Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824)
April 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 120+ vulnerabilities, including a zero-day (CVE-2025-29824) that’s under active attack.
WinRAR MotW bypass flaw fixed, update ASAP (CVE-2025-31334)
WinRAR users, upgrade your software as soon as possible: a vulnerability (CVE-2025-31334) that could allow attackers to bypass Windows’ Mark of the Web (MotW) security warning and execute arbitrary code on your machine has been fixed in version 7.11.
CISOs battle security platform fatigue
It starts with good intentions. A tool to stop phishing. Another to monitor endpoints. One more for cloud workloads. Soon, a well-meaning CISO finds themselves managing dozens of products across teams, each with its own dashboard, alerts, and licensing headaches.
Trump orders revocation of security clearances for Chris Krebs, SentinelOne
US President Donald Trump has signed an Executive Order on Wednesday to revoke security clearance held by Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency (CISA), and his colleagues at SentinelOne.
Why CISOs are doubling down on cyber crisis simulations
Cyber threats aren’t going away, and CISOs know prevention isn’t enough. Being ready to respond is just as important. Cyber crisis simulations offer a way to test that readiness.
FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887)
Fortinet has released patches for flaws affecting many of its products, among them a critical vulnerability (CVE-2024-48887) in its FortiSwitch appliances that could allow unauthenticated attackers to gain access to and administrative privileges on vulnerable devices.
Why security culture is crypto’s strongest asset
In this Help Net Security interview, Norah Beers, CISO at Grayscale, discusses key security challenges in managing crypto assets, adversary tactics, private key management, and securing both hot and cold wallets.
WhatsApp vulnerability could be used to infect Windows users with malware (CVE-2025-30401)
WhatsApp users are urged to update the Windows client app to plug a serious security vulnerability (CVE-2025-30401) that may allow attackers to trick users into running malicious code.
Transforming cybersecurity into a strategic business enabler
In this Help Net Security interview, Kevin Serafin, CISO at Ecolab, discusses aligning security strategy with long-term business goals, building strong partnerships across the organization, and approaching third-party risk with agility.
RCE flaw in MSP-friendly file sharing platform exploited by attackers (CVE-2025-30406)
A critical RCE vulnerability (CVE-2025-30406) affecting the Gladinet CentreStack file-sharing/remote access platform has been added to CISA’s Known Exploited Vulnerabilities catalog on Tuesday.
Observability is security’s way back into the cloud conversation
In this Help Net Security interview, Esteban Gutierrez, CISO and VP of Information Security at New Relic, discusses how the adoption of cloud infrastructure is outpacing security readiness.
The shift to identity-first security and why it matters
In this Help Net Security interview, Arun Shrestha, CEO at BeyondID, discusses how AI is transforming secure access management for both attackers and defenders.
How to find out if your AI vendor is a security risk
One of the most pressing concerns with AI adoption is data leakage. Consider this: An employee logs into their favorite AI chatbot, pastes sensitive corporate data, and asks for a summary. Just like that, confidential information is ingested into a third-party model beyond your control.
Review: The Ultimate Kali Linux Book, Third Edition
Packed with real-world scenarios, hands-on techniques, and insights into widely used tools, the third edition of the bestselling Ultimate Kali Linux Book offers a practical path to learning penetration testing with Kali Linux.
Excessive agency in LLMs: The growing risk of unchecked autonomy
For an AI agent to “think” and act autonomously, it must be granted agency; that is, it must be allowed to integrate with other systems, read and analyze data, and have permissions to execute commands.
APTRS: Open-source automated penetration testing reporting system
APTRS is an open-source reporting tool built with Python and Django. It’s made for penetration testers and security teams who want to save time on reports.
The rise of compromised LLM attacks
In this Help Net Security video, Sohrob Kazerounian, Distinguished AI Researcher at Vectra AI, discusses how the ongoing rapid adoption of LLM-based applications has already introduced new cybersecurity risks.
YES3 Scanner: Open-source S3 security scanner for public access, ransomware protection
YES3 Scanner is an open-source tool that scans and analyzes 10+ different configuration items for your S3 buckets in AWS.
OpenSSL prepares for a quantum future with 3.5.0 release
The OpenSSL Project has released version 3.5.0 of its widely used open-source cryptographic library, introducing new features and notable changes that signal its evolution toward future-ready cryptography.
Phishing, fraud, and the financial sector’s crisis of trust
The financial sector is under growing pressure from advanced phishing attacks and fraud, causing major financial losses and eroding customer trust.
Cyberattacks on water and power utilities threaten public safety
62% of utility operators were targeted by cyberattacks in the past year, and of those, 80% were attacked multiple times, according to Semperis.
From likes to leaks: How social media presence impacts corporate security
From a psychological standpoint, we all crave attention, and likes and comments fuel that need, encouraging us to share even more on social media.
Why remote work is a security minefield (and what you can do about it)
Remote work is seen as more than a temporary solution, it’s a long-term strategy for many organizations.
Cybersecurity jobs available right now: April 8, 2025
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.
11 cyber defense tips to stay secure at work and home
Cybersecurity is inextricably tied to the technology it protects. Just as technology continues to grow in variety, quantity, and presence in all of our lives, so too does cybersecurity and our personal responsibility for it.
Enzoic AD Lite Password Audit Report
Enzoic for AD Lite Password Auditor is an innovative tool designed to integrate with an organization’s Active Directory environment seamlessly.
New infosec products of the week: April 11, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Forescout, Index Engines, Jit, RunSafe Security, and Seal Security.