September 2025
Ransomware groups are multiplying, raising the stakes for defenders
Ransomware activity is climbing again, with a steep increase in the number of victims and the number of groups launching attacks. A new mid-year report from Searchlight Cyber …
Delinea releases free open-source MCP server to secure AI agents
AI agents are becoming more common in the workplace, but giving them access to sensitive systems can be risky. Credentials often get stored in plain text, added to prompts, or …
How agentic AI is changing the SOC
In this Help Net Security video, David Norlin, CTO of Lumifi, explores the role of agentic AI in the security operations center (SOC). He explains what agentic AI is, how it …
Infosec products of the month: September 2025
Here’s a look at the most interesting products from the past month, featuring releases from: Absolute Security, Blackdot Solutions, Catchpoint, Cynomi, DataLocker, Gigamon, …
European Windows 10 users get an additional year of free security updates
Windows 10 users in the European Economic Area (EEA) will be able to receive extended security updates until October 14, 2026, without having to pay for them or to back up …
Microsoft spots LLM-obfuscated phishing attack
Cybercriminals are increasingly using AI-powered tools and (malicious) large language models to create convincing, error-free emails, deepfakes, online personas, …
Chainguard Libraries for JavaScript provides developers with malware-free dependencies
Chainguard released Chainguard Libraries for JavaScript, a collection of trusted builds of thousands of common JavaScript dependencies that are malware-resistant and built …
Onapsis enhances SAP security with latest platform updates
Onapsis announced updates to its Onapsis Platform, including the launch of three new capabilities: the SAP Notes Command Center, Rapid Controls for Dangerous Exploits, and …
Cisco fixes IOS/IOS XE zero-day exploited by attackers (CVE-2025-20352)
Cisco has fixed 14 vulnerabilities in IOS and IOS XE software, among them CVE-2025-20352, a high-severity vulnerability that has been exploited in zero-day attacks. About …
North Korean IT workers use fake profiles to steal crypto
ESET Research has published new findings on DeceptiveDevelopment, also called Contagious Interview. This North Korea-aligned group has become more active in recent years and …
Secure Code Warrior gives CISOs visibility into developer AI tool usage
Secure Code Warrior has launched a beta program to expand the AI capabilities of its Trust Agent product. The new offering provides CISOs with security traceability, …
Predicting DDoS attacks: How deep learning could give defenders an early warning
Distributed denial-of-service (DDoS) attacks remain one of the most common and disruptive forms of cybercrime. Defenders have traditionally focused on detecting these attacks …