Please turn on your JavaScript for this page to function normally.
Report: The State of Secrets Sprawl 2025

GitGuardian’s State of Secrets Sprawl 2025 report shows no progress in combating secrets sprawl, with 23.8 million secrets leaked on public GitHub repositories in 2024—a 25% …

Microsoft
APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373)

State-sponsored threat actors and cybercrime groups from North Korea, Iran, Russia, and China have been exploiting a zero-day Windows vulnerability with no fix in sight for …

William Booth
Moving beyond checkbox security for true resilience

In this Help Net Security interview, William Booth, director, ATT&CK Evaluations at MITRE, discusses how CISOs can integrate regulatory compliance with proactive risk …

Dependency-Check
Dependency-Check: Open-source Software Composition Analysis (SCA) tool

Dependency-Check is an open-source Software Composition Analysis (SCA) tool to identify publicly disclosed vulnerabilities within a project’s dependencies. The tool …

Apple UK
Protecting your iCloud data after Apple’s Advanced Data Protection removal in the UK

Advanced Data Protection (ADP) secures iCloud data with end-to-end encryption. This ensures that no one, not even Apple, can access the encrypted data, which remains secure …

lock
The rise of DAST 2.0 in 2025

Static Application Security Testing (SAST) found favor among security teams as an easy way to deploy security testing without really engaging developers. With the ability to …

artificial intelligence
How AI and automation are reshaping security leadership

The contemporary SOC is transforming as it starts to realize the benefits of GenAI and utilize the manifestations of autonomous agentic AI, according to Tines. Additionally, …

Biohazard
Stealthy StilachiRAT steals data, may enable lateral movement

While still not widely distributed, a new Windows remote access trojan (RAT) dubbed StilachiRAT is a serious threat. “[The malware] demonstrates sophisticated techniques …

malware
FBI: Free file converter sites and tools deliver malware

Malware peddlers are increasingly targeting users who are searching for free file converter services (websites) and tools, the FBI’s Denver Field Office has warned …

Sunil Mallik
How financial institutions can minimize their attack surface

In this Help Net Security interview, Sunil Mallik, CISO of Discover Financial Services, discusses cybersecurity threats for financial institutions. He also shares insights on …

supply chain
Hackers target AI and crypto as software supply chain risks grow

The growing sophistication of software supply chain attacks is driven by widespread flaws in open-source and third-party commercial software, along with malicious campaigns …

cybersecurity jobs
Cybersecurity jobs available right now: March 18, 2025

Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. Application Security Expert monday.com | United …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools