Hot stuff

Why stolen credentials remain cybercriminals’ tool of choice

credentials, cybercriminals, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, N-able, News, opinion, passwords /

Why stolen credentials remain cybercriminals’ tool of choice 2025-07-31 at 09:26 By Help Net Security It’s often the case that the simplest tools have the longest staying power, because they ultimately get the job done. Take duct tape, for example: it’s a sturdy household classic that wasn’t invented to be elegant or high tech. It […]

React to this headline:

Loading spinner

Why stolen credentials remain cybercriminals’ tool of choice Read More »

New AI model offers faster, greener way for vulnerability detection

Artificial Intelligence, cybersecurity, Don't miss, Features, Hot stuff, LLMs, News, research, vulnerability assessment /

New AI model offers faster, greener way for vulnerability detection 2025-07-31 at 08:33 By Mirko Zorz A team of researchers has developed a new AI model, called White-Basilisk, that detects software vulnerabilities more efficiently than much larger systems. The model’s release comes at a time when developers and security teams face mounting pressure to secure

React to this headline:

Loading spinner

New AI model offers faster, greener way for vulnerability detection Read More »

Artemis: Open-source modular vulnerability scanner

Don't miss, GitHub, Hot stuff, News, open source, penetration testing, scanner, scanning, software, vulnerability assessment /

Artemis: Open-source modular vulnerability scanner 2025-07-30 at 09:00 By Mirko Zorz Artemis is an open-source modular vulnerability scanner that checks different aspects of a website’s security and translates the results into easy-to-understand messages that can be shared with the organizations being scanned. “The most important feature of the tool is report generation. Besides scanning, it

React to this headline:

Loading spinner

Artemis: Open-source modular vulnerability scanner Read More »

Fighting AI with AI: How Darwinium is reshaping fraud defense

Artificial Intelligence, authentication, automation, Black Hat USA 2025, CISO, cybersecurity, Darwinium, Don't miss, enterprise, Features, fraud, Hot stuff, LLMs, News, opinion, strategy, tips /

Fighting AI with AI: How Darwinium is reshaping fraud defense 2025-07-29 at 16:07 By Mirko Zorz AI agents are showing up in more parts of the customer journey, from product discovery to checkout. And fraudsters are also putting them to work, often with alarming success. In response, cyberfraud prevention leader Darwinium is launching two AI-powered

React to this headline:

Loading spinner

Fighting AI with AI: How Darwinium is reshaping fraud defense Read More »

Why behavioral intelligence is becoming the bank fraud team’s best friend

BioCatch, cybersecurity, Don't miss, enterprise, Features, financial industry, fraud, Hot stuff, News, social engineering, social media /

Why behavioral intelligence is becoming the bank fraud team’s best friend 2025-07-29 at 09:03 By Mirko Zorz In this Help Net Security interview, Seth Ruden, Senior Director of Global Advisory at BioCatch, discusses how financial institutions are addressing fraud. He explains how banks are using behavioral biometrics, device fingerprinting, and network intelligence to enhance fraud

React to this headline:

Loading spinner

Why behavioral intelligence is becoming the bank fraud team’s best friend Read More »

Ransomware will thrive until we change our strategy

BH Consulting, Brian Honan, cyber resilience, cybercrime, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, law enforcement, News, opinion, Ransomware, regulation, strategy /

Ransomware will thrive until we change our strategy 2025-07-29 at 08:36 By Help Net Security We have reached a stage where ransomware isn’t simply a cybercrime issue: it is now clearly a business disruptor, a threat to societal trust, and increasingly, a national security crisis. As James Babbage, Director General (Threats) at the UK’s National

React to this headline:

Loading spinner

Ransomware will thrive until we change our strategy Read More »

The final frontier of cybersecurity is now in space

critical infrastructure, cybersecurity, Don't miss, EU, Features, Hot stuff, News, strategy, USA /

The final frontier of cybersecurity is now in space 2025-07-29 at 08:11 By Sinisa Markovic As the space sector becomes more commercial and military-focused, these assets are becoming attractive targets. The global space economy is booming and is expected to increase from $630 billion in 2023 to $1.8 trillion by 2035. This means the need

React to this headline:

Loading spinner

The final frontier of cybersecurity is now in space Read More »

Your supply chain security strategy might be missing the biggest risk

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Imprivata, News, opinion, Risk Management, strategy, supply chain /

Your supply chain security strategy might be missing the biggest risk 2025-07-28 at 09:03 By Help Net Security Third-party involvement in data breaches has doubled this year from 15 percent to nearly 30 percent. In response, many organizations have sharpened their focus on third-party risk management, carefully vetting the security practices of their vendors. However,

React to this headline:

Loading spinner

Your supply chain security strategy might be missing the biggest risk Read More »

The legal minefield of hacking back

bug bounty, CISO, cybersecurity, Don't miss, Features, framework, hacking, Hot stuff, ImmuneFi, law, News, opinion, strategy, tips /

The legal minefield of hacking back 2025-07-28 at 08:57 By Mirko Zorz In this Help Net Security interview, Gonçalo Magalhães, Head of Security at Immunefi, discusses the legal and ethical implications of hacking back in cross-border cyber incidents. He warns that offensive cyber actions risk violating international law, escalating conflicts, and harming innocent third parties.

React to this headline:

Loading spinner

The legal minefield of hacking back Read More »

Review: LLM Engineer’s Handbook

Artificial Intelligence, books, Don't miss, Hot stuff, News, Review, Reviews, skill development /

Review: LLM Engineer’s Handbook 2025-07-28 at 07:34 By Mirko Zorz For all the excitement around LLMs, practical, engineering-focused guidance remains surprisingly hard to find. LLM Engineer’s Handbook aims to fill that gap. About the authors Paul Iusztin is a Senior AI Engineer and founder of Decoding ML, a channel for content on learning how to

React to this headline:

Loading spinner

Review: LLM Engineer’s Handbook Read More »

Digital sovereignty becomes a matter of resilience for Europe

Compliance, cybersecurity, Don't miss, EU, Europe, Features, Hot stuff, News, open source, regulation, Wire /

Digital sovereignty becomes a matter of resilience for Europe 2025-07-25 at 08:37 By Mirko Zorz In this Help Net Security interview, Benjamin Schilz, CEO of Wire, discusses Europe’s push for digital sovereignty through initiatives like Gaia-X and the EU AI Act. As the continent redefines its technological future, the focus shifts from regulation to building

React to this headline:

Loading spinner

Digital sovereignty becomes a matter of resilience for Europe Read More »

Storm-2603 spotted deploying ransomware on exploited SharePoint servers

0-day, Check Point, Don't miss, exploit, Hot stuff, Microsoft, News, SANS ISC, SharePoint, vulnerability /

Storm-2603 spotted deploying ransomware on exploited SharePoint servers 2025-07-24 at 19:03 By Zeljka Zorz One of the groups that, in the past few weeks, has been exploiting vulnerabilities in on-prem SharePoint installation has been observed deploying Warlock ransomware, Microsoft shared on Wednesday. First attack spotted on July 7th On Saturday, Microsoft announced that attackers have

React to this headline:

Loading spinner

Storm-2603 spotted deploying ransomware on exploited SharePoint servers Read More »

Sonicwall fixes critical flaw in SMA appliances, urges customers to check for compromise (CVE-2025-40599)

Don't miss, Google Cloud, Hot stuff, News, SonicWall, vulnerability /

Sonicwall fixes critical flaw in SMA appliances, urges customers to check for compromise (CVE-2025-40599) 2025-07-24 at 13:19 By Zeljka Zorz Sonicwall is asking customers running specific Secure Mobile Access (SMA) 100 Series devices to patch a newly uncovered vulnerability (CVE-2025-40599) as soon as possible. “While there is currently no evidence that this vulnerability is being

React to this headline:

Loading spinner

Sonicwall fixes critical flaw in SMA appliances, urges customers to check for compromise (CVE-2025-40599) Read More »

Why outsourcing cybersecurity is rising in the Adriatic region

CISO, cybersecurity, cybersecurity talent, Don't miss, EU, Exclusive Networks, Features, Hot stuff, News, regulation, skill development, training /

