LinkedIn expands company verification, mandates workplace checks for certain roles
LinkedIn is rolling out new verification rules to make it easier to confirm that people and companies are who they claim to be. The company will now require workplace …
macOS vulnerability allowed Keychain and iOS app decryption without a password
Today at Nullcon Berlin, a researcher disclosed a macOS vulnerability (CVE-2025-24204) that allowed attackers to read the memory of any process, even with System Integrity …
Sitecore zero-day vulnerability exploited by attackers (CVE-2025-53690)
A threat actor is leveraging a zero-day vulnerability (CVE-2025-53690) and an exposed sample ASP.NET machine key to breach internet-facing, on-premises deployments of several …
New threat group uses custom tools to hijack search results
ESET Research has identified a new threat group called GhostRedirector. In June 2025, this group broke into at least 65 Windows servers, mostly in Brazil, Thailand, Vietnam, …
Cutting through CVE noise with real-world threat signals
CISOs are dealing with an overload of vulnerability data. Each year brings tens of thousands of new CVEs, yet only a small fraction ever become weaponized. Teams often fall …
Attackers are turning Salesforce trust into their biggest weapon
Salesforce has become a major target for attackers in 2025, according to new WithSecure research into threats affecting customer relationship management (CRM) platforms. The …
DDoS attacks serve as instruments of political influence and disruption
In the first half of 2025, there were 8,062,971 DDoS attacks worldwide, with EMEA taking the brunt at 3.2 million attacks, according to Netscout. Peak attacks reached speeds …
Cloudflare confirms data breach linked to Salesloft Drift supply chain compromise
Cloudflare has also been affected by the Salesloft Drift breach, the US web infrastructure and security company confirmed on Tuesday, and the attackers got their hands on 104 …
BruteForceAI: Free AI-powered login brute force tool
BruteForceAI is a penetration testing tool that uses LLMs to improve the way brute-force attacks are carried out. Instead of relying on manual setup, the tool can analyze HTML …
How gaming experience can help with a cybersecurity career
Many people might not think that playing video games could help build a career in cybersecurity. Yet the skills gained through gaming, even if they don’t seem relevant at …
Detecting danger: EASM in the modern security stack
In today’s complex threat environment, the challenge for security professionals isn’t just defeating threats, it’s finding your vulnerabilities in the first place. That’s …
Five habits of highly secure development teams
In this Help Net Security video, Brendon Collins, Principal Consultant at Optiv, explores how organizations can embed security and privacy into the software development …
Featured news
Resources
Don't miss
- RansomHub claims alleged breach of Apple partner Luxshare
- Linux users targeted by crypto thieves via hijacked apps on Snap Store
- Pro-Russian hacktivist campaigns continue against UK organizations
- Cybercriminals speak the language young people trust
- Bandit: Open-source tool designed to find security issues in Python code