Hot stuff

Sanctions won’t stop cyberattacks, but they can still “bite”

Sanctions won’t stop cyberattacks, but they can still “bite” 2025-10-29 at 16:58 By Zeljka Zorz Sanctions are one of the tools Western governments use when they want to hit back at state-sponsored cyber threat actors. But do they actually work? That’s the question a group of current and former cybersecurity officials, analysts, and researchers tackled […]

Sanctions won’t stop cyberattacks, but they can still “bite” Read More »

Python Foundation rejects US government grant earmarked for security improvements

Python Foundation rejects US government grant earmarked for security improvements 2025-10-29 at 14:23 By Zeljka Zorz The Python Software Foundation (PSF) has rejected a $1.5 million government grant due to restrictive conditions that would force the foundation to betray its mission and its community, the programming non-profit announced on Monday. “In January 2025, the PSF

Python Foundation rejects US government grant earmarked for security improvements Read More »

AI agents can leak company data through simple web searches

AI agents can leak company data through simple web searches 2025-10-29 at 10:24 By Mirko Zorz When a company deploys an AI agent that can search the web and access internal documents, most teams assume the agent is simply working as intended. New research shows how that same setup can be used to quietly pull

AI agents can leak company data through simple web searches Read More »

Early reporting helps credit unions stop fraudulent transfers faster

Early reporting helps credit unions stop fraudulent transfers faster 2025-10-29 at 08:48 By Mirko Zorz In this Help Net Security interview, Carl Scaffidi, CISO at VyStar Credit Union, discusses how credit unions are adapting to an evolving fraud landscape and strengthening payment security. As cybercriminals leverage social engineering and AI-driven tactics, Scaffidi explains how innovation

Early reporting helps credit unions stop fraudulent transfers faster Read More »

Product showcase: Syteca – The human-centric insider threat management platform

Product showcase: Syteca – The human-centric insider threat management platform 2025-10-29 at 08:00 By Help Net Security Most organizations think the greatest danger lurks outside their walls. But statistics keep proving otherwise. According to Verizon’s 2025 Data Breach Investigation Report, 60% of breaches involve the human element. The real risk often comes from within –

Product showcase: Syteca – The human-centric insider threat management platform Read More »

PoC code drops for remotely exploitable BIND 9 DNS flaw (CVE-2025-40778)

PoC code drops for remotely exploitable BIND 9 DNS flaw (CVE-2025-40778) 2025-10-28 at 19:27 By Zeljka Zorz A high-severity vulnerability (CVE-2025-40778) affecting BIND 9 DNS resolvers could be leveraged by remote, unauthenticated attackers to manipulate DNS entries via cache poisoning, allowing them to redirect Internet traffic to potentially malicious sites, distribute malware, or intercept network

PoC code drops for remotely exploitable BIND 9 DNS flaw (CVE-2025-40778) Read More »

Italian-made spyware Dante linked to Chrome zero-day exploitation campaign

Italian-made spyware Dante linked to Chrome zero-day exploitation campaign 2025-10-28 at 16:28 By Zeljka Zorz CVE-2025-2783, a Chrome zero-day vulnerability that was detected being exploited in March 2025 and was subsequently fixed by Google, was used by unknown attackers to deliver LeetAgent, suspected commercial spyware. An analysis of the malware’s code and the campaign’s infrastructure

Italian-made spyware Dante linked to Chrome zero-day exploitation campaign Read More »

Managing legacy medical devices that can no longer be patched

Managing legacy medical devices that can no longer be patched 2025-10-28 at 10:22 By Mirko Zorz In this Help Net Security interview, Patty Ryan, Senior Director and CISO at QuidelOrtho, discusses how the long lifecycles of medical devices impact cybersecurity in healthcare environments. She explains how organizations can protect legacy systems, collaborate with vendors, and

Managing legacy medical devices that can no longer be patched Read More »

eBook: A quarter century of Active Directory

eBook: A quarter century of Active Directory 2025-10-27 at 16:57 By Help Net Security Active Directory (AD) remains the backbone of enterprise identity and a prime target for attackers. Explore its 25-year history, evolving risks, and how organizations can modernize password security. This eBook shows why AD defenses must evolve and how to stop credential-based

eBook: A quarter century of Active Directory Read More »

Ransomware, extortion groups adapt as payment rates reach historic lows

Ransomware, extortion groups adapt as payment rates reach historic lows 2025-10-27 at 15:12 By Zeljka Zorz Ransomware groups are facing an economic downturn of their own: In Q3 2025, only 23 percent of victims paid a ransom, and for data theft incidents that involved no encryption, the payment rate dropped to just 19 percent, according

