October 2025
4 ways to use time to level up your security monitoring
SIEMs excel at correlating events and firing alerts, but their ingest pipelines can get overwhelmed when scaled. And because most SIEMs rely on general-purpose log storage …
Passkeys rise, but scams still hit hard in 2025
Americans are dealing with a growing wave of digital scams, and many are losing money in the process. According to the fourth annual Consumer Cyber Readiness Report, nearly …
Apple strengthens storage flexibility with new disk image formats
Apple’s release of macOS 26 Tahoe introduced a new disk image format and updated an older one, both of which are drawing attention from system testers and forensic examiners. …
AI hype hits a wall when the data doesn’t deliver
Companies are pouring money into AI for IT operations, but most projects are still far from maturity. A global survey of 1,200 business leaders, IT leaders, and technical …
New infosec products of the week: October 3, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Acronis, Legit Security, NowSecure, Siemens, and Telus. NowSecure Privacy helps …
Hackers claim to have plundered Red Hat’s GitLab repos
The Crimson Collective, an emerging extortion / hacker group, has made a bombshell claim on their Telegram channel: they have gained access to Red Hat’s GitLab and have …
OpenSSL 3.6.0: New features, crypto support
The OpenSSL Project has announced the release of OpenSSL 3.6.0, a feature update that brings significant functionality improvements, standards compliance, and a few key …
Oracle customers targeted with emails claiming E-Business Suite breach, data theft
Unknown attackers claiming affiliation with the Cl0p extortion gang are hitting business and IT executives at various companies with emails claiming that they have exfiltrated …
ProSpy and ToSpy: New spyware families impersonating secure messaging apps
ESET researchers have found two Android spyware campaigns aimed at people looking for secure messaging apps such as Signal and ToTok. The attackers spread the spyware through …
Building a mature automotive cybersecurity program beyond checklists
In this Help Net Security interview, Robert Sullivan, CIO & CISO at Agero, shares his perspective on automotive cybersecurity. He discusses strategies for developing …
Chekov: Open-source static code analysis tool
Checkov is an open-source tool designed to help teams secure their cloud infrastructure and code. At its core, it’s a static code analysis tool for infrastructure as code …
GPT needs to be rewired for security
LLMs and agentic systems already shine at everyday productivity, including transcribing and summarizing meetings, extracting action items, prioritizing critical emails, and …
Featured news
Resources
Don't miss
- Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287)
- How neighbors could spy on smart homes
- How the City of Toronto embeds security across governance and operations
- Hottest cybersecurity open-source tools of the month: October 2025
- OpenAI’s gpt-oss-safeguard enables developers to build safer AI