
Infosec products of the month: September 2025
Here’s a look at the most interesting products from the past month, featuring releases from: Absolute Security, Blackdot Solutions, Catchpoint, Cynomi, DataLocker, Gigamon, …

European Windows 10 users get an additional year of free security updates
Windows 10 users in the European Economic Area (EEA) will be able to receive extended security updates until October 14, 2026, without having to pay for them or to back up …

Microsoft spots LLM-obfuscated phishing attack
Cybercriminals are increasingly using AI-powered tools and (malicious) large language models to create convincing, error-free emails, deepfakes, online personas, …

Cisco fixes IOS/IOS XE zero-day exploited by attackers (CVE-2025-20352)
Cisco has fixed 14 vulnerabilities in IOS and IOS XE software, among them CVE-2025-20352, a high-severity vulnerability that has been exploited in zero-day attacks. About …

North Korean IT workers use fake profiles to steal crypto
ESET Research has published new findings on DeceptiveDevelopment, also called Contagious Interview. This North Korea-aligned group has become more active in recent years and …

Predicting DDoS attacks: How deep learning could give defenders an early warning
Distributed denial-of-service (DDoS) attacks remain one of the most common and disruptive forms of cybercrime. Defenders have traditionally focused on detecting these attacks …

$439 million recovered in global financial crime crackdown
Authorities around the world have recovered $439 million from criminals following a months-long operation led by INTERPOL. The effort, called HAECHI VI, ran from April through …

The fight to lock down drones and their supply chains
Drones have already shown their impact in military operations, and their influence is spreading across the agricultural and industrial sectors. Given their technological …

New framework sets baseline for SaaS security controls
Managing security across dozens or even hundreds of SaaS apps has become a major headache. Each tool has its own settings, permissions, and logs, and most third-party risk …

GenAI is exposing sensitive data at scale
Sensitive data is everywhere and growing fast. A new report from Concentric AI highlights how unstructured data, duplicate files, and risky sharing practices are creating …

AI is rewriting the rules of cyber defense
Enterprise security teams are underprepared to detect new, adaptive AI-powered threats. The study, published by Lenovo, surveyed 600 IT leaders across major markets and shows …

SolarWinds fixes critical Web Help Desk RCE vulnerability (CVE-2025-26399)
SolarWinds has fixed yet another unauthenticated remote code execution vulnerability (CVE-2025-26399) in Web Help Desk (WHD), its popular web-based IT ticketing and asset …
Featured news
Resources
Don't miss
- “Perfect” Adobe Experience Manager vulnerability is being exploited (CVE-2025-54253)
- When trusted AI connections turn hostile
- Identifying risky candidates: Practical steps for security leaders
- Humanoid robot found vulnerable to Bluetooth hack, data leaks to China
- F5 data breach: “Nation-state attackers” stole BIG-IP source code, vulnerability info