New threat group uses custom tools to hijack search results
ESET Research has identified a new threat group called GhostRedirector. In June 2025, this group broke into at least 65 Windows servers, mostly in Brazil, Thailand, Vietnam, …
Cutting through CVE noise with real-world threat signals
CISOs are dealing with an overload of vulnerability data. Each year brings tens of thousands of new CVEs, yet only a small fraction ever become weaponized. Teams often fall …
Attackers are turning Salesforce trust into their biggest weapon
Salesforce has become a major target for attackers in 2025, according to new WithSecure research into threats affecting customer relationship management (CRM) platforms. The …
DDoS attacks serve as instruments of political influence and disruption
In the first half of 2025, there were 8,062,971 DDoS attacks worldwide, with EMEA taking the brunt at 3.2 million attacks, according to Netscout. Peak attacks reached speeds …
Cloudflare confirms data breach linked to Salesloft Drift supply chain compromise
Cloudflare has also been affected by the Salesloft Drift breach, the US web infrastructure and security company confirmed on Tuesday, and the attackers got their hands on 104 …
BruteForceAI: Free AI-powered login brute force tool
BruteForceAI is a penetration testing tool that uses LLMs to improve the way brute-force attacks are carried out. Instead of relying on manual setup, the tool can analyze HTML …
How gaming experience can help with a cybersecurity career
Many people might not think that playing video games could help build a career in cybersecurity. Yet the skills gained through gaming, even if they don’t seem relevant at …
Detecting danger: EASM in the modern security stack
In today’s complex threat environment, the challenge for security professionals isn’t just defeating threats, it’s finding your vulnerabilities in the first place. That’s …
Five habits of highly secure development teams
In this Help Net Security video, Brendon Collins, Principal Consultant at Optiv, explores how organizations can embed security and privacy into the software development …
AI will drive purchases this year, but not without questions
AI is moving into security operations, but CISOs are approaching it with a mix of optimism and realism. A new report from Arctic Wolf shows that most organizations are …
Zscaler, Palo Alto Networks, SpyCloud among the affected by Salesloft Drift breach
In the wake of last week’s revelation of a breach at Salesloft by a group tracked by Google as UNC6395, several companies – including Zscaler, Palo Alto Networks, …
Can AI agents catch what your SOC misses?
A new research project called NetMoniAI shows how AI agents might reshape network monitoring and security. Developed by a team at Texas Tech University, the framework brings …
Featured news
Resources
Don't miss
- Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352)
- Microsoft revokes 200 certs used to sign malicious Teams installers
- A new approach to blockchain spam: Local reputation over global rules
- SAP zero-day wake-up call: Why ERP systems need a unified defense
- “Perfect” Adobe Experience Manager vulnerability is being exploited (CVE-2025-54253)