Too many Cisco ASA firewalls still unsecure despite zero-day attack alerts
Despite Cisco and various cybersecurity agencies warning about attackers actively exploting zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) in Cisco Adaptive …
Hackers love LOTL, this approach shuts them down
Every time cyber defenders and companies discover new ways to block intrusions, attackers change their tactics and find a way around the defenses. “Living off the …
A2AS framework targets prompt injection and agentic AI security risks
AI systems are now deeply embedded in business operations, and this introduces new security risks that traditional controls are not built to handle. The newly released A2AS …
Biometric spoofing isn’t as complex as it sounds
Biometric technologies were originally designed to improve security and streamline authentication, but they’re often misused in ways most people don’t notice. Like any system, …
How to stop a single vendor breach from taking down your business
In this Help Net Security video, William Dixon, Senior Executive at Intel 471, examines the future of third-party cyber risk and why it is a growing concern for organizations …
Ransomware remains the leading cause of costly cyber claims
Cyber threats are shifting in 2025, and while large companies are still targets, attackers are turning their attention to smaller and mid-sized firms. According to Allianz’s …
CISA says it will fill the gap as federal funding for MS-ISAC dries up
The cooperative agreement between the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the not-for-profit Center for Internet Security is ending today, the …
Webinar: The BAS Summit 2025: Redefining Attack Simulation through AI
Join Picus Security, SANS, Hacker Valley, and leading CISOs at The BAS Summit 2025 to learn how AI is redefining Breach and Attack Simulation (BAS) and why it’s becoming the …
Western Digital My Cloud NAS devices vulnerable to unauthenticated RCE (CVE-2025-30247)
Western Digital has fixed a critical remote code execution vulnerability (CVE-2025-30247) in the firmware powering its My Cloud network-attached storage (NAS) devices, and has …
The hidden risks inside open-source code
Open-source software is everywhere. It runs the browsers we use, the apps we rely on, and the infrastructure that keeps businesses connected. For many security leaders, it is …
Cyber risk quantification helps CISOs secure executive support
In this Help Net Security interview, Vivien Bilquez, Global Head of Cyber Resilience at Zurich Resilience Solutions, discusses how organizations are rethinking cyber …
Your budget Android phone might be spying on you
Researchers have found that many low-cost Android devices come with pre-installed apps that have high-level access to the system. Unlike apps from the Google Play Store, many …
Featured news
Resources
Don't miss
- Ivanti EPMM exploitation: Researchers warn of “sleeper” webshells
- Microsoft begins Secure Boot certificate update for Windows devices
- Microsoft Patch Tuesday: 6 exploited zero-days fixed in February 2026
- That “summarize with AI” button might be manipulating you
- Groupe Rocher CISO on strengthening a modern retail cybersecurity strategy