Please turn on your JavaScript for this page to function normally.
Cisco
Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks

A widespread campaign aimed at breaching organizations via zero-day vulnerabilities in Cisco Adaptive Security Appliances (ASA) has been revealed by the US, UK, Canadian and …

M&S, Coop, Harrods
UK retailers under cyber attack: Co-op member data compromised

UK-based retailers Marks & Spencer, Co-op, and Harrods have been targeted by cyber attackers in the last few weeks. Whether the attacks have been mounted by the same …

network
UK NCSC offers security guidance for domain and DNS registrars

The UK National Cyber Security Centre (NCSC) has released security guidance for domain registrars and operators of Domain Name System (DNS) services. “DNS registrars …

Next.js
Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927)

A critical vulnerability (CVE-2025-29927) in the open source Next.js framework can be exploited by attackers to bypass authorization checks and gain unauthorized access to web …

vulnerabilities
What 2024 taught us about security vulnerabilties

From zero-day exploits to weaknesses in widely used software and hardware, the vulnerabilities uncovered last year underscore threat actors’ tactics and the critical …

CISO
How to choose secure, verifiable technologies?

The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has published a guidance document titled Choosing Secure and Verifiable Technologies, …

vulnerabilities
Zero-days dominate top frequently exploited vulnerabilities

A joint report by leading cybersecurity agencies from the U.S., UK, Canada, Australia, and New Zealand has identified the most commonly exploited vulnerabilities of 2023. …

David Ferbrache
Protecting national interests: Balancing cybersecurity and operational realities

With cyber threats becoming increasingly sophisticated and targeting critical infrastructure, in this Help Net Security interview, David Ferbrache, managing director of Beyond …

Cisco
Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)

A state-sponsored threat actor has managed to compromise Cisco Adaptive Security Appliances (ASA) used on government networks across the globe and use two zero-day …

Geoffrey Mattson
JCDC’s strategic shift: Prioritizing cyber hardening

In this Help Net Security interview, Geoffrey Mattson, CEO of Xage Security, discusses the evolution of the Joint Cyber Defense Collaborative (JCDC) since its 2021 inception …

Ivanti
State-sponsored hackers know enterprise VPN appliances inside out

Suspected Chinese state-sponsored hackers leveraging Ivanti Connect Secure VPN flaws to breach a variety of organizations have demonstrated “a nuanced understanding of …

cyber threat
APT29 revamps its techniques to breach cloud environments

Russian threat actors APT29 are changing their techniques and expanding their targets to access cloud environments, members of the Five Eyes intelligence alliance have warned. …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools