News

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775)

0-day, backdoor, Citrix, Don't miss, Hot stuff, NetScaler, News, web shell /

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) 2025-08-26 at 16:35 By Zeljka Zorz Three new vulnerabilities affecting (Citrix) NetScaler application delivery controller (ADC) and Gateway devices have been made public, one of which (CVE-2025-7775) has been targeted in zero-day attacks. “Exploits of CVE-2025-7775 on unmitigated appliances have been observed,” Citrix has confirmed, and released security […]

React to this headline:

Loading spinner

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) Read More »

Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384)

CISA, Don't miss, Git, Hot stuff, News, PoC, software development, vulnerability /

Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384) 2025-08-26 at 13:47 By Zeljka Zorz CVE-2025-48384, a recently patched vulnerability in the popular distributed revision control system Git, is being exploited by attackers. Details about the attacks are not public, but the confirmation of exploitation comes from the US Cybersecurity and Infrastructure Security

React to this headline:

Loading spinner

Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384) Read More »

Protecting farms from hackers: A Q&A with John Deere’s Deputy CISO

CISO, critical infrastructure, cyber risk, cybersecurity, Don't miss, embedded systems, Features, Hot stuff, News, opinion, Risk Management, strategy /

Protecting farms from hackers: A Q&A with John Deere’s Deputy CISO 2025-08-26 at 09:24 By Mirko Zorz Agriculture is a connected, software-driven industry where cybersecurity is just as essential as tractors and harvesters. From embedded hardware in smart fleets to defending against advanced persistent threats, protecting the agricultural supply chain requires a layered, collaborative approach.

React to this headline:

Loading spinner

Protecting farms from hackers: A Q&A with John Deere’s Deputy CISO Read More »

The energy sector has no time to wait for the next cyberattack

critical infrastructure, cybersecurity, Delinea, ENCS, energy sector, FBI, News, SecurityScorecard, SixMap, strategy, threat, Trustwave /

The energy sector has no time to wait for the next cyberattack 2025-08-26 at 08:57 By Sinisa Markovic The energy sector remains a major target for cybercriminals. Beyond disrupting daily routines, a power outage can undermine economic stability and public safety. Rising demand for electricity, fueled by technology and digital growth, only adds to the

React to this headline:

Loading spinner

The energy sector has no time to wait for the next cyberattack Read More »

LLMs at the edge: Rethinking how IoT devices talk and act

Artificial Intelligence, Don't miss, Features, Hot stuff, IEEE, Internet of Things, LLMs, networking, News, research, smart home, Sumo Logic /

LLMs at the edge: Rethinking how IoT devices talk and act 2025-08-26 at 08:01 By Mirko Zorz Anyone who has set up a smart home knows the routine: one app to dim the lights, another to adjust the thermostat, and a voice assistant that only understands exact phrasing. These systems call themselves smart, but in

React to this headline:

Loading spinner

LLMs at the edge: Rethinking how IoT devices talk and act Read More »

How to build a secure AI culture without shutting people down

Artificial Intelligence, cybersecurity, Don't miss, News, security awareness, security culture, Security Journey, strategy, tips, Video /

How to build a secure AI culture without shutting people down 2025-08-26 at 07:32 By Help Net Security In this Help Net Security video, Michael Burch, Director of Application Security at Security Journey, explains how organizations can build a secure AI culture. He highlights the risks of banning AI outright, the dangers of shadow AI,

React to this headline:

Loading spinner

How to build a secure AI culture without shutting people down Read More »

Cybersecurity jobs available right now: August 26, 2025

cybersecurity jobs, News /

Cybersecurity jobs available right now: August 26, 2025 2025-08-26 at 07:18 By Sinisa Markovic Sr. Cybersecurity Analyst Aecon Group Inc. | USA | On-site – View job details As a Sr. Cybersecurity Analyst, you will lead cybersecurity and compliance efforts within construction operations, particularly those involving federal contracts and infrastructure projects. Senior Manager, Technology Operations

React to this headline:

