How QR code attacks work and how to protect yourself
QR codes have become an integral part of our everyday life due to their simplicity. While they’ve been around for many years, their use exploded during the COVID-19 pandemic, …
Week in review: Botnet hits M365 accounts, PoC for Ivanti Endpoint Manager vulnerabilities released
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Massive botnet hits Microsoft 365 accounts A recently discovered botnet of …
OT/ICS cyber threats escalate as geopolitical conflicts intensify
Ransomware attacks against industrial organizations surged by 87% over the past year, while new malware families designed specifically for OT environments emerged. These …
MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364)
Users of the MITRE Caldera cyber security platform have been urged to plug a critical hole (CVE-2025–27364) that may allow unauthenticated attackers to achieve remote code …
OSPS Baseline: Practical security best practices for open source software projects
The Open Source Security Foundation (OpenSSF), a cross-industry initiative by the Linux Foundation, has announced the initial release of the Open Source Project Security …
Understanding the AI Act and its compliance challenges
In this Help Net Security interview, David Dumont, Partner at Hunton Andrews Kurth, discusses the implications of the EU AI Act and how organizations can leverage existing …
Infosec products of the month: February 2025
Here’s a look at the most interesting products from the past month, featuring releases from: 1Password, Armor, BigID, Dynatrace, Fortinet, Legit Security, Netwrix, Nymi, Palo …
Debunking 5 myths about network automation
Imagine you’re a network engineer at an enterprise. You already have your hands full with IT priorities, including managing bandwidth related to working from home, the …
2024 phishing trends tell us what to expect in 2025
Phishing has been the method most often employed by cybercriminals to achieve initial access to targeted organizations in 2024, according to risk advisory firm Kroll, which …
Siemens Teamcenter vulnerability could allow account takeover (CVE-2025-23363)
A high-severity vulnerability (CVE-2025-23363) in the Siemens Teamcenter product lifecycle management (PLM) software could allow an attacker to steal users’ valid …
Is Agentic AI too smart for your own good?
Agentic AI, which consists of systems that autonomously take action based on high-level goals, is becoming integral to enterprise security, threat intelligence, and …
Hottest cybersecurity open-source tools of the month: February 2025
This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Kunai: Open-source …
Featured news
Resources
Don't miss
- Popular code formatting sites are exposing credentials and other secrets
- Fake “Windows Update” screens fuels new wave of ClickFix attacks
- Microsoft cracks down on malicious meeting invites
- How an AI meltdown could reset enterprise expectations
- The breaches everyone gets hit by (and how to stop them)