Why outsourcing cybersecurity is rising in the Adriatic region 2025-07-24 at 11:57 By Mirko Zorz In this Help Net Security interview, Aleksandar Stančin, Board Member Adriatics, Exclusive Networks, discusses the state of cybersecurity in the Adriatic region. He talks about how local markets often lag behind EU regulations, despite facing threats comparable to those in

React to this headline:

Loading spinner

Why outsourcing cybersecurity is rising in the Adriatic region Read More »

Microsoft rolls out Windows 11 “quick recovery” feature

automation, consumer, Don't miss, enterprise, Hot stuff, News, SMBs, Windows /

Microsoft rolls out Windows 11 “quick recovery” feature 2025-07-23 at 18:31 By Zeljka Zorz With the latest Windows 11 update, Microsoft is saying goodbye to the infamous “Blue Screen of Death” and has enabled the quick machine recovery feature by default for Home users. “For nearly four decades, the blue screen shown during an unexpected

React to this headline:

Loading spinner

Microsoft rolls out Windows 11 “quick recovery” feature Read More »

Maximum severity Cisco ISE vulnerabilities exploited by attackers

access control, Cisco, Don't miss, Hot stuff, identity services, News, vulnerability /

Maximum severity Cisco ISE vulnerabilities exploited by attackers 2025-07-23 at 16:20 By Zeljka Zorz One or more vulnerabilities affecting Cisco Identity Services Engine (ISE) are being exploited in the wild, Cisco has confirmed by updating the security advisory for the flaws. About the vulnerabilities The three vulnerabilities affect Cisco’s Identity Services Engine (ISE) – a

React to this headline:

Loading spinner

Maximum severity Cisco ISE vulnerabilities exploited by attackers Read More »

Microsoft pins on-prem SharePoint attacks on Chinese threat actors

Check Point, China, Don't miss, exploit, Eye Security, Hot stuff, News, Palo Alto Networks, Rapid7, SentinelOne, SharePoint, Trend Micro, vulnerability /

Microsoft pins on-prem SharePoint attacks on Chinese threat actors 2025-07-22 at 18:54 By Zeljka Zorz As Microsoft continues to update its customer guidance for protecting on-prem SharePoint servers against the latest in-the-wild attacks, more security firms have begun sharing details about the ones they have detected. Most intriguingly, Check Point Research says that they observed

React to this headline:

Loading spinner

Microsoft pins on-prem SharePoint attacks on Chinese threat actors Read More »

Product showcase: iStorage diskAshur PRO3

backup, Data Protection, Don't miss, Encryption, hardware, Hot stuff, iStorage, News, Product showcase, storage /

Product showcase: iStorage diskAshur PRO3 2025-07-22 at 10:13 By Anamarija Pogorelec Data breaches seem to pop up in the news every other week, so it’s no surprise that keeping sensitive information safe has jumped to the top of the priority list for just about every industry. Hardware-encrypted drives like the iStorage diskAshur PRO3 address this

React to this headline:

Loading spinner

Product showcase: iStorage diskAshur PRO3 Read More »

Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309)

CrushFTP, Don't miss, enterprise, exploit, file-sharing, Hot stuff, News, Rapid7, Shadowserver, SMBs, vulnerability /

Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309) 2025-07-21 at 15:42 By Zeljka Zorz Unknown attackers have exploited a vulnerability (CVE-2025‑54309) in the CrushFTP enterprise file-transfer server solution to gain administrative access to vulnerable deployments. It’s currently unclear what the attackers are using this access for, but data theft looks most likely. According to

React to this headline:

Loading spinner

Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309) Read More »

How to land your first job in cybersecurity

Artificial Intelligence, cybersecurity, cybersecurity jobs, DirectDefense, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, skill development, tips /

How to land your first job in cybersecurity 2025-07-21 at 09:54 By Help Net Security According to LinkedIn, job applications have surged over 45% in the past year, with 11,000 applications submitted every minute. This flood of applications is making it harder than ever for qualified candidates to stand out. The industry has become highly

React to this headline:

Loading spinner

How to land your first job in cybersecurity Read More »

Scroll to Top