News

Ransomware groups are multiplying, raising the stakes for defenders

cybercrime, cybersecurity, Malware, News, Ransomware, report, Searchlight Cyber /

Ransomware groups are multiplying, raising the stakes for defenders 2025-09-26 at 09:08 By Sinisa Markovic Ransomware activity is climbing again, with a steep increase in the number of victims and the number of groups launching attacks. A new mid-year report from Searchlight Cyber shows how quickly the threat landscape is shifting and why CISOs need […]

React to this headline:

Loading spinner

Ransomware groups are multiplying, raising the stakes for defenders Read More »

Delinea releases free open-source MCP server to secure AI agents

agentic AI, Artificial Intelligence, cybersecurity, Delinea, GitHub, News, open source, software /

Delinea releases free open-source MCP server to secure AI agents 2025-09-26 at 08:06 By Sinisa Markovic AI agents are becoming more common in the workplace, but giving them access to sensitive systems can be risky. Credentials often get stored in plain text, added to prompts, or passed around without proper oversight. Delinea wants to fix

React to this headline:

Loading spinner

Delinea releases free open-source MCP server to secure AI agents Read More »

How agentic AI is changing the SOC

agentic AI, Artificial Intelligence, Don't miss, Lumifi, News, security operations, SOC, Video /

How agentic AI is changing the SOC 2025-09-26 at 07:48 By Help Net Security In this Help Net Security video, David Norlin, CTO of Lumifi, explores the role of agentic AI in the security operations center (SOC). He explains what agentic AI is, how it can enhance cybersecurity workflows by automating repetitive tasks, and why

React to this headline:

Loading spinner

How agentic AI is changing the SOC Read More »

Infosec products of the month: September 2025

Absolute Security, Blackdot Solutions, Catchpoint, Cynomi, DataLocker, Gigamon, Lookout, Nagomi Security, Neon Cyber, News, QuSecure, Relyance AI, Secure Code Warrior, Teleport /

Infosec products of the month: September 2025 2025-09-26 at 07:22 By Anamarija Pogorelec Here’s a look at the most interesting products from the past month, featuring releases from: Absolute Security, Blackdot Solutions, Catchpoint, Cynomi, DataLocker, Gigamon, Lookout, Nagomi Security, Neon Cyber, QuSecure, Relyance AI, Secure Code Warrior, and Teleport. Cynomi simplifies vendor risk management Cynomi’s

React to this headline:

Loading spinner

Infosec products of the month: September 2025 Read More »

European Windows 10 users get an additional year of free security updates

consumer, Don't miss, Europe, Hot stuff, Microsoft, News, security update, Windows /

European Windows 10 users get an additional year of free security updates 2025-09-25 at 21:26 By Zeljka Zorz Windows 10 users in the European Economic Area (EEA) will be able to receive extended security updates until October 14, 2026, without having to pay for them or to back up their settings, apps, or credentials to

React to this headline:

Loading spinner

European Windows 10 users get an additional year of free security updates Read More »

Microsoft spots LLM-obfuscated phishing attack

Don't miss, Hot stuff, LLMs, malware detection, Microsoft, News, phishing /

Microsoft spots LLM-obfuscated phishing attack 2025-09-25 at 19:00 By Zeljka Zorz Cybercriminals are increasingly using AI-powered tools and (malicious) large language models to create convincing, error-free emails, deepfakes, online personas, lookalike/fake websites, and malware. There’s even been a documented instance of an attacker using the agentic AI coding assistant Claude Code (along with Kali Linux)

React to this headline:

Loading spinner

Microsoft spots LLM-obfuscated phishing attack Read More »

Cisco fixes IOS/IOS XE zero-day exploited by attackers (CVE-2025-20352)

0-day, Cisco, Don't miss, enterprise, Hot stuff, News, security update, SMBs /

Cisco fixes IOS/IOS XE zero-day exploited by attackers (CVE-2025-20352) 2025-09-25 at 15:33 By Zeljka Zorz Cisco has fixed 14 vulnerabilities in IOS and IOS XE software, among them CVE-2025-20352, a high-severity vulnerability that has been exploited in zero-day attacks. About CVE-2025-20352 Cisco IOS software can be found on older models of Cisco Catalyst switches, Integrated

