Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
Learning Kali Linux, 2nd Edition
Review: Learning Kali Linux, 2nd Edition

Kali Linux has long been the go-to operating system for penetration testers and security professionals, and Learning Kali Linux, 2nd Edition by Ric Messier aims to guide …

AI
Why CISOs need to understand the AI tech stack

As AI spreads, so do the risks. Security leaders are being asked to protect systems they don’t fully understand yet, and that’s a problem. A new report from the Paladin Global …

week in review
Week in review: Microsoft fixes exploited zero-day, Mirai botnets target unpatched Wazuh servers

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053) For …

Kali Linux 2025.2
Kali Linux 2025.2 delivers Bloodhound CE, CARsenal, 13 new tools

OffSec has released Kali Linux 2025.2, the most up-to-date version of the widely used penetration testing and digital forensics platform. KDE Plasma 6.3 in Kali Linux 2025.2 …

mobile spyware
iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200)

A zero-click attack leveraging a freshly disclosed Messages vulnerability (CVE-2025-43200) has infected the iPhones of two European journalists with Paragon’s Graphite …

Amichai Shulman
Unpacking the security complexity of no-code development platforms

In this Help Net Security interview, Amichai Shulman, CTO at Nokod Security, discusses how the abstraction layer in no-code environments complicates security by obscuring data …

AI
What CISOs need to know about agentic AI

GenAI has been the star of the show lately. Tools like ChatGPT impressed everyone with how well they can summarize, write, and respond. But something new is gaining ground: …

Vulnerability
Security flaws in government apps go unpatched for years

78% of public sector organizations are operating with significant security debt, flaws left unaddressed for more than a year, according to Veracode. 55% are burdened with …

zero trust video
19 ways to build zero trust: NIST offers practical implementation guide

The National Institute of Standards and Technology (NIST) has released a new guide that offers practical help for building zero trust architectures (ZTA). The guidance, titled …

Infosec products of the week
New infosec products of the week: June 13, 2025

Here’s a look at the most interesting products from the past week, featuring releases from Contrast Security, Cymulate, Lemony, SpecterOps, Thales, and Vanta. Lemony mitigates …

Microsoft Entra ID
Researchers warn of ongoing Entra ID account takeover campaign

Attackers are using the TeamFiltration pentesting framework to brute-force their way into Microsoft Entra ID (formerly Azure AD) accounts, Proofpoint researchers have …

LockBit
LockBit panel data leak shows Chinese orgs among the most targeted

The LockBit ransomware-as-a-service (RaaS) operation has netted around $2.3 million USD within 5 months, the data leak stemming from the May 2025 hack of a LockBit affiliate …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools