Malicious Rust packages targeted Web3 developers
A malicious Rust crate (package) named evm-units, aimed at stealing cryptocurrency from unsuspecting developers, has been pulled from the official public package registry for …
Max-severity vulnerability in React, Node.js patched, update ASAP (CVE-2025-55182)
A critical vulnerability (CVE-2025-55182) in React Server Components (RSC) may allow unauthenticated attackers to achieve remote code exection on the application server, the …
Smart grids are trying to modernize and attackers are treating it like an invitation
In this Help Net Security interview, Sonia Kumar, Senior Director Cyber Security at Analog Devices, discusses how securing decentralized smart grids demands a shift in …
A day in the life of the internet tells a bigger story
On any given day, the internet carries countless signals that hint at how networks behave behind the scenes. Researchers from RIPE NCC and several universities found a way to …
AI vs. you: Who’s better at permission decisions?
A single tap on a permission prompt can decide how far an app reaches into a user’s personal data. Most of these calls happen during installation. The number of prompts keeps …
The quantum clock is ticking and businesses are still stuck in prep mode
Quantum computing is still years away from breaking current encryption, but many security teams are already worried about what happens when that moment arrives. A new report …
Massive gambling network doubles as hidden C2 and anonymity infrastructure, researchers say
A sprawling network that’s seemingly maintained to serve (illegal) online gambling opportunities and deliver malware to Indonesian citizens is likely also being used to …
Global law enforcement actions put pressure on cybercrime networks
In 2025, law enforcement agencies disrupted the infrastructure and operations of established cybercriminal groups. These groups shift across borders, and the agencies pursuing …
Portmaster: Open-source application firewall
Portmaster is a free and open source application firewall built to monitor and control network activity on Windows and Linux. The project is developed in the EU and is …
CISOs are questioning what a crisis framework should look like
CISOs increasingly assume the next breach is coming. What concerns them most is whether their teams will understand the incident quickly enough to limit the fallout. A recent …
Threat intelligence programs are broken, here is how to fix them
Security teams often gather large amounts of threat data but still struggle to improve detection or response. Analysts work through long lists of alerts, leaders get unclear …
Google fixes Android vulnerabilities “under targeted exploitation” (CVE-2025-48633, CVE-2025-48572)
Google has shipped patches for 51 Android vulnerabilities, including two high-severity flaws (CVE-2025-48633, CVE-2025-48572) that “may be under limited, targeted …
Featured news
Resources
Don't miss
- The soft underbelly of space isn’t in orbit, it’s on the ground
- Privacy risks sit inside the ads that fill your social media feed
- Should AI access be treated as a civil right across generations?
- What cybersecurity leaders are reading to stay ahead
- Cisco email security appliances rooted and backdoored via still unpatched zero-day