More results...
Google has released a security update for the Chrome stable channel to fix a zero‑day vulnerability (CVE-2025-10585) reported by its Threat Analysis Group (TAG) on Tuesday. “Google is aware that an exploit for CVE-2025-10585 exists in the wild,” …
In this Help Net Security interview, Daniel Stenberg, lead developer od cURL, discusses how the widely used tool remains secure across billions of devices, from cloud services to IoT. He shares insights into cURL’s decades-long journey of testing, revi…
Today’s SOCs face an impossible equation: too much noise, too many gaps, and too few hands. Detection coverage gaps leave companies exposed, false positives overwhelm analysts, manual investigations eat up valuable hours from the most expensive assets …
Despite having been discovered and reported in 2014, the vulnerability that allows pixie dust attacks still impacts consumer and SOHO networking equipment around the world, Netrise researchers have confirmed. WPS and the pixie dust attack Wi-Fi Protect…
Microsoft and Cloudflare have disrupted a Phishing-as-a-Service operation selling the RaccoonO365 kit for stealing Microsoft 365 account credentials. “Using a court order granted by the Southern District of New York, [we] seized 338 websites asso…
Researchers have introduced a new way to study and defend against ICS threats. Their project, called ICSLure, is a honeynet built to closely mimic a real industrial environment. Why traditional honeypots fall short Honeypots are systems designed to att…
In this Help Net Security interview, Marco Goldberg, Managing Director at EQS Group, discusses how compliance and regulation are evolving worldwide. He talks about how organizations can stay compliant with international rules while keeping their system…
The Electronic Frontier Foundation (EFF) has released Rayhunter, a new open-source tool designed to detect cell site simulators (CSS). These devices, also known as IMSI catchers or Stingrays, mimic cell towers to trick phones into connecting so they ca…
In this Help Net Security video, Jérôme Segura, VP of Threat Research at Datadome, explains why intent, not just identifying bots, must be the new focus for cybersecurity teams. He explores how advanced AI agents and sophisticated bots blur the line be…
A potentially monumental supply chain attack is underway, thanks to a self-replicating worm-like payload that has been compromising packages published on the npm Registry. The worm has been dubbed “Shai-hulud” as it steals credentials from …