Author: PulauWin

Help Net Security

Crypto theft in 2025: North Korean hackers continue to dominate

December 18, 2025 add comment
When they strike cryptocurrency-related targets, North Korean hacking groups are increasingly aiming for large services where a single breach can move serious money, a new Chainalysis report on crypto... Read more »
Help Net Security

Apiiro unveils AI SAST built on deep code analysis to eliminate false positives

December 18, 2025 add comment
Apiiro introduced Apiiro AI SAST, a new approach to static application security testing (SAST) that automates code risk detection, validation and fixes with the precision and cognitive process of... Read more »
Help Net Security

AppGate extends zero trust to secure AI workloads with Agentic AI Core Protection

December 18, 2025 add comment
AppGate announced the launch of Agentic AI Core Protection, a new capability within AppGate ZTNA designed to secure AI workloads deployed in enterprise core environments across on-prem and cloud... Read more »
Help Net Security

Clipping Scripted Sparrow’s wings: Tracking a global phishing ring

December 18, 2025 add comment
Between June 2024 and December 2025, Fortra analysts tracked a persistent business email compromise (BEC) operation that we have now classified as Scripted Sparrow. The group carries out well-crafted... Read more »
Help Net Security

Microsoft 365 users targeted in device code phishing attacks

December 18, 2025 add comment
Attackers are targeting Microsoft 365 users with device code authorization phishing, a technique that fools users into approving access tokens, Proofpoint warns. The method abuses Microsoft’s OAuth 2.0 device... Read more »
Security of TechRepublic

Microsoft December Update Breaks Critical IIS Servers

December 18, 2025 add comment
The security updates delivered through KB5071546 have fundamentally broken Message Queuing (MSMQ) functionality across multiple Windows versions. The post Microsoft December Update Breaks Critical IIS Servers appeared first on... Read more »
Help Net Security

More than half of public vulnerabilities bypass leading WAFs

December 18, 2025 add comment
Miggo Security has released a new report that examines how web application firewalls are used across real-world security programs. The research outlines the role WAFs play as foundational infrastructure... Read more »
Internet Security

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

December 18, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple and... Read more »
Help Net Security

Group Policy abuse reveals China-aligned espionage group targeting governments

December 18, 2025 add comment
ESET Research has identified a previously undocumented China-aligned advanced persistent threat group that uses Windows Group Policy to deploy malware and move through victim networks. The group, tracked as... Read more »
Internet Security

GhostPairing campaign abuses WhatsApp device linking to hijack accounts

December 18, 2025 add comment
Attackers abuse WhatsApp’s device-linking feature to hijack accounts via pairing codes in the GhostPairing campaign. Attackers are exploiting WhatsApp’s device-linking feature to hijack accounts using pairing codes in a... Read more »
Subscribe to our Newsletter