Zeljka Zorz
![SimpleHelp](https://img.helpnetsecurity.com/wp-content/uploads/2025/01/16145903/simplehelp-1500-400x200.webp)
Critical SimpleHelp vulnerabilities fixed, update your server instances!
If you’re an organization using SimpleHelp for your remote IT support/access needs, you should update or patch your server installation without delay, to fix security …
![Fortinet](https://img.helpnetsecurity.com/wp-content/uploads/2025/01/16140047/fortinet-1500-3-400x200.webp)
Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?
A threat actor has leaked configuration files (aka configs) for over 15,000 Fortinet Fortigate firewalls and associated admin and user credentials. The collection has been …
![Linux](https://img.helpnetsecurity.com/wp-content/uploads/2024/11/21100242/linux-hole-1500-400x200.webp)
Rsync vulnerabilities allow remote code execution on servers, patch quickly!
Six vulnerabilities have been fixed in the newest versions of Rsync (v3.4.0), two of which could be exploited by a malicious client to achieve arbitrary code execution on a …
![Patch Tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2024/05/14201548/patch_tuesday_news2-400x200.webp)
Microsoft fixes actively exploited Windows Hyper-V zero-day flaws
Microsoft has marked January 2025 Patch Tuesday with a hefty load of patches: 157 CVE-numbered security issues have been fixed in various products, three of which (in Hyper-V) …
![Fortinet](https://img.helpnetsecurity.com/wp-content/uploads/2024/05/29114619/fortinet-1500-400x200.webp)
Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591)
Fortinet has patched an authentication bypass vulnerability (CVE-2024-55591) affecting its FortiOS firewalls and FortiProxy web gateways that has been exploited as a zero-day …
![GenAI weaponization](https://img.helpnetsecurity.com/wp-content/uploads/2024/08/25094001/genai_weaponization-400x200.webp)
Malicious actors’ GenAI use has yet to match the hype
Generative AI has helped lower the barrier for entry for malicious actors and has made them more efficient, i.e., quicker at creating convincing deepfakes, mounting phishing …
![Ivanti](https://img.helpnetsecurity.com/wp-content/uploads/2023/07/31150732/ivanti1-400x200.jpg)
UK domain registry Nominet breached via Ivanti zero-day
The number of internet-facing Ivanti Connect Secure instances vulnerable to attack via CVE-2025-0282 has fallen from 2,048 to 800 in the last four days, the Shadowserver …
![AWS](https://img.helpnetsecurity.com/wp-content/uploads/2024/12/09102531/aws-1500-key2-400x200.webp)
Attackers are encrypting AWS S3 data without using ransomware
A ransomware gang dubbed Codefinger is encrypting data stored in target organizations’ AWS S3 buckets with AWS’s server-side encryption option with customer-provided …
![EU](https://img.helpnetsecurity.com/wp-content/uploads/2024/10/11093409/eu-1500-400x200.webp)
EU law enforcement training agency data breach: Data of 97,000 individuals compromised
Personal data of nearly 100,000 individuals that have participated in trainings organized by CEPOL, the European Union (EU) Agency for Law Enforcement Training, has …
![Crowdstrike](https://img.helpnetsecurity.com/wp-content/uploads/2024/07/19130702/crowdstrike-2-1500-400x200.webp)
Job-seeking devs targeted with fake CrowdStrike offer via email
Cryptojackers are impersonating Crowdstrike via email to get developers to unwittingly install the XMRig cryptocurrency miner on their Windows PC, the company has warned. The …
![Apple](https://img.helpnetsecurity.com/wp-content/uploads/2024/11/20114617/apple1-400x200.webp)
Banshee Stealer variant targets Russian-speaking macOS users
The Banshee Stealer is a stealthy threat to the rising number of macOS users around the world, including those in Russian-speaking countries, according to Check Point …
![Ivanti](https://img.helpnetsecurity.com/wp-content/uploads/2024/09/25140511/ivanti-2-1500-400x200.webp)
Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282)
The zero-day attacks leveraging the Ivanti Connect Secure (ICS) vulnerability (CVE-2025-0282) made public on Wednesday were first spotted in mid-December 2024, Mandiant …
Featured news
Resources
Don't miss
- Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)
- Webinar: Amplifying SIEM with AI-driven NDR for IT/OT convergence
- How CISOs can elevate cybersecurity in boardroom discussions
- A humble proposal: The InfoSec CIA triad should be expanded