
19 ways to build zero trust: NIST offers practical implementation guide
The National Institute of Standards and Technology (NIST) has released a new guide that offers practical help for building zero trust architectures (ZTA). The guidance, titled …

New infosec products of the week: June 13, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Contrast Security, Cymulate, Lemony, SpecterOps, Thales, and Vanta. Lemony mitigates …

Researchers warn of ongoing Entra ID account takeover campaign
Attackers are using the TeamFiltration pentesting framework to brute-force their way into Microsoft Entra ID (formerly Azure AD) accounts, Proofpoint researchers have …

LockBit panel data leak shows Chinese orgs among the most targeted
The LockBit ransomware-as-a-service (RaaS) operation has netted around $2.3 million USD within 5 months, the data leak stemming from the May 2025 hack of a LockBit affiliate …

Identifying high-risk APIs across thousands of code repositories
In this Help Net Security interview, Joni Klippert, CEO of StackHawk, discusses why API visibility is a major blind spot for security teams, how legacy tools fall short, and …

Cybercriminals are turning stolen data into a thriving black market
Cybercriminals are stealing data and running full-scale businesses around it. Europol’s latest Internet Organised Crime Threat Assessment (IOCTA) report reveals how personal …

Want fewer security fires to fight? Start with threat modeling
CISOs understand that threat modeling helps teams identify risks early and build safer systems. But outside the security org, the value isn’t always clear. When competing for …

Build a mobile hacking rig with a Pixel and Kali NetHunter
A cybersecurity hobbyist has built a compact, foldable mobile hacking rig that runs Kali NetHunter on a Google Pixel 3 XL. It’s called the NetHunter C-deck, and it packs …

CISOs call for operational threat intelligence integration
98% of CISOs face challenges when using threat intelligence, according to Trellix. The biggest problems are keeping up with changing threats, integration difficulties, and …

Email security risks healthcare IT can’t afford to ignore
92% of healthcare IT leaders say they’re confident in their ability to prevent email-based data breaches, but according to Paubox, they’re not. Healthcare compliance …

44% of mobile users encounter scams every day
Nearly half of of mobile users encounter mobile scams daily, with people in the US and UK more likely to be targeted than those in other regions, according to Malwarebytes. …

Infostealer crackdown: Operation Secure takes down 20,000 malicious IPs and domains
More than 20,000 malicious IP addresses and domains used by information-stealing malware were taken down during an international cybercrime crackdown led by INTERPOL. Called …
Featured news
Resources
Don't miss
- Inorganic DNA: How nanoparticles could be the future of anti-counterfeiting tech
- Securing vehicles as they become platforms for code and data
- How service providers can turn cybersecurity into a scalable MRR engine
- Stop settling for check-the-box cybersecurity policies
- Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257)