SinoTrack GPS vulnerabilities may allow attackers to track, control vehicles
Vulnerabilities affecting the SinoTrack GPS tracking platform may allow attackers to keep tabs on vehicles’ location and even perform actions such as disconnecting power …
Police shut down long-running dark web drug market
Law enforcement authorities across Europe have dismantled Archetyp Market, the most enduring dark web drug market, following a large-scale operation involving six countries, …
Why banks’ tech-first approach leaves governance gaps
In this Help Net Security interview, Rich Friedberg, CISO at Live Oak Bank, discusses how banks can better align cybersecurity efforts with broader cyber governance and risk …
MDEAutomator: Open-source endpoint management, incident response in MDE
Managing endpoints and responding to security incidents in Microsoft Defender for Endpoint (MDE) can be time-consuming and complex. MDEAutomator is an open-source tool …
Virtual kidnapping scams prey on our worst fears
Getting a call saying a family member has been kidnapped is terrifying. Fear and panic take over, making it hard to think clearly. That’s exactly what criminals count on when …
Review: Learning Kali Linux, 2nd Edition
Kali Linux has long been the go-to operating system for penetration testers and security professionals, and Learning Kali Linux, 2nd Edition by Ric Messier aims to guide …
Why CISOs need to understand the AI tech stack
As AI spreads, so do the risks. Security leaders are being asked to protect systems they don’t fully understand yet, and that’s a problem. A new report from the Paladin Global …
Week in review: Microsoft fixes exploited zero-day, Mirai botnets target unpatched Wazuh servers
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053) For …
Kali Linux 2025.2 delivers Bloodhound CE, CARsenal, 13 new tools
OffSec has released Kali Linux 2025.2, the most up-to-date version of the widely used penetration testing and digital forensics platform. KDE Plasma 6.3 in Kali Linux 2025.2 …
iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200)
A zero-click attack leveraging a freshly disclosed Messages vulnerability (CVE-2025-43200) has infected the iPhones of two European journalists with Paragon’s Graphite …
Unpacking the security complexity of no-code development platforms
In this Help Net Security interview, Amichai Shulman, CTO at Nokod Security, discusses how the abstraction layer in no-code environments complicates security by obscuring data …
What CISOs need to know about agentic AI
GenAI has been the star of the show lately. Tools like ChatGPT impressed everyone with how well they can summarize, write, and respond. But something new is gaining ground: …
Featured news
Resources
Don't miss
- Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352)
- Microsoft revokes 200 certs used to sign malicious Teams installers
- A new approach to blockchain spam: Local reputation over global rules
- SAP zero-day wake-up call: Why ERP systems need a unified defense
- “Perfect” Adobe Experience Manager vulnerability is being exploited (CVE-2025-54253)