September 2025

CISA says it will fill the gap as federal funding for MS-ISAC dries up
The cooperative agreement between the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the not-for-profit Center for Internet Security is ending today, the …

Acronis brings patch management to consumer backup software
Acronis announced the general availability of Acronis True Image 2026, the new release of its natively integrated backup and security software for consumers and small …

Webinar: The BAS Summit 2025: Redefining Attack Simulation through AI
Join Picus Security, SANS, Hacker Valley, and leading CISOs at The BAS Summit 2025 to learn how AI is redefining Breach and Attack Simulation (BAS) and why it’s becoming the …

Western Digital My Cloud NAS devices vulnerable to unauthenticated RCE (CVE-2025-30247)
Western Digital has fixed a critical remote code execution vulnerability (CVE-2025-30247) in the firmware powering its My Cloud network-attached storage (NAS) devices, and has …

Ivanti upgrades Connect Secure with hardened system and gateway improvements
Ivanti released Ivanti Connect Secure (ICS) version 25.X. The update includes a modernized enterprise-grade OS, platform hardening, and gateway enhancements designed to reduce …

Legit’s Command Center tracks AI code, models, and MCP server usage across the SDLC
Legit Security has updated its AI Security Command Center. As vibe coding and AI-first development reshape how software is built, the Command Center offers visibility into …

The hidden risks inside open-source code
Open-source software is everywhere. It runs the browsers we use, the apps we rely on, and the infrastructure that keeps businesses connected. For many security leaders, it is …

Cyber risk quantification helps CISOs secure executive support
In this Help Net Security interview, Vivien Bilquez, Global Head of Cyber Resilience at Zurich Resilience Solutions, discusses how organizations are rethinking cyber …

Your budget Android phone might be spying on you
Researchers have found that many low-cost Android devices come with pre-installed apps that have high-level access to the system. Unlike apps from the Google Play Store, many …

Keeping the internet afloat: How to protect the global cable network
The resilience of the world’s submarine cable network is under new pressure from geopolitical tensions, supply chain risks, and slow repair processes. A new report from the …

Cybersecurity jobs available right now: September 30, 2025
Application Security Architect Vancity | Canada | Hybrid – No longer accepting applications As an Application Security Architect, you will lead the design and planning …

Akira ransomware: From SonicWall VPN login to encryption in under four hours
Four hours or less: that’s how long it takes for Akira affiliates to break into organizations and deploy the ransomware on their systems, Arctic Wolf researchers have …