Security News > 2025 > April

Hackers don't break in—they log in. Credential-based attacks now fuel nearly half of all breaches. Learn how to scan your Active Directory for compromised passwords and stop attackers before they...

Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links. [...]

A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. "Attackers increasingly rely on such complex delivery mechanisms to evade...

CVE-2021-20035, an old vulnerability affecting Sonicwall Secure Mobile Access (SMA) 100 series appliances, is being exploited by attackers. Sonicwall confirmed it by updating the original security...

MITRE, EUVD, GCVE … WTF? Comment The splintering of the global system for identifying and tracking security bugs in technology products has begun.…

Your employees didn’t mean to expose sensitive data. They just wanted to move faster. So they used ChatGPT to summarize a deal. Uploaded a spreadsheet to an AI-enhanced tool. Integrated a chatbot...

Cybersecurity researchers are warning of continued risks posed by a distributed denial-of-service (DDoS) malware known as XorDDoS, with 71.3 percent of the attacks between November 2023 and...

Phone theft is now commonplace in London. The Met Police recently revealed that it seizes 1,000 stolen phones weekly as it cracks down on organized criminal networks driving the £50 million trade....

In this Help Net Security interview, Dr. Dag Flachet, co-founder at Codific, explains what the Cyber Resilience Act (CRA) means for companies and how it compares to GDPR in terms of regulatory...

Should we negotiate? Should we pay? These are the questions every organization faces when cybercriminals lock their data. By the time attackers have encrypted your systems, the focus shifts from...