React to this headline:

Loading spinner

Cisco fixes IOS/IOS XE zero-day exploited by attackers (CVE-2025-20352) Read More »

North Korean IT workers use fake profiles to steal crypto

Cryptocurrency, cybercrime, cybercriminals, Don't miss, ESET, fraud, News, North Korea /

North Korean IT workers use fake profiles to steal crypto 2025-09-25 at 12:04 By Sinisa Markovic ESET Research has published new findings on DeceptiveDevelopment, also called Contagious Interview. This North Korea-aligned group has become more active in recent years and focuses on stealing cryptocurrency. It targets freelance developers working on Windows, Linux, and macOS systems.

React to this headline:

Loading spinner

North Korean IT workers use fake profiles to steal crypto Read More »

Predicting DDoS attacks: How deep learning could give defenders an early warning

attacks, botnet, cybercrime, cybersecurity, DDoS, Don't miss, Internet of Things, News, research, threats /

Predicting DDoS attacks: How deep learning could give defenders an early warning 2025-09-25 at 10:12 By Sinisa Markovic Distributed denial-of-service (DDoS) attacks remain one of the most common and disruptive forms of cybercrime. Defenders have traditionally focused on detecting these attacks once they are underway. New research suggests that predicting DDoS attacks in advance may

React to this headline:

Loading spinner

Predicting DDoS attacks: How deep learning could give defenders an early warning Read More »

$439 million recovered in global financial crime crackdown

cybercrime, Interpol, law enforcement, News /

$439 million recovered in global financial crime crackdown 2025-09-25 at 10:12 By Anamarija Pogorelec Authorities around the world have recovered $439 million from criminals following a months-long operation led by INTERPOL. The effort, called HAECHI VI, ran from April through August 2025 and involved police in 40 countries and territories working together to track and

React to this headline:

Loading spinner

$439 million recovered in global financial crime crackdown Read More »

The fight to lock down drones and their supply chains

cybersecurity, drones, Government, News, strategy, threats /

The fight to lock down drones and their supply chains 2025-09-25 at 10:12 By Sinisa Markovic Drones have already shown their impact in military operations, and their influence is spreading across the agricultural and industrial sectors. Given their technological capabilities, we need to be aware of the risks they bring. Drones as a new attack

React to this headline:

Loading spinner

The fight to lock down drones and their supply chains Read More »

New framework sets baseline for SaaS security controls

AppOmni, cloud security, Cloud Security Alliance, enterprise, framework, GuidePoint Security, MongoDB, News, SaaS /

New framework sets baseline for SaaS security controls 2025-09-25 at 10:12 By Anamarija Pogorelec Managing security across dozens or even hundreds of SaaS apps has become a major headache. Each tool has its own settings, permissions, and logs, and most third-party risk processes only look at the vendor’s overall security, not the app itself. That

React to this headline:

Loading spinner

New framework sets baseline for SaaS security controls Read More »

GenAI is exposing sensitive data at scale

Artificial Intelligence, Concentric AI, cybersecurity, Data leak, data security, generative AI, News, report, survey /

GenAI is exposing sensitive data at scale 2025-09-25 at 07:46 By Anamarija Pogorelec Sensitive data is everywhere and growing fast. A new report from Concentric AI highlights how unstructured data, duplicate files, and risky sharing practices are creating serious problems for security teams. The findings show how generative AI tools like Microsoft Copilot are adding

React to this headline:

Loading spinner

GenAI is exposing sensitive data at scale Read More »

AI is rewriting the rules of cyber defense

Artificial Intelligence, cybercriminals, cybersecurity, Lenovo, News, report /

AI is rewriting the rules of cyber defense 2025-09-25 at 07:01 By Anamarija Pogorelec Enterprise security teams are underprepared to detect new, adaptive AI-powered threats. The study, published by Lenovo, surveyed 600 IT leaders across major markets and shows widespread concern about external and internal risks, along with low confidence in current defenses. External AI

