BlueToolkit: Open-source Bluetooth Classic vulnerability testing framework
BlueToolkit is an open-source tool that helps find security flaws in Bluetooth Classic devices. It runs known and custom exploits to test if a device is vulnerable. Right now, …
Only 1% of malicious emails that reach inboxes deliver malware
99% of email threats reaching corporate user inboxes in 2024 were response-based social engineering attacks or contained phishing links, according to Fortra. Only 1% of …
Your smart home may not be as secure as you think
The Internet of Things (IoT) has become a major part of daily life. Smartphones, smart thermostats, security cameras, and other connected devices make tasks easier and improve …
Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825)
Exploitation attempts targeting the CVE-2025-2825 vulnerability on internet-facing CrushFTP instances are happening, the Shadowserver Foundation has shared on Monday, and the …
Building a reasonable cyber defense program
If you do business in the United States, especially across state lines, you probably know how difficult it is to comply with U.S. state data privacy laws. The federal …
Attackers are probing Palo Alto Networks GlobalProtect portals
Cybersecurity company GreyNoise is warning about a significant increase of scanning activity targeting internet-facing Palo Alto Networks GlobalProtect portals in the last 30 …
Why global tensions are a cybersecurity problem for every business
With global tensions climbing, cyber attacks linked to nation-states and their allies are becoming more common, sophisticated, and destructive. For organizations, …
How to build an effective cybersecurity simulation
Most people groan at the prospect of security training. It’s typically delivered through dull online videos or uninspiring exercises that fail to capture real-world urgency. …
The human side of insider threats: People, pressure, and payback
While cybercriminals are often in the spotlight, one of the most dangerous threats to your company might be hiding in plain sight, within your own team. Employees, …
Generative AI is reshaping financial fraud. Can security keep up?
In this Help Net Security interview, Yinglian Xie, CEO at DataVisor, explains how evolving fraud tactics require adaptive, AI-driven prevention strategies. With fraudsters …
Cybersecurity jobs available right now: April 1, 2025
Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. Cloud Security Engineer Fexco | Ireland | Hybrid …
CISA reveals new malware variant used on compromised Ivanti Connect Secure devices
CISA has released indicators of compromise, detection signatures, and updated mitigation advice for rooting out a newly identified malware variant used by the attackers who …
Featured news
Resources
Don't miss
- LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks
- Training an AI agent to attack LLM applications like a real adversary
- You don’t have to choose between BAS or automated pentesting, you shouldn’t
- Why your phishing simulations aren’t building a security culture
- Your security stack looks fine from the dashboard and that’s the problem