The password problem we keep pretending to fix
Experts across industries say they are still losing ground against identity-related breaches, even after years of investment in stronger access controls, according to RSA. …
F5 data breach: “Nation-state attackers” stole BIG-IP source code, vulnerability info
US tech company F5 has suffered a breach, and the attackers made off with source code of and vulnerability information related to its BIG-IP family of networking and security …
Microsoft patches three zero-days actively exploited by attackers
On October 2025 Patch Tuesday, Microsoft released fixes for 175+ vulnerabilities, including three zero-days under active attack: CVE-2025-24990, CVE-2025-59230, and …
U.S. seizes $15 billion in Bitcoin linked to massive forced-labor crypto scam
The U.S. government has seized about $15 billion worth of Bitcoin connected to what prosecutors call one of the largest cryptocurrency fraud and human trafficking operations …
A safer way to break industrial systems (on purpose)
Cybersecurity teams often struggle to test defenses for industrial control systems without risking disruption. A group of researchers from Curtin University has developed a …
Maltrail: Open-source malicious traffic detection system
Maltrail is an open-source network traffic detection system designed to spot malicious or suspicious activity. It works by checking traffic against publicly available …
Building trust in AI-powered security operations
In this Help Net Security video, James Hodge, VP, Global Specialist Organisation at Splunk, explores the transformative role of AI in cybersecurity threat detection. He …
The diagnosis is in: Mobile health apps are bad for your privacy
Sensitive data is moving through Android healthcare apps without adequate protection. Researchers found that many transmit information without encryption, store files without …
The power grid is getting old, and so is the cybersecurity protecting it
Critical infrastructure is getting older, and the cost of that decay is starting to show. The Arthur D. Little Built to Last? report says that the systems powering energy, …
What if your privacy tools could learn as they go?
A new academic study proposes a way to design privacy mechanisms that can make use of prior knowledge about how data is distributed, even when that information is incomplete. …
The solar power boom opened a backdoor for cybercriminals
Solar isn’t low risk anymore. Adoption has turned inverters, aggregators, and control software into attack surfaces capable of disrupting service and undermining confidence in …
Security validation: The key to maximizing ROI from security investments
Every sizable organization invests heavily in firewalls, SIEMs, EDRs, and countless other technologies that form the backbone of a modern enterprise’s cyber defenses. …
Featured news
Resources
Don't miss
- Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352)
- Microsoft revokes 200 certs used to sign malicious Teams installers
- A new approach to blockchain spam: Local reputation over global rules
- SAP zero-day wake-up call: Why ERP systems need a unified defense
- “Perfect” Adobe Experience Manager vulnerability is being exploited (CVE-2025-54253)