July 2025
Six months into DORA, most financial firms are still not ready
It’s been six months since the EU’s Digital Operational Resilience Act (DORA) came into effect, but a new Censuswide survey shows that nearly all financial services …
New infosec products of the week: July 25, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Akeyless, Bitdefender, Malwarebytes, ManageEngine, PlexTrac, and Seemplicity. …
Storm-2603 spotted deploying ransomware on exploited SharePoint servers
One of the groups that, in the past few weeks, has been exploiting vulnerabilities in on-prem SharePoint installation has been observed deploying Warlock ransomware, Microsoft …
CISO New York 2025 brings together top cybersecurity leaders
The annual CISO New York summit will be held on September 9, 2025, uniting over 150 senior cybersecurity executives for a full day of insight, strategy, and collaboration at …
Intel 471 Guided Threat Hunts enables teams to measure hunt success metrics
Intel 471 launched Guided Threat Hunts, a new method-driven tool within the Hunt Management Module, part of our HUNTER solution. As threat hunting for advanced adversaries …
Sonicwall fixes critical flaw in SMA appliances, urges customers to check for compromise (CVE-2025-40599)
Sonicwall is asking customers running specific Secure Mobile Access (SMA) 100 Series devices to patch a newly uncovered vulnerability (CVE-2025-40599) as soon as possible. …
Autoswagger: Open-source tool to expose hidden API authorization flaws
Autoswagger is a free, open-source tool that scans OpenAPI-documented APIs for broken authorization vulnerabilities. These flaws are still common, even at large enterprises …
Why outsourcing cybersecurity is rising in the Adriatic region
In this Help Net Security interview, Aleksandar Stančin, Board Member Adriatics, Exclusive Networks, discusses the state of cybersecurity in the Adriatic region. He talks …
Your app is under attack every 3 minutes
Application-layer attacks have become one of the most common and consequential methods adversaries use to gain access and compromise organizations, according to Contrast …
Most data breaches have unknown causes as transparency continues to fall
The Identity Theft Resource Center (ITRC) reports 1,732 publicly disclosed data breaches in H1 2025, marking a 5% increase over the same period in 2024. The ITRC could track a …
Microsoft rolls out Windows 11 “quick recovery” feature
With the latest Windows 11 update, Microsoft is saying goodbye to the infamous “Blue Screen of Death” and has enabled the quick machine recovery feature by default …
Mastermind behind Russian-speaking cybercrime hub arrested in Ukraine
The suspected administrator of xss.is, one of the world’s most influential Russian-speaking cybercrime forums, was arrested in Kyiv, Ukraine, on 22 July. The takedown followed …
Featured news
Resources
Don't miss
- Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)
- Stealthy attack serves poisoned web pages only to AI agents
- September 2025 Patch Tuesday forecast: The CVE matrix
- Google fixes actively exploited Android vulnerabilities (CVE-2025-48543, CVE-2025-38352)
- CyberFlex: Flexible Pen testing as a Service with EASM