Ransomware, extortion groups adapt as payment rates reach historic lows Read More »

Can your earbuds recognize you? Researchers are working on it

Can your earbuds recognize you? Researchers are working on it 2025-10-27 at 09:05 By Mirko Zorz Biometric authentication has moved from fingerprints to voices to facial scans, but a team of researchers believes the next step could be inside the ear. New research explores how the ear canal’s unique acoustic properties can be used to

Can your earbuds recognize you? Researchers are working on it Read More »

Microsoft releases urgent fix for actively exploited WSUS vulnerability (CVE-2025-59287)

Microsoft releases urgent fix for actively exploited WSUS vulnerability (CVE-2025-59287) 2025-10-24 at 15:38 By Zeljka Zorz Microsoft has released an out-of-band security update that “comprehensively” addresses CVE-2025-59287, a remote code execution vulnerability in the Windows Server Update Services (WSUS) that is reportedly being exploited in the wild. About CVE-2025-59287 WSUS is a tool that helps

Microsoft releases urgent fix for actively exploited WSUS vulnerability (CVE-2025-59287) Read More »

Microsoft blocks risky file previews in Windows File Explorer

Microsoft blocks risky file previews in Windows File Explorer 2025-10-24 at 15:38 By Zeljka Zorz Along with fixing many code-based vulnerabilities, the October 2025 Windows updates also change how File Explorer handles files downloaded from the internet. The change affects the file management tool’s Preview Pane, which lets users see the contents of a file

Microsoft blocks risky file previews in Windows File Explorer Read More »

Researchers expose large-scale YouTube malware distribution network

Researchers expose large-scale YouTube malware distribution network 2025-10-23 at 17:37 By Zeljka Zorz Check Point researchers have uncovered, mapped and helped set back a stealthy, large-scale malware distribution operation on YouTube they dubbed the “YouTube Ghost Network.” The network published more than 3,000 videos across compromised or fake channels, luring viewers with game cheats, cracked

Researchers expose large-scale YouTube malware distribution network Read More »

Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932)

Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932) 2025-10-23 at 17:10 By Zeljka Zorz CVE-2025-61932, an “improper verification of source of a communication channel” vulnerability affecting Lanscope Endpoint Manager, has been exploited as a zero-day since April 2025, the Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) warned on Wednesday. According to information received

Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932) Read More »

Critical Adobe Commerce, Magento vulnerability under attack (CVE-2025-54236)

Critical Adobe Commerce, Magento vulnerability under attack (CVE-2025-54236) 2025-10-23 at 14:39 By Zeljka Zorz Attackers are trying to exploit CVE-2025-54236, a critical vulnerability affecting Adobe Commerce and Magento Open Source, Sansec researchers have warned. The company blocked over 250 exploitation attempts targeting multiple stores on Wednesday, and expects the attacks to continue at pace. About

Critical Adobe Commerce, Magento vulnerability under attack (CVE-2025-54236) Read More »

Faster LLM tool routing comes with new security considerations

Faster LLM tool routing comes with new security considerations 2025-10-23 at 09:23 By Sinisa Markovic Large language models depend on outside tools to perform real-world tasks, but connecting them to those tools often slows them down or causes failures. A new study from the University of Hong Kong proposes a way to fix that. The

Faster LLM tool routing comes with new security considerations Read More »

Attackers target retailers’ gift card systems using cloud-only techniques

Attackers target retailers’ gift card systems using cloud-only techniques 2025-10-22 at 17:12 By Zeljka Zorz A newly uncovered attack campaign mounted by suspected Morocco-based attackers has been hitting global retailers and other businesses issuing gift cards. What makes this campaign stand out is how the threat actors avoid typical malware techniques and endpoint hacking and

Attackers target retailers’ gift card systems using cloud-only techniques Read More »

Attackers turn trusted OAuth apps into cloud backdoors

Attackers turn trusted OAuth apps into cloud backdoors 2025-10-22 at 15:43 By Zeljka Zorz Attackers are increasingly abusing internal OAuth-based applications to gain persistent access to cloud environments, Proofpoint researchers warn. These apps often remain unnoticed for quite some time and allow attackers to maintain access to high-privileged accounts even after passwords are reset or

Attackers turn trusted OAuth apps into cloud backdoors Read More »

Scroll to Top