploited for attacks. “Arctic Wolf Labs assesses with high confidence that [the campaign they detected]

Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491) Read More »

Shadow AI: New ideas emerge to tackle an old problem in new form

Shadow AI: New ideas emerge to tackle an old problem in new form 2025-10-31 at 09:13 By Zeljka Zorz Shadow AI is the second-most prevalent form of shadow IT in corporate environments, 1Password’s latest annual report has revealed. Based on a survey of over 5,000 IT/security professionals and knowledge workers in the US, UK, Europe,

Shadow AI: New ideas emerge to tackle an old problem in new form Read More »

You can’t audit how AI thinks, but you can audit what it does

You can’t audit how AI thinks, but you can audit what it does 2025-10-31 at 08:30 By Mirko Zorz In this Help Net Security interview, Wade Bicknell, Head, IT Security & Operations, CFA Institute, discusses how CISOs can use AI while maintaining security and governance. He explains why AI presents both defensive opportunities and emerging

You can’t audit how AI thinks, but you can audit what it does Read More »

Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287)

Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287) 2025-10-30 at 15:46 By Zeljka Zorz Attackers have been spotted exploiting the recently patched WSUS vulnerability (CVE-2025-59287) to deploy infostealer malware on unpatched Windows servers. An out-of-band update Last week’s release of an emergency fix for CVE-2025-59287, a Windows Server Update Services (WSUS) remote code execution vulnerability,

Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287) Read More »

How neighbors could spy on smart homes

How neighbors could spy on smart homes 2025-10-30 at 13:34 By Mirko Zorz Even with strong wireless encryption, privacy in connected homes may be thinner than expected. A new study from Leipzig University shows that someone in an adjacent apartment could learn personal details about a household without breaking any encryption. By monitoring the wireless

How neighbors could spy on smart homes Read More »

Scroll to Top