Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

News

ClickFix
Attackers upgrade ClickFix with tricks used by online stores

Attackers have taken the ClickFix technique further, with pages borrowing tricks from online sellers to pressure victims into performing the steps that will lead to a malware …

Patch Tuesday
November 2025 Patch Tuesday forecast: Windows Exchange Server EOL?

November 2025 Patch Tuesday is now live: Patch Tuesday: Microsoft fixes actively exploited Windows kernel vulnerability (CVE-2025-62215) October 2025 Patch Tuesday was one for …

Rik Mistry
Metrics don’t lie, but they can be misleading when they only tell IT’s side of the story

In this Help Net Security interview, Rik Mistry, Managing Partner at Interval Group, discusses how to align IT strategy with business goals. He explains how security, …

phishing awareness
What keeps phishing training from fading over time

When employees stop falling for phishing emails, it is rarely luck. A new study shows that steady, mandatory phishing training can cut risky behavior over time. After one year …

privacy
Old privacy laws create new risks for businesses

Businesses are increasingly being pulled into lawsuits over how they collect and share user data online. What was once the domain of large tech firms is now a widespread legal …

hospital
Hospitals are running out of excuses for weak cyber hygiene

Healthcare leaders continue to treat cybersecurity as a technical safeguard instead of a strategic business function, according to the 2025 US Healthcare Cyber Resilience …

Infosec products of the week
New infosec products of the week: November 7, 2025

Here’s a look at the most interesting products from the past week, featuring releases from 1touch.io, Barracuda Networks, Bitdefender, Forescout, and Komodor. Bitdefender …

Cisco
Cisco fixes critical UCCX flaws, patch ASAP! (CVE-2025-20358, CVE-2025-20354)

Cisco has fixed two critical vulnerabilities (CVE-2025-20358, CVE-2025-20354) affecting Unified Contact Center Express (UCCX), which may allow attackers to bypass …

SonicWall
SonicWall cloud backup hack was the work of a state actor

Incident responders from Mandiant have wrapped up their investigation into the SonicWall cloud backup service hack, and the verdict is in: the culprit is a state-sponsored …

X
Russia-linked hackers intensify attacks as global APT activity shifts

State-aligned hacking groups have spent the past six months ramping up espionage, sabotage, and cybercrime campaigns across multiple regions, according to ESET’s APT Activity …

OpenGuardrails
OpenGuardrails: A new open-source model aims to make AI safer for real-world use

When you ask a large language model to summarize a policy or write code, you probably assume it will behave safely. But what happens when someone tries to trick it into …

Enterprises are losing track of the devices inside their networks

Security teams are often surprised when they discover the range and number of devices connected to their networks. The total goes far beyond what appears in agent-based …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools