
CISA warns about actively exploited Broadcom, Commvault vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has added three new flaws to its Known Exploited Vulnerabilities catalog on Monday, affecting Commvault …

Marks & Spencer cyber incident linked to ransomware group
The “cyber incident” that British multinational retailer Marks & Spencer has been struggling with for over a week is a ransomware attack, multiple sources …

Eyes, ears, and now arms: IoT is alive
I’ve never quite seen anything like this in my two decades of working in the Internet of Things (IoT) space. In just a few years, devices at home and work started including …

What’s worth automating in cyber hygiene, and what’s not
Cyber hygiene sounds simple. Patch your systems, remove old accounts, update your software. But for large organizations, this gets messy fast. Systems number in the thousands. …

Want faster products and stronger trust? Build security in, not bolt it on
In this Help Net Security interview, Christopher Kennedy, CISO at Group 1001, discusses how cybersecurity initiatives are reshaping enterprise cybersecurity strategy. He …

DDoS attacks jump 358% compared to last year
Cloudflare says it mitigated 20.5 million DDoS attacks in the first quarter of 2025. This is a 358% increase compared to the same time last year. Their Q1 2025 DDoS report …

Investing in security? It’s not helping you fix what matters faster
Automation and structured collaboration have a strong, positive influence on the efficiency of vulnerability management, according to Seemplicity. However, manual processes, …

Cybersecurity jobs available right now: April 29, 2025
Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. Analyst IV – Cybersecurity Carpenter Technology …

Critical SAP NetWeaver flaw exploited by suspected initial access broker (CVE-2025-31324)
CVE-2025-31324, a critical vulnerability in the SAP NetWeaver platform, is being actively exploited by attackers to upload malicious webshells to enable unauthorized file …

Threat actors are scanning your environment, even if you’re not
In a world where organizations’ digital footprint is constantly changing and attackers regularly capitalize on security failings in exposed IT assets, making the effort to …

GoSearch: Open-source OSINT tool for uncovering digital footprints
GoSearch is an open-source OSINT tool built to uncover digital footprints linked to specific usernames. Designed for speed and accuracy, it lets users quickly track …

Ransomware attacks are getting smarter, harder to stop
Ransomware attacks are becoming more refined and pervasive, posing significant challenges to organizations globally. A Veeam report reveals that while the percentage of …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)