Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
networking
NTLM relay attacks are back from the dead

NTLM relay attacks are the easiest way for an attacker to compromise domain-joined hosts. While many security practitioners think NTLM relay is a solved problem, it is not – …

email bombing
Microsoft introduces protection against email bombing

By the end of July 2025, all Microsoft Defender for Office 365 customers should be protected from email bombing attacks by default, Microsoft has announced on Monday. What is …

RIFT
RIFT: New open-source tool from Microsoft helps analyze Rust malware

Microsoft’s Threat Intelligence Center has released a new tool called RIFT to help malware analysts identify malicious code hidden in Rust binaries. While Rust is becoming …

Windows 10 Extended Security
Windows 10: How to get security updates for free until 2026

Users who want to stick with Windows 10 beyond its planned end-of-support date but still receive security updates, can enroll into the Windows 10 Extended Security Updates …

privacy
Users lack control as major AI platforms share personal info with third parties

Some of the most popular generative AI and large language model (LLM) platforms, from companies like Meta, Google, and Microsoft, are collecting sensitive data and sharing it …

SonicWall
Trojanized SonicWall NetExtender app exfiltrates VPN credentials

Unknown attackers have trojanized SonicWall’s SSL-VPN NetExtender application, the company has warned on Monday, and have been tricking users into downloading it from a …

Windows
Microsoft will start removing legacy drivers from Windows Update

Microsoft will start removing legacy drivers from Windows Update to improve driver quality for Windows users but, most importantly, to increase security, the company has …

Shortleash Backdoor
Stealthy backdoor found hiding in SOHO devices running Linux

SecurityScorecard’s STRIKE team has uncovered a network of compromised small office and home office (SOHO) devices they’re calling LapDogs. The threat is part of a broader …

MDEAutomator
MDEAutomator: Open-source endpoint management, incident response in MDE

Managing endpoints and responding to security incidents in Microsoft Defender for Endpoint (MDE) can be time-consuming and complex. MDEAutomator is an open-source tool …

Patch Tuesday
Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053)

For June 2025 Patch Tuesday, Microsoft has fixed 66 new CVEs, including a zero-day exploited in the wild (CVE-2025-33053). Also, Adobe Commerce and Magento Open Source users …

Patch Tuesday
June 2025 Patch Tuesday forecast: Second time is the charm?

June 2025 Patch Tuesday is now live: Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053) Microsoft has been busy releasing more out-of-band (OOB) patches …

Microsoft Exchange
Exchange 2016, 2019 support ends soon: What IT should do to stay secure

Microsoft is ending support for Exchange Server 2016, Exchange Server 2019, and Outlook 2016 on October 14, 2025. That date might seem far off, but if you’re managing email …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools