Week in review: The impact of a CVE-free future on cyber defense, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
What a future without CVEs means for cyber defense
For many cybersecurity professionals, the CVE program is the foundation for hands-on cybersecurity practice and crucial benchmarking of security preparedness.
May 2025 Patch Tuesday forecast: Panic, change, and hope
A bit of chaos ensued in the following weeks with the announcement that MITRE would no longer be supporting the CVE Program due to a contract expiration and funding cut.
UK retailers under cyber attack: Co-op member data compromised
UK-based retailers Marks & Spencer, Co-op, and Harrods have been targeted by cyber attackers in the last few weeks.
How CISOs can talk cybersecurity so it makes sense to executives
For years, CISOs have struggled to get boards to understand security beyond buzzwords. Many feel they’re either ignored or misunderstood. But with threats growing and regulations tightening, that’s changing. Boards now expect CISOs to speak their language: risk, dollars, impact.
The many variants of the ClickFix social engineering tactic
As new malware delivery campaigns using the ClickFix social engineering tactic are spotted nearly every month, it’s interesting to see how the various attackers are trying to refine the two main elements: the lure and the “instruction” page.
Even the best safeguards can’t stop LLMs from being fooled
In this Help Net Security interview, Michael Pound, Associate Professor at the University of Nottingham shares his insights on the cybersecurity risks associated with LLMs.
Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819)
SonicWall has fixed multiple vulnerabilities affecting its SMA100 Series devices, one of which (CVE-2025-32819) appears to be a patch bypass for an arbitrary file delete vulnerability that was exploited in zero-day attacks in early 2021, and may have also been leveraged in the wild.
Rethinking AppSec: How DevOps, containers, and serverless are changing the rules
Application security is changing fast. In this Help Net Security interview, Loris Gutic, Global CISO at Bright, talks about what it takes to keep up.
PoC exploit for SysAid pre-auth RCE released, upgrade quickly!
WatchTowr researchers have released a proof-of-concept (PoC) exploit that chains two vulnerabilities in SysAid On-Prem – the self-hosted version of the platform behind SysAid’s popular IT service management and IT helpdesk solutions – to achieve unauthenticated remote code execution on the underlying server.
LockBit hacked: What does the leaked data show?
The affiliate panel of the infamous LockBit Ransomware-as-a-Service (RaaS) group has been hacked and defaced, showing a link to a MySQL database dump ostensibly containing leaked data relating to the group’s operations.
What it really takes to build a resilient cyber program
In this Help Net Security interview, Dylan Owen, CISO at Nightwing, talks about what it really takes to build an effective defense: choosing the right frameworks, setting up processes, and getting everyone on the same page.
Actively exploited FreeType flaw fixed in Android (CVE-2025-27363)
Google has released fixes for a bucketload of Android security vulnerabilities, including a FreeType flaw (CVE-2025-27363) that “may be under limited, targeted exploitation.”
How OSINT supports financial crime investigations
In this Help Net Security interview, Stuart Clarke, CEO at Blackdot Solutions, discusses the strategic use of open-source intelligence (OSINT) in tackling financial crime.
RCE flaw in tool for building AI agents exploited by attackers (CVE-2025-3248)
A missing authentication vulnerability (CVE-2025-3248) in Langflow, a web application for building AI-driven agents, is being exploited by attackers in the wild, CISA has confirmed by adding it to its Known Exploited Vulnerabilities (KEV) catalog.
Cisco’s new chip wants to scale quantum computing faster
Cisco is making significant strides in quantum computing by focusing on quantum networking, aiming to bring practical applications closer to reality.
Exploited: Vulnerability in software for managing Samsung digital displays (CVE-2024-7399)
An easily and remotely exploitable vulnerability (CVE-2024-7399) affecting Samsung MagicINFO, a platform for managing content on Samsung commercial displays, is being leveraged by attackers.
Digital welfare fraud: ALTSRUS syndicate exploits the financially vulnerable
A new report from bot defense firm Kasada has exposed the growing threat of ALTSRUS, a fraud syndicate targeting some of the most vulnerable corners of the digital economy.
How agentic AI and non-human identities are transforming cybersecurity
Within the average enterprise, non-human identities (NHIs) now outnumber employees, contractors, and customers by anything between 10-to-1 and 92-to-1.
Key tips to stay safe from deepfake and AI threats
In this Help Net Security video, Joshua McKenty, CEO of Polyguard, talks about how to protect yourself from deepfake and AI threats, which are getting harder to spot and easier to launch.
Review: Effective Vulnerability Management
Effective Vulnerability Management offers a view of a key part of cybersecurity, showing how practices, tools, and processes can help organizations reduce risk.
Ransomware spike exposes cracks in cloud security
90% of IT and security leaders said their organization experienced a cyberattack within the last year, according to a report by Rubrik.
Vuls: Open-source agentless vulnerability scanner
Vuls is an open-source tool that helps users find and manage security vulnerabilities. It was created to solve the daily problems admins face when trying to keep servers secure.
Review: AI Agents in Action
If you’re trying to make sense of how to actually build AI agents, not just talk about them, AI Agents in Action might be for you.
1 in 3 workers keep AI use a secret
30% of employees who use GenAI tools at work worry their job may be cut and 27% experience AI-fueled imposter syndrome, saying they don’t want people to question their ability, according to Ivanti.
How cybercriminals exploit psychological triggers in social engineering attacks
Some people are easier to manipulate than others, but no matter how good we are in recognizing social engineering everyone could have a bad day and could let their guard down.
Wave of tech layoffs leads to more job scams
The tech industry is experiencing significant layoffs, leaving thousands of IT and cybersecurity professionals in search of new employment opportunities. Unfortunately, as these individuals search for new opportunities, scammers are actively preying on them.
Cybersecurity jobs available right now: May 6, 2025
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.
Webinar: Securely migrating to the cloud
Whether your organization is already in the cloud or just starting to plan your migration, security is a top priority. This webinar will help you to better understand your options for cloud migration as well as learn how to prioritize cloud security and compliance before you’re even in the cloud using resources from the Center for Internet Security (CIS).
New infosec products of the week: May 9, 2025
Here’s a look at the most interesting products from the past week, featuring releases from ProcessUnity, Searchlight Cyber, ServiceNow, and Verosint.