Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
ClamAV
New ClamAV security patch closes seven scanner bugs dating back two decades

Open source antivirus scanning sits inside mail gateways, file upload checks, and endpoint tooling at organizations of every size. Much of that work runs through ClamAV, the …

danger
The ARToken phishing panel targets Microsoft 365 accounts

Accounts-payable staff at U.S. companies keep receiving invoice emails that look like they come from vendors they already work with. One landed at a life-sciences company in …

Cisco
Cisco Unified CM flaw actively exploited to drop webshells (CVE-2026-20230)

CVE-2026-20230, a server-side request forgery (SSRF) vulnerability affecting Cisco’s Unified Communications Manager (Unified CM), is being exploited to drop webshells …

Cisco
Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262)

Cisco has revealed another Catalyst SD-WAN Manager vulnerability (CVE-2026-20262) that its Product Security Incident Response Team observed being exploited by attackers. But …

CISA
CISA orders federal agencies to “patch smarter”

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a Binding Operational Directive that will change how the US federal government approaches …

Cisco
Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245)

A 0-day privilege escalation vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager that has yet to be patched by Cisco is being leveraged by attackers. “To …

key
Frontier AI models collapse under multi-turn AI attacks, Cisco finds

Attackers who probe large language models rarely give up after one refusal. They reframe, build context across turns, adopt personas, and escalate gradually. New research from …

Cisco
Cisco refines its risk-based vulnerability disclosure for the AI era

Security teams already struggle with long lists of vulnerabilities and limited time to patch them. Cisco believes AI could increase that pressure by accelerating vulnerability …

Cisco
Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182)

Cisco has patched yet another Catalyst SD-WAN Controller authentication bypass vulnerability (CVE-2026-20182) that has been exploited as a zero-day by “a highly …

verifying AI model lineage
Cisco releases open-source toolkit for verifying AI model lineage

Enterprises pulling models from Hugging Face and other open repositories rarely keep records of how those models are altered after download, leaving organizations with little …

backdoor
New Cisco firewall malware can only be killed by pulling the plug

Suspected state-sponsored attackers are using a custom backdoor to persistently compromise Cisco security devices (firewalls), the US CISA and the UK National Cyber Security …

phishing
Phishing reclaims the top initial access spot, attackers experiment with AI tools

Phishing returned as the leading method attackers used to break into organizations in the first quarter of 2026, accounting for over a third of engagements where initial …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released for important security events and breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools