Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
Phishing
Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms

A recently uncovered phishing campaign – carefully designed to bypass security defenses and avoid detection by its intended victims – is targeting firms in …

ClickFix
Fake macOS help sites push Shamos infostealer via ClickFix technique

Criminals are taking advantage of macOS users’ need to resolve technical issues to get them to infect their machines with the Shamos infostealer, Crowdstrike researchers …

Black Hat USA 2025
Photos: Black Hat USA 2025

Here’s a look inside Black Hat USA 2025. The featured vendors are: Stellar Cyber, Vonahi Security, Gurucul, Check Point, HackerOne, EasyDMARC, Elastic, Google, Tines, …

Microsoft SharePoint
Storm-2603 spotted deploying ransomware on exploited SharePoint servers

One of the groups that, in the past few weeks, has been exploiting vulnerabilities in on-prem SharePoint installation has been observed deploying Warlock ransomware, Microsoft …

SharePoint
Microsoft pins on-prem SharePoint attacks on Chinese threat actors

This is a developing story, new update here: Storm-2603 spotted deploying ransomware on exploited SharePoint servers As Microsoft continues to update its customer guidance for …

Patch Tuesday
Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053)

For June 2025 Patch Tuesday, Microsoft has fixed 66 new CVEs, including a zero-day exploited in the wild (CVE-2025-33053). Also, Adobe Commerce and Magento Open Source users …

NTLM
Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)

CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting …

strategy
7 ways to get C-suite buy-in on that new cybersecurity tool

You’re in the middle of a sprint, juggling deadlines, debugging code, fine-tuning pipelines, and then it happens—you stumble across the perfect cybersecurity tool. It promises …

Apple
Banshee Stealer variant targets Russian-speaking macOS users

The Banshee Stealer is a stealthy threat to the rising number of macOS users around the world, including those in Russian-speaking countries, according to Check Point …

Godot game engine
Cybercriminals used a gaming engine to create undetectable malware loader

Threat actors are using an ingenious new way for covertly delivering malware to a wide variety of operating systems and platforms: they have created a malware loader that uses …

malware
Infostealers increasingly impact global security

Check Point Software’s latest threat index reveals a significant rise in infostealers like Lumma Stealer, while mobile malware like Necro continues to pose a significant …

SEC
SEC fines tech companies for misleading SolarWinds disclosures

The Securities and Exchange Commission charged four current and former public companies – Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd, and …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools