Europe’s phone networks are drowning in fake calls
Caller ID spoofing has become one of Europe’s most persistent enablers of cyber fraud. A new position paper from Europol warns that manipulated phone identities now drive much …
Week in review: WSUS vulnerability exploited to drop Skuld infostealer, PoC for BIND 9 DNS flaw published
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Can your earbuds recognize you? Researchers are working on it Biometric …
Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491)
A Windows vulnerability (CVE-2025-9491, aka ZDI-CAN-25373) that state-sponsored threat actors and cybercrime groups have been quietly leveraging since at least 2017 continues …
CISA and partners take action as Microsoft Exchange security risks mount
In partnership with international cybersecurity agencies, the US Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) outlined …
Shadow AI: New ideas emerge to tackle an old problem in new form
Shadow AI is the second-most prevalent form of shadow IT in corporate environments, 1Password’s latest annual report has revealed. Based on a survey of over 5,000 …
AI chatbots are sliding toward a privacy crisis
AI chat tools are taking over offices, but at what cost to privacy? People often feel anonymous in chat interfaces and may share personal data without realizing the risks. …
You can’t audit how AI thinks, but you can audit what it does
In this Help Net Security interview, Wade Bicknell, Head, IT Security & Operations, CFA Institute, discusses how CISOs can use AI while maintaining security and …
Passwordless adoption moves from hype to habit
With the average person juggling more than 300 credentials and credential abuse still the top attack vector, the password’s decline is long overdue. Across every major sector, …
The secret to audit success? Think like your auditor
In this Help Net Security video, Doug Kersten, CISO at Appfire, shares practical, experience-driven advice on how CISOs can avoid the most common mistakes when preparing for …
Infosec products of the month: October 2025
Here’s a look at the most interesting products from the past month, featuring releases from: Acronis, Akeyless, Axoflow, Blumira, Cayosoft, Confluent, Corelight, Elastic, …
WhatsApp now lets you secure chat backups with passkeys
Messaging service WhatsApp is launching passkey-encrypted chat backups for iOS and Android, allowing users to encrypt their stored message history using their face, …
Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287)
Attackers have been spotted exploiting the recently patched WSUS vulnerability (CVE-2025-59287) to deploy infostealer malware on unpatched Windows servers. An out-of-band …
Featured news
Resources
Don't miss
- Enterprise security faces a three-front war: cybercrime, AI misuse, and supply chains
- Rakuten Viber CISO/CTO on balancing encryption, abuse prevention, and platform resilience
- Turning cyber metrics into decisions leaders can act on
- Teaching cybersecurity by letting students break things
- There was no data breach, Instagram says