Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

News

Natalia Belaya
How CISOs can balance security and business agility in the cloud

In this Help Net Security interview, Natalia Belaya, CISO at Cloudera, discusses common misconceptions about cloud security, the balance between protection and business …

Orbit
Orbit: Open-source Nuclei security scanning and automation platform

Orbit is an open-source platform built to streamline large-scale Nuclei scans, enabling teams to manage, analyze, and collaborate on security findings. It features a …

cybersecurity week in review
Week in review: Microsoft fixes two actively exploited 0-days, PAN-OS auth bypass hole plugged

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes two actively exploited zero-days (CVE-2025-21418, …

vCISO
vCISOs are in high demand

Regardless of job title, 92% of executives stated they had some degree of confidence in their organization’s ability to meet compliance requirements and tackle advanced …

insider threat
New GRC and cyber risk strategies emphasize risk adaptability

MetricStream has unveiled its annual forecast of key trends shaping the future of GRC and Cyber GRC. These 2025 predictions offer a roadmap for building resilience strategies, …

Microsoft 365 phishing
Threat actors are using legitimate Microsoft feature to compromise M365 accounts

Suspected Russian threat actors have been taking advantage of Microsoft Device Code Authentication to trick targets into granting them access to their Microsoft 365 (M365) …

fraud
Pig butchering scams are exploding

2024 is set to be a record year for scammers who received at least $9.9 billion in crypto revenues from their illicit activities, according to Chainalysis. This figure is …

third party
Inconsistent security strategies fuel third-party threats

47% of organizations have experienced a data breach or cyberattack over the past 12 months that involved a third-party accessing their network, according to Imprivata and the …

Infosec products of the week
New infosec products of the week: February 14, 2025

Here’s a look at the most interesting products from the past week, featuring releases from Armor, EchoMark, Netwrix, Palo Alto Networks, and Socure. Palo Alto Networks Cortex …

ClickFix
North Korean hackers spotted using ClickFix tactic to deliver malware

North Korean state-sponsored group Kimsuky (aka Emerald Sleet, aka VELVET CHOLLIMA) is attempting to deliver malware to South Korean targets by leveraging the so-called …

Russian flag
Sandworm APT’s initial access subgroup hits organizations accross the globe

A subgroup of Russia’s Sandworm APT has been working to achieve initial and persistent access to the IT networks of organizations working in economic sectors Russia is …

Palo Alto Networks
PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108)

Palo Alto Networks has fixed a high-severity authentication bypass vulnerability (CVE-2025-0108) in the management web interface of its next-gen firewalls, a proof-of-concept …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools