Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

security update

Google Chrome
Update Google Chrome to fix actively exploited zero-day (CVE-2025-6558)

For the fifth time this year, Google has patched a Chrome zero-day vulnerability (CVE-2025-6558) exploited by attackers in the wild. About CVE-2025-6558 CVE-2025-6558 is a …

Gigabyte
Vulnerable firmware for Gigabyte motherboards could allow bootkit installation

UEFI firmware running on 100+ Gigabyte motherboard models is affected by memory corruption vulnerabilities that may allow attackers to install persistent and …

Google Chrome
Google patches actively exploited Chrome (CVE‑2025‑6554)

Google has released a security update for Chrome to address a zero‑day vulnerability (CVE-2025-6554) that its Threat Analysis Group (TAG) discovered and reported last week. …

Windows 10 Extended Security
Windows 10: How to get security updates for free until 2026

Users who want to stick with Windows 10 beyond its planned end-of-support date but still receive security updates, can enroll into the Windows 10 Extended Security Updates …

Netscaler
Critical Citrix NetScaler bug fixed, upgrade ASAP! (CVE-2025-5777)

Citrix has fixed a critical vulnerability (CVE-2025-5777) in NetScaler ADC and NetScaler Gateway reminiscent of the infamous and widely exploited CitrixBleed flaw. The …

Connectwise is rotating code signing certificates. What happened?

Connectwise customers who use the company’s ScreenConnect, Automate, and ConnectWise RMM solutions are urged to update all agents and/or validate that the update has …

Patch Tuesday
Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053)

For June 2025 Patch Tuesday, Microsoft has fixed 66 new CVEs, including a zero-day exploited in the wild (CVE-2025-33053). Also, Adobe Commerce and Magento Open Source users …

Patch Tuesday
June 2025 Patch Tuesday forecast: Second time is the charm?

June 2025 Patch Tuesday is now live: Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053) Microsoft has been busy releasing more out-of-band (OOB) patches …

SAP
Why SAP security updates are a struggle for large enterprises

In this Help Net Security video, Jonathan Stross, SAP Security Analyst at Pathlock, examines why managing SAP security updates is so complex for enterprises. From highly …

Google Chrome
CISA: Recently fixed Chrome vulnerability exploited in the wild (CVE-2025-4664)

A high-severity Chrome vulnerability (CVE-2025-4664) that Google has fixed on Wednesday is being leveraged by attackers, CISA has confirmed by adding the flaw to its Known …

Ivanti
Ivanti EPMM vulnerabilities exploited in the wild (CVE-2025-4427, CVE-2025-4428)

Attackers have exploited vulnerabilities in open-source libraries to compromise on-prem Ivanti Endpoint Manager Mobile (EPMM) instances of a “very limited” number …

SonicWall
Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819)

SonicWall has fixed multiple vulnerabilities affecting its SMA100 Series devices, one of which (CVE-2025-32819) appears to be a patch bypass for an arbitrary file delete …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools