More results...
A critical security vulnerability (CVE-2026-2329) in Grandstream VoIP phones could let hackers remotely take full control of the devices and even intercept calls, Rapid7 researchers discovered. “The vulnerability is present in the device’s …
ESET researchers have discovered PromptSpy, the first known Android malware to abuse generative AI as part of its execution flow in order to achieve persistence. This marks the first time generative AI has been deployed in this way. Because the attacke…
On June 1, 2025, Ukraine launched a coordinated drone strike on five airfields inside Russia, disabling or destroying aircrafts. The attack involved more than 100 drones carrying explosive payloads and targeting aircraft on the ground. The drones used …
A suspected China-linked cyberespionage group has been covertly exploiting a critical zero-day flaw (CVE-2026-22769) in Dell’s RecoverPoint for Virtual Machines software since at least mid-2024, according to new research from Google’s threat intelligen…
For years, ransomware encryption functioned as the industry’s alarm bell. When systems locked up, defenders knew an attack had occurred. Not anymore. New empirical data show that attackers are actively dismantling that signal. According to Picus Securi…
Threat actors have leveraged legitimate email notification feature of Atlassian Jira to deliver localized scam emails at scale. The emails From late December 2025 through late January 2026, victims were targeted with spam emails from legitimate-looking…
Notepad++, the popular text and source code editor for Windows whose update mechanism was hijacked last year,
The post Notepad++ secures update channel in wake of supply chain compromise appeared first on Help Net Security.
Attackers often gain access through routine workflows like email logins, browser sessions, and SaaS integrations. A single stolen credential can give them a quick path to move across systems when access permissions are broad and visibility is fragmente…
Cyber threats against the defense industrial base (DIB) are intensifying, with adversaries shifting from traditional espionage toward operations designed to disrupt production capacity and compromise supply chains. In this Help Net Security interview, …
Enterprise security teams rely on open source across infrastructure, development pipelines, and production applications, even when they do not track it as a separate category of technology. Open source has become a default building block in many enviro…