
Vuls: Open-source agentless vulnerability scanner
Vuls is an open-source tool that helps users find and manage security vulnerabilities. It was created to solve the daily problems admins face when trying to keep servers …

Ransomware spike exposes cracks in cloud security
90% of IT and security leaders said their organization experienced a cyberattack within the last year, according to a report by Rubrik. “Many organizations that move to the …

Week in review: Critical SAP NetWeaver flaw exploited, RSAC 2025 Conference
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: RSAC 2025 Conference RSAC 2025 Conference took place at the Moscone Center in …

Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)
Attackers have been using two previously known vulnerabilities (CVE-2024-38475, CVE-2023-44221) to compromise SonicWall secure mobile access devices, the vendor has confirmed …

New Microsoft accounts will be “passwordless by default”
Microsoft is making new Microsoft accounts passwordless by default, the company has announced on Thursday, which marked this year’s World Password Day. “As part of …

AI and automation shift the cybersecurity balance toward attackers
Threat actors are increasingly harnessing automation, commoditized tools, and AI to systematically erode the traditional advantages held by defenders, according to Fortinet.

Phone theft is turning into a serious cybersecurity risk
Phone theft is a rising issue worldwide, and it’s more than just a property crime. It’s a serious cybersecurity threat. In the UK alone, the Metropolitan Police seizes 1,000 …

People know password reuse is risky but keep doing it anyway
35% of Gen Z said they never or rarely update passwords after a data breach affecting one of their accounts, according to Bitwarden. Only 10% reported always updating …

Half of red flags in third-party deals never reach compliance teams
Third-party risk management (TPRM) is compromised in many organizations because those holding the relationship with the third-party (relationship owners) don’t escalate red …

Infosec products of the month: April 2025
Here’s a look at the most interesting products from the past month, featuring releases from: 1touch.io, Abnormal AI, AppViewX, Arctic Wolf Networks, Bitdefender, BitSight, …

Photos: RSAC 2025, part 2
RSAC 2025 Conference is taking place at the Moscone Center in San Francisco. Help Net Security is on-site, and this gallery takes you inside the event. The first gallery is …

Why SMEs can no longer afford to ignore cyber risk
In this Help Net Security interview, Steven Furnell, Professor of Cyber Security at the University of Nottingham, illustrates how small and medium-sized businesses (SMEs) must …
Featured news
Resources
Don't miss
- China-linked Murky Panda targets and moves laterally through cloud services
- Five ways OSINT helps financial institutions to fight money laundering
- DevOps in the cloud and what is putting your data at risk
- Russian threat actors using old Cisco bug to target critical infrastructure orgs
- AWS Trusted Advisor flaw allowed public S3 buckets to go unflagged