Week in review

Week in review: Salesloft Drift breach investigation results, malicious GitHub Desktop installers 2025-09-14 at 11:06 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Salesloft Drift data breach: Investigation reveals how attackers got in The attack that resulted in the Salesloft Drift data breach started […]

React to this headline:

Week in review: Several companies affected by the Salesloft Drift breach, Sitecore 0-day vulnerability 2025-09-07 at 11:04 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Zscaler, Palo Alto Networks, SpyCloud among the affected by Salesloft Drift breach In the wake of last week’s revelation

React to this headline:

Week in review: 300k+ Plex Media Server instances still vulnerable to attack, exploited Git RCE flaw 2025-08-31 at 13:37 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158 Over 300,000 internet-facing Plex Media Server

React to this headline:

Week in review: Covertly connected and insecure Android VPN apps, Apple fixes exploited zero-day 2025-08-24 at 11:03 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Android VPN apps used by millions are covertly connected AND insecure Three families of Android VPN apps, with a

React to this headline:

Week in review: 2 threat actors exploiting WinRAR 0-day, Microsoft fixes “BadSuccessor” Kerberos flaw 2025-08-17 at 12:29 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: WinRAR zero-day was exploited by two threat actors (CVE-2025-8088) The RomCom attackers aren’t the only ones that have been

React to this headline:

Week in review: SonicWall firewalls targeted in ransomware attacks, Black Hat USA 2025 2025-08-10 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Black Hat USA 2025 Black Hat USA 2025 took place at the Mandalay Bay Convention Center in Las Vegas. Explore

React to this headline:

Week in review: Food sector cybersecurity risks, cyber threats to space infrastructure 2025-08-03 at 10:07 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Review: LLM Engineer’s Handbook For all the excitement around LLMs, practical, engineering-focused guidance remains surprisingly hard to find. LLM Engineer’s Handbook

React to this headline:

Week in review: Microsoft SharePoint servers under attack, landing your first cybersecurity job 2025-07-27 at 11:36 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft pins on-prem SharePoint attacks on Chinese threat actors As Microsoft continues to update its customer guidance for protecting on-prem

React to this headline:

Week in review: Google fixes zero-day vulnerability in Chrome, critical SQL injection flaw in FortiWeb 2025-07-20 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Update Google Chrome to fix actively exploited zero-day (CVE-2025-6558) For the fifth time this year, Google has patched

React to this headline:

Week in review: Microsoft fixes wormable RCE bug on Windows, check for CitrixBleed 2 exploitation 2025-07-13 at 10:21 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes critical wormable Windows flaw (CVE-2025-47981) For July 2025 Patch Tuesday, Microsoft has released patches for 130

React to this headline:

Week in review: Sudo local privilege escalation flaws fixed, Google patches actively exploited Chrome 2025-07-06 at 11:09 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) If you haven’t recently updated the Sudo utility on your Linux

React to this headline:

Week in review: Backdoor found in SOHO devices running Linux, high-risk WinRAR RCE flaw patched 2025-06-29 at 10:45 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Stealthy backdoor found hiding in SOHO devices running Linux SecurityScorecard’s STRIKE team has uncovered a network of compromised

React to this headline:

Week in review: Keyloggers found on Outlook login pages, police shut down dark web drug market 2025-06-22 at 09:33 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Researchers unearth keyloggers on Outlook login pages Unknown threat actors have compromised internet-accessible Microsoft Exchange Servers of

React to this headline:

Week in review: Microsoft fixes exploited zero-day, Mirai botnets target unpatched Wazuh servers 2025-06-15 at 11:03 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053) For June 2025 Patch Tuesday, Microsoft has fixed 66 new CVEs, including

React to this headline:

Week in review: Google fixes exploited Chrome zero-day, Patch Tuesday forecast 2025-06-08 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: June 2025 Patch Tuesday forecast: Second time is the charm? Microsoft has been busy releasing more out-of-band (OOB) patches than usual throughout

React to this headline:

Week in review: NIST proposes new vulnerabilities metric, flaws in NASA’s open source software 2025-06-01 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Vulnerabilities found in NASA’s open source software Vulnerabilities in open source software developed and used in-house by NASA could

React to this headline:

Week in review: Trojanized KeePass allows ransomware attacks, cyber risks of AI hallucinations 2025-05-25 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Trojanized KeePass opens doors for ransomware attackers A suspected initial access broker has been leveraging trojanized versions of the open-source

React to this headline:

Week in review: Microsoft patches 5 actively exploited 0-days, recently fixed Chrome vulnerability exploited 2025-05-18 at 11:04 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Patch Tuesday: Microsoft fixes 5 actively exploited zero-days On May 2025 Patch Tuesday, Microsoft has released security fixes for

React to this headline:

Week in review: The impact of a CVE-free future on cyber defense, Patch Tuesday forecast 2025-05-11 at 11:06 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: What a future without CVEs means for cyber defense For many cybersecurity professionals, the CVE program is the

React to this headline:

Week in review: Critical SAP NetWeaver flaw exploited, RSAC 2025 Conference 2025-05-04 at 10:47 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: RSAC 2025 Conference RSAC 2025 Conference took place at the Moscone Center in San Francisco. Check out our microsite for related news,

React to this headline: