Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
SAP
Critical SAP NetWeaver flaw exploited by suspected initial access broker (CVE-2025-31324)

CVE-2025-31324, a critical vulnerability in the SAP NetWeaver platform, is being actively exploited by attackers to upload malicious webshells to enable unauthorized file …

Outpost24
Threat actors are scanning your environment, even if you’re not

In a world where organizations’ digital footprint is constantly changing and attackers regularly capitalize on security failings in exposed IT assets, making the effort to …

GoSearch
GoSearch: Open-source OSINT tool for uncovering digital footprints

GoSearch is an open-source OSINT tool built to uncover digital footprints linked to specific usernames. Designed for speed and accuracy, it lets users quickly track …

ransomware
Ransomware attacks are getting smarter, harder to stop

Ransomware attacks are becoming more refined and pervasive, posing significant challenges to organizations globally. A Veeam report reveals that while the percentage of …

Vulnerability
Most critical vulnerabilities aren’t worth your attention

Web applications face a wide range of risks, including known-exploitable vulnerabilities, supply chain attacks, and insecure identity configurations in CI/CD, according to the …

cybersecurity week in review
Week in review: MITRE ATT&CK v17.0 released, PoC for Erlang/OTP SSH bug is public

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Released: MITRE ATT&CK v17.0, now with ESXi attack TTPs MITRE has …

Rack
Rack Ruby vulnerability could reveal secrets to attackers (CVE-2025-27610)

Researchers have uncovered three serious vulnerabilities in Rack, a server interface used by most Ruby web app frameworks (Ruby on Rails, Sinatra, Hanami, Roda, and others). …

mobile device
Flexible working models fuel surge in device theft

76% of respondents have been impacted by incidents of device theft in the past two years, with incidents more common in organizations with more flexible working models, …

laptop
Exposure validation emerges as critical cyber defense component

Organizations have implemented various aspects of threat exposure validation, including security control validation (51%) and filtering threat exposures based on the …

idea
13 core principles to strengthen AI cybersecurity

The new ETSI TS 104 223 specification for securing AI provides reliable and actionable cybersecurity guidance aimed at protecting end users. Adopting a whole-lifecycle …

RSAC 2025 companies
Top must-visit companies at RSAC 2025

RSAC 2025 Conference is taking place at the Moscone Center in San Francisco from April 28 – May 1. With hundreds of booths, countless product demos, and nonstop buzz, …

Infosec products of the week
New infosec products of the week: April 25, 2025

Here’s a look at the most interesting products from the past week, featuring releases from Bitdefender, PowerDMARC, Skyhawk Security, Stellar Cyber, Swimlane, and Veracode. …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools