
Flawed WordPress theme may allow admin account takeover on 22,000+ sites (CVE-2025-4322)
A critical vulnerability (CVE-2025-4322) in Motors, a WordPress theme popular with car/motor dealerships and rental services, can be easily exploited by unauthenticated …

What good threat intelligence looks like in practice
In this Help Net Security interview, Anuj Goel, CEO of Cyware, discusses how threat intelligence is no longer a nice to have, it’s a core cyber defense requirement. But …

AutoPatchBench: Meta’s new way to test AI bug fixing tools
AutoPatchBench is a new benchmark that tests how well AI tools can fix code bugs. It focuses on C and C++ vulnerabilities found through fuzzing. The benchmark includes 136 …

Third-party cyber risks and what you can do
When a third-party tech vendor suffers a cyber incident, your business can feel the effects immediately. That’s why it’s crucial to treat vendor risk as part of your …

Nation-state APTs ramp up attacks on Ukraine and the EU
Russian APT groups intensified attacks against Ukraine and the EU, exploiting zero-day vulnerabilities and deploying wipers, according to ESET. Ukraine faces rising cyber …

Product showcase: Secure digital and physical access with the Swissbit iShield Key 2
To meet today’s complex security requirements, organizations need solutions that are not only secure, but also practical and scalable. The Swissbit iShield Key 2 offers a …

Trojanized KeePass opens doors for ransomware attackers
A suspected initial access broker has been leveraging trojanized versions of the open-source KeePass password manager to set the stage for ransomware attacks, WithSecure …

The Windows Subsystem for Linux goes open source
Microsoft has officially open-sourced the Windows Subsystem for Linux (WSL), closing the very first issue ever filed on the Microsoft/WSL GitHub repository: “Will this be open …

Closing security gaps in multi-cloud and SaaS environments
In this Help Net Security interview, Kunal Modasiya, SVP, Product Management, GTM, and Growth at Qualys, discusses recent Qualys research on the state of cloud and SaaS …

Containers are just processes: The illusion of namespace security
In the early days of commercial open source, major vendors cast doubt on its security, claiming transparency was a flaw. In fact, that openness fueled strong communities and …

Why legal must lead on AI governance before it’s too late
In this Help Net Security interview, Brooke Johnson, Chief Legal Counsel and SVP of HR and Security, Ivanti, explores the legal responsibilities in AI governance, highlighting …

AI voice hijacking: How well can you trust your ears?
How sure are you that you can recognize an AI-cloned voice? If you think you’re completely certain, you might be wrong. Why it’s a growing threat With only three seconds …
Featured news
Resources
Don't miss
- Fighting AI with AI: How Darwinium is reshaping fraud defense
- Beyond Passwords: A Guide to Advanced Enterprise Security Protection
- Why behavioral intelligence is becoming the bank fraud team’s best friend
- Ransomware will thrive until we change our strategy
- The final frontier of cybersecurity is now in space