>>> BLACK FRIDAY 2025 cybersecurity deals to explore <<<

Please turn on your JavaScript for this page to function normally.

News

week in review
Week in review: F5 data breach, Microsoft patches three actively exploited zero-days

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Building a healthcare cybersecurity strategy that works In this Help Net …

Cisco
Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352)

Threat actors have leveraged a recently patched IOS/IOS XE vulnerability (CVE-2025-20352) to deploy Linux rootkits on vulnerable Cisco network devices. “The operation …

Microsoft Teams
Microsoft revokes 200 certs used to sign malicious Teams installers

By revoking 200 software-signing certificates, Microsoft has hampered the activities of Vanilla Tempest, a ransomware-wielding threat actor that has been targeting …

A new approach to blockchain spam: Local reputation over global rules

Spam has long been a nuisance in blockchain networks, clogging transaction queues and driving up fees. A new research paper from Delft University of Technology introduces a …

healthcare cybersecurity
Inside healthcare’s quiet cybersecurity breakdown

Hospitals, clinics, and care networks continue to treat cybersecurity as a back-office issue, according to the 2025 Healthcare IT Landscape Report from Omega Systems. Security …

SAP
SAP zero-day wake-up call: Why ERP systems need a unified defense

In this Help Net Security video, Paul Laudanski, Director of Research at Onapsis, discusses key lessons from the SAP zero-day vulnerability. He explains why business-critical …

AI
Everyone’s adopting AI, few are managing the risk

AI is spreading across enterprise risk functions, but confidence in those systems remains uneven, according to AuditBoard. More than half of organizations report implementing …

Infosec products of the week
New infosec products of the week: October 17, 2025

Here’s a look at the most interesting products from the past week, featuring releases from Aura, Bitsight, Blumira, Cayosoft, Corelight, Netcraft, and Picus Security. Picus …

Adobe
“Perfect” Adobe Experience Manager vulnerability is being exploited (CVE-2025-54253)

CISA has added CVE-2025-54253, a misconfiguration vulnerability in Adobe Experience Manager (AEM) Forms on Java Enterprise Edition (JEE), to its Known Exploited …

danger
When trusted AI connections turn hostile

Researchers have revealed a new security blind spot in how LLM applications connect to external systems. Their study shows that malicious Model Context Protocol (MCP) servers …

insider threat
Identifying risky candidates: Practical steps for security leaders

Effective insider threat defense begins with candidate vetting. Background checks and reference calls can confirm elements of an applicant’s history, but they rarely surface …

artificial intelligence
Everyone wants AI, but few are ready to defend it

The rush to deploy AI is reshaping how companies think about risk, according to Cisco. A global study finds that while most organizations are moving quickly to adopt AI, many …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools