Security News > 2025 > March

A newly uncovered ClickFix phishing campaign is tricking victims into executing malicious PowerShell commands that deploy the Havok post-exploitation framework for remote access to compromised...

Threat actors are targeting Amazon Web Services (AWS) environments to push out phishing campaigns to unsuspecting targets, according to findings from Palo Alto Networks Unit 42. The cybersecurity...

The growth of AI-based technology has introduced new challenges, making remote identity verification systems more vulnerable to attacks, according to iProov. Innovative and easily accessible tools...

On Monday, the United Kingdom's privacy watchdog announced that it is investigating TikTok, Reddit, and Imgur because of privacy concerns about how they are processing children's data. [...]

Ghost positions, HR AI no help – biz should talk to infosec staff and create 'realistic' job outline, say experts Analysis It's a familiar refrain in the security industry that there is a massive...

In this Help Net Security video, Tim Morris, Chief Security Advisor at Tanium, shares practical best practices to help organizations balance innovation and security while leveraging AI. Morris...

​Microsoft says a coding issue is behind a now-resolved Microsoft 365 outage over the weekend that affected Outlook and Exchange Online authentication. [...]

Cybersecurity researchers are calling attention to a new phishing campaign that employs the ClickFix technique to deliver an open-source command-and-control (C2) framework called Havoc. "The...

The U.K.'s Information Commissioner's Office (ICO) has opened an investigation into online platforms TikTok, Reddit, and Imgur to assess the steps they are taking to protect children between the...

Threat actors have been exploiting a security vulnerability in Paragon Partition Manager's BioNTdrv.sys driver in ransomware attacks to escalate privileges and execute arbitrary code. The zero-day...