RCE flaw in tool for building AI agents exploited by attackers (CVE-2025-3248)
A missing authentication vulnerability (CVE-2025-3248) in Langflow, a web application for building AI-driven agents, is being exploited by attackers in the wild, CISA has …
Webinar: Securely migrating to the cloud
Whether your organization is already in the cloud or just starting to plan your migration, security is a top priority. This webinar will help you to better understand your …
Exploited: Vulnerability in software for managing Samsung digital displays (CVE-2024-7399)
An easily and remotely exploitable vulnerability (CVE-2024-7399) affecting Samsung MagicINFO, a platform for managing content on Samsung commercial displays, is being …
What a future without CVEs means for cyber defense
The importance of the MITRE-run Common Vulnerabilities and Exposures (CVE) Program shouldn’t be understated. For 25 years, it has acted as the point of reference for …
What it really takes to build a resilient cyber program
In this Help Net Security interview, Dylan Owen, CISO at Nightwing, talks about what it really takes to build an effective defense: choosing the right frameworks, setting up …
How cybercriminals exploit psychological triggers in social engineering attacks
Most attacks don’t start with malware; they begin with a message that seems completely normal, whether it comes through email, a phone call, or a chat, and that is exactly …
Key tips to stay safe from deepfake and AI threats
In this Help Net Security video, Joshua McKenty, CEO of Polyguard, talks about how to protect yourself from deepfake and AI threats, which are getting harder to spot and …
Cybersecurity jobs available right now: May 6, 2025
Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. Application Security Specialist Signify | Netherlands …
UK retailers under cyber attack: Co-op member data compromised
UK-based retailers Marks & Spencer, Co-op, and Harrods have been targeted by cyber attackers in the last few weeks. Whether the attacks have been mounted by the same …
How CISOs can talk cybersecurity so it makes sense to executives
CISOs know cyber risk is business risk. Boards don’t always see it that way. For years, CISOs have struggled to get boards to understand security beyond buzzwords. Many …
How OSINT supports financial crime investigations
In this Help Net Security interview, Stuart Clarke, CEO at Blackdot Solutions, discusses the strategic use of open-source intelligence (OSINT) in tackling financial crime. He …
Review: Effective Vulnerability Management
Effective Vulnerability Management offers a view of a key part of cybersecurity, showing how practices, tools, and processes can help organizations reduce risk. About the …
Featured news
Resources
Don't miss
- China-linked Murky Panda targets and moves laterally through cloud services
- Five ways OSINT helps financial institutions to fight money laundering
- DevOps in the cloud and what is putting your data at risk
- Russian threat actors using old Cisco bug to target critical infrastructure orgs
- AWS Trusted Advisor flaw allowed public S3 buckets to go unflagged