Cisco email security appliances rooted and backdoored via still unpatched zero-day
A suspected Chinese-nexus threat group has been compromising Cisco email security devices and planting backdoors and log-purging tools on them since at least late November …
Actively exploited SonicWall zero-day patched (CVE-2025-40602)
SonicWall has patched a local privilege escalation vulnerability (CVE-2025-40602) affecting its Secure Mobile Access (SMA) 1000 appliances and is urging customers to apply the …
Attackers are exploiting auth bypass vulnerability on FortiGate firewalls (CVE-2025-59718)
Attackers are exploiting a recently revealed vulnerability (CVE-2025-59718) to bypass authentication on Fortinet’s FortiGate firewalls, and are leveraging the achieved …
Why vulnerability reports stall inside shared hosting companies
Security teams keep sending vulnerability notifications, and the same pattern keeps repeating. Many alerts land, few lead to fixes. A new qualitative study digs into what …
Banks built rules for yesterday’s crime and RegTech is trying to fix that
Criminals are moving money across borders faster, and financial institutions are feeling the squeeze. Compliance teams feel this strain every day as they try to keep up with …
Zabbix: Open-source IT and OT observability solution
Zabbix is an open source monitoring platform designed to track the availability, performance, and integrity of IT environments. It monitors networks along with servers, …
How exposure management changes cyber defense
In this Help Net Security video, Larry Slusser, VP of Strategy at SixMap, explains why endpoint detection and response is only part of the security story. Drawing on his work …
AI breaks the old security playbook
AI has moved into enterprise operations faster than many security programs expected. It is embedded in workflows, physical systems, and core infrastructure. Some AI tools …
European police busts Ukraine scam call centers
Law enforcement agencies from several European countries have arrested twelve persons suspected of being involved in scamming victims across Europe, Eurojust announced today. …
SoundCloud breached, hit by DoS attacks
Audio streaming service SoundCloud has suffered a breach and has been repeatedly hit by denial of service attacks, the company confirmed on Monday. In the days leading up to …
Ro’s CISO on managing data flows in telehealth
In this Help Net Security interview, Scott Bachand, CIO/CISO at Ro, discusses how telehealth reshapes the flow of patient data and what that means for security. He explains …
AI might be the answer for better phishing resilience
Phishing is still a go-to tactic for attackers, which is why even small gains in user training are worth noticing. A recent research project from the University of Bari looked …
Featured news
Resources
Don't miss
- Attackers are exploiting auth bypass vulnerability on FortiGate firewalls (CVE-2025-59718)
- Why vulnerability reports stall inside shared hosting companies
- Zabbix: Open-source IT and OT observability solution
- How exposure management changes cyber defense
- European police busts Ukraine scam call centers