Don’t panic over CISA’s KEV list, use it smarter
In this Help Net Security video, Tod Beardsley, VP of Security Research at runZero, explains what CISA’s Known Exploited Vulnerabilities (KEV) Catalog is and how security …
MOS: Open-source modular OS for servers and homelabs
A growing number of homelab builders and small server operators are testing an open source operating system that combines basic server management, storage control, and …
Week in review: Exploited newly patched BeyondTrust RCE, United Airlines CISO on building resilience
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: United Airlines CISO on building resilience when disruption is inevitable In …
Bitcoin trading firm CEO gets 20 years for operating $200 million Ponzi scheme
The U.S. Department of Justice sentenced the CEO of a multi-level marketing and bitcoin trading firm to 20 years in prison after a conviction for wire fraud and money …
Hackers probe, exploit newly patched BeyondTrust RCE flaw (CVE-2026-1731)
Attackers are exploiting a recently patched critical vulnerability (CVE-2026-1731) in internet-facing BeyondTrust Remote Support and Privileged Remote Access instances. …
Proofpoint acquires Acuvity to secure AI and agent-driven workflows
Proofpoint has acquired Acuvity, strengthening its platform with AI-native visibility, governance, and runtime protection for AI and agent-driven workflows. As generative AI …
Brutus: Open-source credential testing tool for offensive security
Brutus is an open-source, multi-protocol credential testing tool written in pure Go. Designed to replace legacy tools that have long frustrated penetration testers with …
Police arrests distributor of JokerOTP password-stealing bot
The Dutch National Police arrested a 21-year-old man from Dordrecht as part of a cybercrime investigation by Team Cybercrime Oost-Brabant. The suspect is believed to have …
OpenAI released GPT-5.3-Codex-Spark, a real-time coding model
OpenAI has released a research preview of GPT-5.3-Codex-Spark, an ultra-fast model for real-time coding in Codex. It is available to ChatGPT Pro users in the latest versions …
Why secure OT protocols still struggle to catch on
Industrial control system networks continue to run on legacy communication protocols that were built for reliability and uptime, not authentication or data integrity. In many …
Arctic Wolf expands MSP Security with Aurora Managed Endpoint Defense
Arctic Wolf has announced new endpoint security capabilities for its Managed Service Provider (MSP) partners. The addition of Aurora Managed Endpoint Defense, powered by the …
Ubuntu 24.04.4 LTS arrives with cumulative security and bug fixes
Security teams running Ubuntu in production often delay major OS upgrades until the next point release arrives with accumulated patches and newer hardware support. Ubuntu …
Featured news
Resources
Don't miss
- Verizon DBIR: Vulnerability exploitation is the dominant initial access vector
- TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension
- Microsoft provides mitigation for “YellowKey” BitLocker bypass flaw (CVE-2026-45585)
- Communicating cyber risk in dollars boards understand
- CVE Lite CLI: Open-source dependency vulnerability scanner