Week in review

Week in review: 2 threat actors exploiting WinRAR 0-day, Microsoft fixes “BadSuccessor” Kerberos flaw 2025-08-17 at 12:29 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: WinRAR zero-day was exploited by two threat actors (CVE-2025-8088) The RomCom attackers aren’t the only ones that have been […]

React to this headline:

Week in review: SonicWall firewalls targeted in ransomware attacks, Black Hat USA 2025 2025-08-10 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Black Hat USA 2025 Black Hat USA 2025 took place at the Mandalay Bay Convention Center in Las Vegas. Explore

React to this headline:

Week in review: Food sector cybersecurity risks, cyber threats to space infrastructure 2025-08-03 at 10:07 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Review: LLM Engineer’s Handbook For all the excitement around LLMs, practical, engineering-focused guidance remains surprisingly hard to find. LLM Engineer’s Handbook

React to this headline:

Week in review: Microsoft SharePoint servers under attack, landing your first cybersecurity job 2025-07-27 at 11:36 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft pins on-prem SharePoint attacks on Chinese threat actors As Microsoft continues to update its customer guidance for protecting on-prem

React to this headline:

Week in review: Google fixes zero-day vulnerability in Chrome, critical SQL injection flaw in FortiWeb 2025-07-20 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Update Google Chrome to fix actively exploited zero-day (CVE-2025-6558) For the fifth time this year, Google has patched

React to this headline:

Week in review: Microsoft fixes wormable RCE bug on Windows, check for CitrixBleed 2 exploitation 2025-07-13 at 10:21 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes critical wormable Windows flaw (CVE-2025-47981) For July 2025 Patch Tuesday, Microsoft has released patches for 130

React to this headline:

Week in review: Sudo local privilege escalation flaws fixed, Google patches actively exploited Chrome 2025-07-06 at 11:09 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) If you haven’t recently updated the Sudo utility on your Linux

React to this headline:

Week in review: Backdoor found in SOHO devices running Linux, high-risk WinRAR RCE flaw patched 2025-06-29 at 10:45 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Stealthy backdoor found hiding in SOHO devices running Linux SecurityScorecard’s STRIKE team has uncovered a network of compromised

React to this headline:

Week in review: Keyloggers found on Outlook login pages, police shut down dark web drug market 2025-06-22 at 09:33 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Researchers unearth keyloggers on Outlook login pages Unknown threat actors have compromised internet-accessible Microsoft Exchange Servers of

React to this headline:

Week in review: Microsoft fixes exploited zero-day, Mirai botnets target unpatched Wazuh servers 2025-06-15 at 11:03 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053) For June 2025 Patch Tuesday, Microsoft has fixed 66 new CVEs, including

React to this headline:

Week in review: Google fixes exploited Chrome zero-day, Patch Tuesday forecast 2025-06-08 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: June 2025 Patch Tuesday forecast: Second time is the charm? Microsoft has been busy releasing more out-of-band (OOB) patches than usual throughout

React to this headline:

Week in review: NIST proposes new vulnerabilities metric, flaws in NASA’s open source software 2025-06-01 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Vulnerabilities found in NASA’s open source software Vulnerabilities in open source software developed and used in-house by NASA could

React to this headline:

Week in review: Trojanized KeePass allows ransomware attacks, cyber risks of AI hallucinations 2025-05-25 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Trojanized KeePass opens doors for ransomware attackers A suspected initial access broker has been leveraging trojanized versions of the open-source

React to this headline:

Week in review: Microsoft patches 5 actively exploited 0-days, recently fixed Chrome vulnerability exploited 2025-05-18 at 11:04 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Patch Tuesday: Microsoft fixes 5 actively exploited zero-days On May 2025 Patch Tuesday, Microsoft has released security fixes for

React to this headline:

Week in review: The impact of a CVE-free future on cyber defense, Patch Tuesday forecast 2025-05-11 at 11:06 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: What a future without CVEs means for cyber defense For many cybersecurity professionals, the CVE program is the

React to this headline:

Week in review: Critical SAP NetWeaver flaw exploited, RSAC 2025 Conference 2025-05-04 at 10:47 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: RSAC 2025 Conference RSAC 2025 Conference took place at the Moscone Center in San Francisco. Check out our microsite for related news,

React to this headline:

Week in review: MITRE ATT&CK v17.0 released, PoC for Erlang/OTP SSH bug is public 2025-04-27 at 11:06 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Released: MITRE ATT&CK v17.0, now with ESXi attack TTPs MITRE has released the latest version of its ATT&CK framework,

React to this headline:

Week in review: LLM package hallucinations harm supply chains, Nagios Log Server flaws fixed 2025-04-20 at 11:33 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) Apple has released emergency security updates for iOS/iPadOS,

React to this headline:

Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed 2025-04-13 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) April 2025 Patch Tuesday is here, and Microsoft has delivered fixes

React to this headline:

Week in review: Probing activity on Palo Alto Networks GlobalProtect portals, Patch Tuesday forecast 2025-04-06 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Attackers are probing Palo Alto Networks GlobalProtect portals Cybersecurity company GreyNoise is warning about a significant increase of scanning

React to this headline: