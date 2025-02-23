Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094)

The suspected Chinese state-sponsored hackers who breached workstations of several US Treasury employees in December 2024 did so by leveraging not one, but two zero-days, according to Rapid7 researchers.

Unlocking OSINT: Top books to learn from

Discover the top Open-Source Intelligence (OSINT) books in this curated list.

Mastering the cybersecurity tightrope of protection, detection, and response

In this Help Net Security interview, Chester Wisniewski, Director and Global Field CISO at Sophos, discusses the shifting ransomware landscape, the risks posed by quantum decryption threats, and the role of vendor security validation.

PRevent: Open-source tool to detect malicious code in pull requests

Apiiro security researchers have released open source tools that can help organizations detect malicious code as part of their software development lifecycle: PRevent (a scanner for pull requests), and a malicious code detection ruleset for Semgrep and Opengrep static code analysis tools.

Unknown and unsecured: The risks of poor asset visibility

In this Help Net Security interview, Juliette Hudson, CTO of CybaVerse, discusses why asset visibility remains a critical cybersecurity challenge.

Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand

A new, improved version of Darcula, a cat-themed phishing-as-a-service (PhaaS) platform aimed at serving Chinese-speaking criminals, will be released this month and will allow malicious users to create customized phishing kits to target a wider variety of brands than ever before, Netcraft researchers are warning.

The risks of autonomous AI in machine-to-machine interactions

In this Help Net Security, Oded Hareven, CEO of Akeyless Security, discusses how enterprises should adapt their cybersecurity strategies to address the growing need for machine-to-machine (M2M) security.

Attackers are chaining flaws to breach Palo Alto Networks firewalls

Exploitation attempts targeting CVE-2025-0108, a recently disclosed authentication bypass vulnerability affecting the management web interface of Palo Alto Networks’ firewalls, are ramping up.

How CISOs can balance security and business agility in the cloud

In this Help Net Security interview, Natalia Belaya, CISO at Cloudera, discusses common misconceptions about cloud security, the balance between protection and business agility, and overlooked risks that CISOs should prioritize.

BlackLock ransomware onslaught: What to expect and how to fight it

BlackLock is on track to become the most active ransomware-as-a-service (RaaS) outfit in 2025, according to ReliaQuest.

Kunai: Open-source threat hunting tool for Linux

Kunai is an open-source tool that provides deep and precise event monitoring for Linux environments.

The XCSSET info-stealing malware is back, targeting macOS users and devs

A new, improved variant of the XCSSET macOS malware has been spotted “in limited attacks” by Microsoft’s threat researchers.

Orbit: Open-source Nuclei security scanning and automation platform

Orbit is an open-source platform built to streamline large-scale Nuclei scans, enabling teams to manage, analyze, and collaborate on security findings.

Two Estonians plead guilty in $577M cryptocurrency Ponzi scheme

Two Estonian nationals may spend the next 20 years in prison for stealing hundreds of millions of dollars through a massive cryptocurrency Ponzi scheme, the US Department of Justice announced last week.

6 considerations for 2025 cybersecurity investment decisions

Cybersecurity professionals may be concerned about the constantly shifting threat landscape. From the increased use of artificial intelligence (AI) by malicious actors to the expanding attack surface, cybersecurity risks evolve, and defenders need to mitigate them.

VC-backed cybersecurity startups and the exit crunch

In this Help Net Security video, Mark Kraynak, Founding Partner at Acrew Capital, breaks down the Exit Escape Velocity for Cybersecurity Startups report to explore the challenges of IPOs and M&A deals in the post-COVID era.

Cyber hygiene habits that many still ignore

Cybersecurity advice is everywhere. We’re constantly reminded to update our passwords, enable two-factor authentication, and avoid clicking suspicious links. Yet, beneath these practical steps lie deeper cyber hygiene habits that, despite their importance, are frequently overlooked.

The hidden risks of a broken data provisioning system

In this Help Net Security video, Bart Koek, Field CTO at Immuta, discusses their 2025 State of Data Security Report, highlighting emerging challenges for IT and data security leaders.

300% increase in endpoint malware detections

The third quarter of 2024 saw a dramatic shift in the types of malware detected at network perimeters, according to a new WatchGuard report.

Cybercriminals shift focus to social media as attacks reach historic highs

A new report from Gen highlights a sharp rise in online threats, capping off a record-breaking 2024.

How to secure Notes on iOS and macOS

Apple allows you to lock your notes using your iPhone passcode or a separate password, ensuring your private information stays protected across all your Apple devices, including iOS and macOS.

iOS 18 settings to lock down your privacy and security

Enhancing your security and privacy on iOS 18 involves configuring various settings to control access to your personal data and device features. Here are 12 essential settings to consider.

Cybersecurity jobs available right now: February 18, 2025

We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field, with opportunities available both in the USA and around the world. Check out this weekly selection of cybersecurity jobs available right now.

Balancing cloud security with performance and availability

The Center for Internet Security (CIS) understands how much you value performance and availability in your business’s cloud environments. It also recognizes how cloud security resources mean little if they don’t work for you and your business’s priorities, including cloud performance and availability.

New infosec products of the week: February 21, 2025

Here’s a look at the most interesting products from the past week, featuring releases from 1Password, Fortinet, Pangea, Privacera, and Veeam Software.