Zero-day exploited to compromise Fortinet FortiVoice systems (CVE-2025-32756)
Fortinet has patched a critical vulnerability (CVE-2025-32756) that has been exploited in the wild to compromise FortiVoice phone / conferencing systems, the company’s …
Ivanti EPMM vulnerabilities exploited in the wild (CVE-2025-4427, CVE-2025-4428)
Attackers have exploited vulnerabilities in open-source libraries to compromise on-prem Ivanti Endpoint Manager Mobile (EPMM) instances of a “very limited” number …
Product showcase: Go beyond VPNs and Tor with NymVPN
If you care about online privacy, you probably already know: Centralized VPNs and even Tor aren’t enough anymore. Traditional VPNs require you to trust a single company with …
CISOs must speak business to earn executive trust
In this Help Net Security interview, Pritesh Parekh, VP, CISO at PagerDuty talks about how CISOs can change perceptions of their role, build influence across the organization, …
AI vs AI: How cybersecurity pros can use criminals’ tools against them
For a while now, AI has played a part in cybersecurity. Now, agentic AI is taking center stage. Based on pre-programmed plans and objectives, agentic AI can make choices which …
Breaking down silos in cybersecurity
All organizations erect silos – silos between groups and departments, across functions and among technologies. Silos represent differences in practices, culture and …
Review: Resilient Cybersecurity
Resilient Cybersecurity touches on nearly every major function of enterprise cybersecurity, from threat detection and identity management to vendor risk and regulatory …
UNIDIR Intrusion Path: New framework to analyze ICT environment activities
Malicious activity in the ICT environment is growing. However, a non-technical audience often struggle to understand these threats, either because technical explanations are …
Cybersecurity jobs available right now: May 13, 2025
Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. AVP, Vulnerability Management Engineer LPL Financial | …
Law enforcement takes down proxy botnets used by criminals
US and Dutch law enforcement, with the help of Lumen Technologies researchers, have disrupted 5socks and Anyproxy, two proxy-for-rent services that were used by criminals for …
Compromised SAP NetWeaver instances are ushering in opportunistic threat actors
A second wave of attacks against the hundreds of SAP NetWeaver platforms compromised via CVE-2025-31324 is underway. “[The] attacks [are] staged by follow-on, …
Bluetooth 6.1 released, enhances privacy and power efficiency
The Bluetooth Special Interest Group has released Bluetooth 6.1, and one of the most important new features is an update to how devices manage privacy and power. The update, …
Featured news
Resources
Don't miss
- Critical Control Web Panel vulnerability is actively exploited (CVE-2025-48703)
- 18 arrested in €300 million global credit card fraud scheme
- PortGPT: How researchers taught an AI to backport security patches automatically
- AI can flag the risk, but only humans can close the loop
- VulnRisk: Open-source vulnerability risk assessment platform