Week in review: Exploited Citrix Bleed vulnerability, Atlassian patches critical Confluence bug
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: AI threat landscape: Model theft and inference attacks emerge as top concerns …
KandyKorn macOS malware lobbed at blockchain engineers
North Korean hackers are using novel MacOS malware named KandyKorn to target blockchain engineers of a cryptocurrency exchange platform. The attack By impersonating blockchain …
Microsoft launches new initiative to augment security
Nearly 22 years after Bill Gates announced a concerted Microsoft-wide push to deliver Trustworthy Computing, the company is launching the Secure Future Initiative, to boost …
New infosec products of the week: November 3, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Action1, Enzoic, Immuta, and Snappt. Immuta Discover identifies and classifies …
Healthcare’s road to redefining cybersecurity with modern solutions
The rate of data encryption following a ransomware attack in healthcare was the highest in the last three years, according to Sophos. Ransomware attacks continue to grow in …
Financial organizations embrace automation for enhanced security
The security performance of financial applications generally outperforms other industries, with automation, targeted security training, and scanning via Application …
AI is transforming financial crime compliance
While 86% of compliance, operations, risk and IT professionals at banks and non-banking financial institutions (NBFIs) surveyed said they would increase spending on AI and ML …
Attackers exploiting Apache ActiveMQ flaw to deliver ransomware (CVE-2023-46604)
Ransomware-wielding attackers are trying to break into servers running outdated versions of Apache ActiveMQ by exploiting a recently fixed vulnerability (CVE-2023-46604). …
F5 BIG-IP vulnerabilities leveraged by attackers: What to do?
The two BIG-IP vulnerabilities (CVE-2023-46747, CVE-2023-46748) F5 Networks has recently released hotfixes for are being exploited by attackers in the wild, the company has …
MITRE ATT&CK v14 released
MITRE has released MITRE ATT&CK v14, the newest iteration of its popular investigation framework / knowledge base of tactics and techniques employed by cyber attackers. …
Cybersecurity workforce shortages: 67% report people deficits
The global cybersecurity workforce has reached 5.5 million people, an 8.7% increase from 2022, representing 440,000 new jobs, according to ISC2. While this is the highest …
How human behavior research informs security strategies
In this Help Net Security interview, Kai Roer, CEO at Praxis Security Labs, explores the theoretical underpinnings, practical implications, and the crucial role of human …
Featured news
Resources
Don't miss
- January 2026 Patch Tuesday forecast: And so it continues
- How AI agents are turning security inside-out
- Security teams are paying more attention to the energy cost of detection
- Recently fixed HPE OneView flaw is being exploited (CVE-2025-37164)
- PoC released for unauthenticated RCE in Trend Micro Apex Central (CVE-2025-69258)