Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

February 2025

Apple Xcode
The XCSSET info-stealing malware is back, targeting macOS users and devs

A new, improved variant of the XCSSET macOS malware has been spotted “in limited attacks” by Microsoft’s threat researchers. XCSSET macOS malware XCSSET in …

OSINT books
Unlocking OSINT: Top books to learn from

Discover the top Open-Source Intelligence (OSINT) books in this curated list. From investigative techniques to digital footprint analysis, these titles offer insights for …

PostgreSQL
A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094)

The suspected Chinese state-sponsored hackers who breached workstations of several US Treasury employees in December 2024 did so by leveraging not one, but two zero-days, …

Bitcoin
Two Estonians plead guilty in $577M cryptocurrency Ponzi scheme

Two Estonian nationals may spend the next 20 years in prison for stealing hundreds of millions of dollars through a massive cryptocurrency Ponzi scheme, the US Department of …

Natalia Belaya
How CISOs can balance security and business agility in the cloud

In this Help Net Security interview, Natalia Belaya, CISO at Cloudera, discusses common misconceptions about cloud security, the balance between protection and business …

Orbit
Orbit: Open-source Nuclei security scanning and automation platform

Orbit is an open-source platform built to streamline large-scale Nuclei scans, enabling teams to manage, analyze, and collaborate on security findings. It features a …

AI
The hidden risks of a broken data provisioning system

In this Help Net Security video, Bart Koek, Field CTO at Immuta, discusses their 2025 State of Data Security Report, highlighting emerging challenges for IT and data security …

cybersecurity week in review
Week in review: Microsoft fixes two actively exploited 0-days, PAN-OS auth bypass hole plugged

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes two actively exploited zero-days (CVE-2025-21418, …

vCISO
vCISOs are in high demand

Regardless of job title, 92% of executives stated they had some degree of confidence in their organization’s ability to meet compliance requirements and tackle advanced …

insider threat
New GRC and cyber risk strategies emphasize risk adaptability

MetricStream has unveiled its annual forecast of key trends shaping the future of GRC and Cyber GRC. These 2025 predictions offer a roadmap for building resilience strategies, …

Microsoft 365 phishing
Threat actors are using legitimate Microsoft feature to compromise M365 accounts

Suspected Russian threat actors have been taking advantage of Microsoft Device Code Authentication to trick targets into granting them access to their Microsoft 365 (M365) …

Help Net Security
Grip Security unveils SSPM solution to strengthen SaaS security posture

Grip Security has unveiled its SaaS Security Posture Management (SSPM) solution, which proactively identifies misconfigurations, enforces best practices and strengthens SaaS …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools