January 2025
ExtensionHound: Open-source tool for Chrome extension DNS forensics
Traditional monitoring tools reveal only traffic from the Chrome process, leaving security teams uncertain about which extension is responsible for a suspicious DNS query. …
89% of AI-powered APIs rely on insecure authentication mechanisms
APIs have emerged as the predominant attack surface over the past year, with AI being the biggest driver of API security risks, according to Wallarm. “Based on our findings, …
How to use Hide My Email to protect your inbox from spam
Hide My Email is a service that comes with iCloud+, Apple’s subscription-based service. It allows users to generate one-time-use or reusable email addresses that forward …
Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891)
CVE-2024-40891, a command injection vulnerability in Zyxel CPE Series telecommunications devices that has yet to be fixed by the manufacturer, is being targeted by attackers, …
Swimlane Vulnerability Response Management offers risk-based prioritization
Swimlane announced Vulnerability Response Management (VRM) Solution that extends beyond siloed vulnerability management by offering risk-based prioritization, exploit …
DeepSeek’s popularity exploited by malware peddlers, scammers
As US-based AI companies struggle with the news that the recently released Chinese-made open source DeepSeek-R1 reasoning model performs as well as theirs for a fraction of …
authID PrivacyKey protects users’ biometric identities
authID released PrivacyKey, a solution for protecting user biometric data while also avoiding all the compliance issues and risks related to biometric information storage. …
Bitwarden centralizes cryptographic key management
Bitwarden announced it has strengthened its Password Manager with secure shell management (SSH). This update centralizes cryptographic key management, enabling secure storage, …
Absolute Resilience Platform updates improve resilience across endpoints
Absolute Security announced that the Absolute Resilience Platform has expanded to provide customers with integrated, resilient, and automated patch management, vulnerability …
How Lazarus Group built a cyber espionage empire
Since September 2024, SecurityScorecard’s STRIKE team has been investigating Lazarus Group’s activity, uncovering key details about their infrastructure. Despite …
Cyberhaven for AI provides visibility into AI tool usage
Cyberhaven launched Cyberhaven for AI, a solution that enables enterprises to securely adopt generative AI while protecting sensitive corporate data. The announcement comes as …
Preparing financial institutions for the next generation of cyber threats
In this Help Net Security interview, James Mirfin, SVP and Head of Risk and Identity Solutions at Visa, discusses key priorities for leaders combating fraud, the …
Featured news
Resources
Don't miss
- How neighbors could spy on smart homes
- How the City of Toronto embeds security across governance and operations
- Hottest cybersecurity open-source tools of the month: October 2025
- OpenAI’s gpt-oss-safeguard enables developers to build safer AI
- Sanctions won’t stop cyberattacks, but they can still “bite”