January 2024
Critical GitLab flaw allows account takeover without user interaction, patch quickly! (CVE-2023-7028)
A critical vulnerability in GitLab CE/EE (CVE-2023-7028) can be easily exploited by attackers to reset GitLab user account passwords. While also vulnerable, users who have …
Behavox Intelligent Archive simplifies operations for the unified tech stack
Behavox launched the Behavox Intelligent Archive. This new offering is WORM (Write Once, Read Many) compliant and seamlessly integrates with the Behavox surveillance product. …
HackerOne collaborates with Semgrep to streamline code review for modern development
HackerOne announced a partnership with code security solution, Semgrep, to combine Semgrep’s automated code security tools with expert support from HackerOne PullRequest …
Cloud security predictions for 2024
As we reflect on the cybersecurity landscape and the trajectories of threat vectors, it’s evident that we’re on the cusp of a paradigm shift in cloud security. …
New infosec products of the week: January 12, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Critical Start, Dasera, ID R&D, and SpecterOps. SpecterOps adds new Attack …
Cyber budgets and the VC landscape in 2024
In this Help Net Security video, Marcus Bartram, General Partner at Telstra Ventures, discusses his 2024 cybersecurity predictions: The U.S. will be in a recession by Q4 2024, …
LLM hype fades as enterprises embrace targeted AI models
2023 was the year of AI enterprise adoption, with 55% of organizations adopting AI into their workflows, according to a recent report from McKinsey & Co. This adoption …
Radiant Logic combines AI and data to reinvent the user access review process
Radiant Logic unveiled RadiantOne AI, its data lake powered Artificial Intelligence engine, and AIDA, its Generative AI Data Assistant. RadiantOne AI is designed to complement …
Critical Cisco Unity Connection flaw gives attackers root privileges. Patch now! (CVE-2024-20272)
Cisco has fixed a critical vulnerability (CVE-2024-20272) in Cisco Unity Connection that could allow an unauthenticated attacker to upload arbitrary files and gain root …
Ivanti Connect Secure zero-days exploited by attackers (CVE-2023-46805, CVE-2024-21887)
Two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Ivanti Connect Secure VPN devices are under active exploitation by unknown attackers, Volexity researchers …
VicOne partners with BlackBerry to help detect cyberthreats to connected cars
VicOne announced a partnership with BlackBerry to strengthen the cybersecurity posture of the automotive ecosystem. By leveraging ML processing at the edge and …
Vanta appoints Jadee Hanson as CISO
Vanta announced that it has appointed Jadee Hanson as its CISO, overseeing Security, Enterprise Engineering, Privacy and Governance, Risk and Compliance (GRC), reporting …
Featured news
Resources
Don't miss
- Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)
- Stealthy attack serves poisoned web pages only to AI agents
- September 2025 Patch Tuesday forecast: The CVE matrix
- Google fixes actively exploited Android vulnerabilities (CVE-2025-48543, CVE-2025-38352)
- CyberFlex: Flexible Pen testing as a Service with EASM