React to this headline:

Loading spinner

AI is rewriting the rules of cyber defense Read More »

US Secret Service Blocks Massive Telecom Attack in New York

Emerging Threats, Government, News /

US Secret Service Blocks Massive Telecom Attack in New York 2025-09-24 at 19:44 By Karl Sigler The Secret Service’s takedown in New York shines a light on a type of threat that is technically fascinating and deeply concerning for national security: large-scale cellular interception networks leveraging cell-site simulators (CSS), also known as IMSI catchers or

React to this headline:

Loading spinner

US Secret Service Blocks Massive Telecom Attack in New York Read More »

SolarWinds fixes critical Web Help Desk RCE vulnerability (CVE-2025-26399)

Don't miss, Hot stuff, News, patch, SolarWinds, vulnerability /

SolarWinds fixes critical Web Help Desk RCE vulnerability (CVE-2025-26399) 2025-09-24 at 19:44 By Zeljka Zorz SolarWinds has fixed yet another unauthenticated remote code execution vulnerability (CVE-2025-26399) in Web Help Desk (WHD), its popular web-based IT ticketing and asset management solution. While the vulnerability is currently not being leveraged by attackers, they might soon reverse-engineer the

React to this headline:

Loading spinner

SolarWinds fixes critical Web Help Desk RCE vulnerability (CVE-2025-26399) Read More »

Libraesva ESG zero-day vulnerability exploited by attackers (CVE-2025-59689)

0-day, Don't miss, email security, government-backed attacks, Hot stuff, Libraesva, News, security update /

Libraesva ESG zero-day vulnerability exploited by attackers (CVE-2025-59689) 2025-09-24 at 15:17 By Zeljka Zorz Suspected state-sponsored attackers have exploited a zero-day vulnerability (CVE-2025-59689) in the Libraesva Email Security Gateway (ESG), the Italian email security company has confirmed. About CVE-2025-59689 CVE-2025-59689 is a command injection vulnerability caused by improper sanitization when removing active code from files

React to this headline:

Loading spinner

Libraesva ESG zero-day vulnerability exploited by attackers (CVE-2025-59689) Read More »

€100M crypto scam busted: Five arrested in Europe-wide operation

arrest, Cryptocurrency, cybercrime, EU, Europe, Europol, fraud, law enforcement, News /

€100M crypto scam busted: Five arrested in Europe-wide operation 2025-09-24 at 13:18 By Anamarija Pogorelec A cross-border cryptocurrency scam has left investors across Europe with losses of more than €100 million. Authorities in several countries worked together to shut down the operation and arrest those behind it. How the scheme worked The fraudsters ran what

React to this headline:

Loading spinner

€100M crypto scam busted: Five arrested in Europe-wide operation Read More »

Kali Linux 2025.3 brings improved virtual machine tooling, 10 new tools

Don't miss, Hot stuff, Kali Linux, News, OffSec, open source, penetration testing, software /

Kali Linux 2025.3 brings improved virtual machine tooling, 10 new tools 2025-09-24 at 12:19 By Zeljka Zorz OffSec has released Kali Linux 2025.3, the most up-to-date version of its popular penetration testing and digital forensics platform. What’s new in Kali Linux 2025.3 Better virtual machine tooling The way Kali builds and ships its VM images

React to this headline:

Loading spinner

Kali Linux 2025.3 brings improved virtual machine tooling, 10 new tools Read More »

Building a stronger SOC through AI augmentation

Artificial Intelligence, cybersecurity, Don't miss, Features, Hot stuff, Incident Response, LLMs, News, OpenText, SOC, strategy /

Building a stronger SOC through AI augmentation 2025-09-24 at 09:22 By Mirko Zorz In this Help Net Security interview, Tim Bramble, Director of Threat Detection and Response at OpenText, discusses how SOC teams are gaining value from AI in detecting and prioritizing threats. By learning what “normal” looks like across users and systems, AI helps

React to this headline:

Loading spinner

Building a stronger SOC through AI augmentation Read More »

Scroll to Top