Loading spinner

Cybersecurity jobs available right now: August 26, 2025 Read More »

ScreenConnect admins targeted with spoofed login alerts

Don't miss, Hot stuff, MFA, Mimecast, MITM, MSP, News, Sophos, spear-phishing /

ScreenConnect admins targeted with spoofed login alerts 2025-08-25 at 17:56 By Zeljka Zorz ScreenConnect cloud administrators across all region and industries are being targeted with fake email alerts warning about a potentially suspicious login event. The goal of the attackers is to grab the login credentials and MFA tokens of Super Admins: users who have

React to this headline:

Loading spinner

ScreenConnect admins targeted with spoofed login alerts Read More »

Fake macOS help sites push Shamos infostealer via ClickFix technique

Check Point, CrowdStrike, Don't miss, ESET, Hot stuff, macOS, malvertising, Malware, Microsoft, News, social engineering /

Fake macOS help sites push Shamos infostealer via ClickFix technique 2025-08-25 at 15:23 By Zeljka Zorz Criminals are taking advantage of macOS users’ need to resolve technical issues to get them to infect their machines with the Shamos infostealer, Crowdstrike researchers have warned. To prevent macOS security features from blocking the installation, the malware peddlers

React to this headline:

Loading spinner

Fake macOS help sites push Shamos infostealer via ClickFix technique Read More »

Why a new AI tool could change how we test insider threat defenses

Artificial Intelligence, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, Insider Threat, LLMs, News, research, Risk Management /

Why a new AI tool could change how we test insider threat defenses 2025-08-25 at 09:04 By Mirko Zorz Insider threats are among the hardest attacks to detect because they come from people who already have legitimate access. Security teams know the risk well, but they often lack the data needed to train systems that

React to this headline:

Loading spinner

Why a new AI tool could change how we test insider threat defenses Read More »

Why satellite cybersecurity threats matter to everyone

aerospace, CISO, cyber resilience, cyber risk, cybersecurity, Deloitte, Don't miss, Features, Hot stuff, News, opinion, strategy, tips, zero trust /

Why satellite cybersecurity threats matter to everyone 2025-08-25 at 08:34 By Mirko Zorz Satellites play a huge role in our daily lives, supporting everything from global communications to navigation, business, and national security. As space becomes more crowded and commercial satellite use grows, these systems are facing new cyber threats. The challenge is even greater

React to this headline:

Loading spinner

Why satellite cybersecurity threats matter to everyone Read More »

Kopia: Open-source encrypted backup tool for Windows, macOS, Linux

backup, Don't miss, GitHub, News, open source, software /

Kopia: Open-source encrypted backup tool for Windows, macOS, Linux 2025-08-25 at 08:21 By Help Net Security Kopia is an open-source backup and restore tool that lets you create encrypted snapshots of your files and store them in cloud storage, on a remote server, on network-attached storage, or on your own computer. It doesn’t create a

React to this headline:

Loading spinner

Kopia: Open-source encrypted backup tool for Windows, macOS, Linux Read More »

Review: Adversarial AI Attacks, Mitigations, and Defense Strategies

Artificial Intelligence, books, Don't miss, generative AI, Hot stuff, how-to, LLMs, machine learning, News, Review, Reviews, skill development, strategy, tips /

Review: Adversarial AI Attacks, Mitigations, and Defense Strategies 2025-08-25 at 07:50 By Mirko Zorz Adversarial AI Attacks, Mitigations, and Defense Strategies shows how AI systems can be attacked and how defenders can prepare. It’s essentially a walkthrough of offensive and defensive approaches to AI security. About the author John Sotiropoulos is the Head Of AI

React to this headline:

Loading spinner

Review: Adversarial AI Attacks, Mitigations, and Defense Strategies Read More »

Smart manufacturing demands workers with AI and cybersecurity skills

Artificial Intelligence, cybersecurity, digital transformation, manufacturing sector, News, report, Rockwell Automation, survey /

Smart manufacturing demands workers with AI and cybersecurity skills 2025-08-25 at 07:13 By Sinisa Markovic The manufacturing sector is entering a new phase of digital transformation. According to Rockwell Automation’s 10th Annual State of Smart Manufacturing Report, 56% of manufacturers are piloting smart manufacturing initiatives, 20% have deployed them at scale, and another 20% are

React to this headline:

Loading spinner

Smart manufacturing demands workers with AI and cybersecurity skills Read More »

Week in review: Covertly connected and insecure Android VPN apps, Apple fixes exploited zero-day

News, Week in review /

Week in review: Covertly connected and insecure Android VPN apps, Apple fixes exploited zero-day 2025-08-24 at 11:03 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Android VPN apps used by millions are covertly connected AND insecure Three families of Android VPN apps, with a

React to this headline:

Loading spinner

Week in review: Covertly connected and insecure Android VPN apps, Apple fixes exploited zero-day Read More »

China-linked Murky Panda targets and moves laterally through cloud services

APT, China, Cloud, CrowdStrike, cyber espionage, Don't miss, Hot stuff, News /

China-linked Murky Panda targets and moves laterally through cloud services 2025-08-22 at 17:33 By Zeljka Zorz In its recently released 2025 Threat Hunting Report, Crowdstrike pointed out an interesting trend: a 136% surge in cloud intrusions. A good chunk of this surge is due to “China-nexus adversaries”, Murky Panda (aka Silk Typhoon) among them. Murky

React to this headline:

Loading spinner

China-linked Murky Panda targets and moves laterally through cloud services Read More »

Interpol operation seizes $97 million in African cybercrime sweep

arrest, cybercrime, Interpol, law enforcement, News /

Interpol operation seizes $97 million in African cybercrime sweep 2025-08-22 at 11:57 By Sinisa Markovic Authorities in Africa have arrested 1,209 people in an Interpol-led crackdown on cybercrime that targeted nearly 88,000 victims. 11,432 malicious infrastructures were dismantled during Operation Serengeti 2025 (Source: Interpol) Operation Serengeti 2.0 The operation, which ran from June to August

React to this headline:

Loading spinner

Interpol operation seizes $97 million in African cybercrime sweep Read More »

Five ways OSINT helps financial institutions to fight money laundering

Blackdot Solutions, cybersecurity, Don't miss, Expert analysis, Expert corner, financial industry, Hot stuff, News, opinion, OSINT, strategy, tips /

Five ways OSINT helps financial institutions to fight money laundering 2025-08-22 at 09:31 By Help Net Security Here are five key ways OSINT tools can help financial firms develop advanced strategies to fight money laundering criminals. 1. Reveal complex networks and ownership structures Money launderers often use layered networks of offshore entities and shell companies

React to this headline:

Loading spinner

Five ways OSINT helps financial institutions to fight money laundering Read More »

AI gives ransomware gangs a deadly upgrade

Acronis, Artificial Intelligence, cybercrime, News, report, survey /

AI gives ransomware gangs a deadly upgrade 2025-08-22 at 09:00 By Sinisa Markovic Ransomware continues to be the major threat to large and medium-sized businesses, with numerous ransomware gangs abusing AI for automation, according to Acronis. Ransomware gangs maintain pressure on victims From January to June 2025, the number of publicly reported ransomware victims jumped

React to this headline:

Loading spinner

AI gives ransomware gangs a deadly upgrade Read More »

The new battleground for CISOs is human behavior

Artificial Intelligence, cyber resilience, cybersecurity, LevelBlue, News, report, social engineering, threats /

The new battleground for CISOs is human behavior 2025-08-22 at 08:40 By Anamarija Pogorelec Attackers don’t always need a technical flaw. More often, they just trick your people. Social engineering works, and AI makes it harder to catch.” Only about one in four cybersecurity teams are effective at collaborating with the broader business (Source: LevelBlue)

React to this headline:

Loading spinner

The new battleground for CISOs is human behavior Read More »

Scroll to Top