June 2025

Cloud and AI drive efficiency, but open doors for attackers
AI adoption is increasing, with 84% of organizations now using AI in the cloud, according to Orca Security. But this innovation comes with new risks: 62% of organizations have …

Cybersecurity jobs available right now: June 10, 2025
Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. Automation tester (Infosec) – Vulnerability …

EU launches EU-based, privacy-focused DNS resolution service
DNS4EU, an EU-based DNS resolution service created to strengthen European Union’s digital sovereignty, has become reality. What is DNS? The Domain Name System (DNS) …

Contrast Northstar pairs runtime data and contextual analysis with AI-powered auto-remediation
Contrast Security announced Northstar, a major release for the company that redefines how businesses see cyberattacks, stop breaches, and protect their applications and APIs. …

Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113)
With an exploit for a critical Roundcube vulnerability (CVE-2025-49113) being offered for sale on underground forums and a PoC exploit having been made public, attacks …

Balancing cybersecurity and client experience for high-net-worth clients
In this Help Net Security interview, Renana Friedlich-Barsky, EVP and CISO at LPL Financial, discusses how threat actors are targeting high-net-worth clients and exploiting …

CISOs, are you ready for cyber threats in biotech?
The threat landscape in the bioeconomy is different from what most CISOs are used to. It includes traditional risks like data breaches, but the consequences are more complex. …

fiddleitm: Open-source mitmproxy add-on identifies malicious web traffic
fiddleitm is an open-source tool built on top of mitmproxy that helps find malicious web traffic. It works by checking HTTP requests and responses for known patterns that …

Enterprise SIEMs miss 79% of known MITRE ATT&CK techniques
Using the MITRE ATT&CK framework as a baseline, organizations are generally improving year-over-year in understanding security information and event management (SIEM) …

Employees repeatedly fall for vendor email compromise attacks
In just 12 months, attackers attempted to steal more than $300 million via vendor email compromise (VEC), with 7% of engagements coming from employees who had engaged with a …

Week in review: Google fixes exploited Chrome zero-day, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: June 2025 Patch Tuesday forecast: Second time is the charm? Microsoft has …

Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them?
Millions of Internet-of-Things (IoT) devices running the open-source version of the Android operating system are part of the Badbox 2.0 botnet, the FBI has warned. Cyber …