All Recent Posts

Help Net Security

Clipping Scripted Sparrow’s wings: Tracking a global phishing ring

December 18, 2025 add comment
Between June 2024 and December 2025, Fortra analysts tracked a persistent business email compromise (BEC) operation that we have now classified as Scripted Sparrow. The group carries out well-crafted... Read more »
Help Net Security

Microsoft 365 users targeted in device code phishing attacks

December 18, 2025 add comment
Attackers are targeting Microsoft 365 users with device code authorization phishing, a technique that fools users into approving access tokens, Proofpoint warns. The method abuses Microsoft’s OAuth 2.0 device... Read more »
Security of TechRepublic

Microsoft December Update Breaks Critical IIS Servers

December 18, 2025 add comment
The security updates delivered through KB5071546 have fundamentally broken Message Queuing (MSMQ) functionality across multiple Windows versions. The post Microsoft December Update Breaks Critical IIS Servers appeared first on... Read more »
Help Net Security

More than half of public vulnerabilities bypass leading WAFs

December 18, 2025 add comment
Miggo Security has released a new report that examines how web application firewalls are used across real-world security programs. The research outlines the role WAFs play as foundational infrastructure... Read more »
Internet Security

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

December 18, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple and... Read more »
Help Net Security

Group Policy abuse reveals China-aligned espionage group targeting governments

December 18, 2025 add comment
ESET Research has identified a previously undocumented China-aligned advanced persistent threat group that uses Windows Group Policy to deploy malware and move through victim networks. The group, tracked as... Read more »
Internet Security

GhostPairing campaign abuses WhatsApp device linking to hijack accounts

December 18, 2025 add comment
Attackers abuse WhatsApp’s device-linking feature to hijack accounts via pairing codes in the GhostPairing campaign. Attackers are exploiting WhatsApp’s device-linking feature to hijack accounts using pairing codes in a... Read more »
Security of TechRepublic

Chinese Hackers Breach Cisco’s Email Security Systems

December 18, 2025 add comment
The Chinese threat group, tracked as UAT-9686, has deployed a collection of custom-built hacking tools to maintain persistent access to compromised systems. The post Chinese Hackers Breach Cisco’s Email... Read more »
Help Net Security

Concentric AI expands Private Scan Manager with Azure support for regulated industries

December 18, 2025 add comment
Concentric AI announced expanded Private Scan Manager functionality in its Semantic Intelligence data security governance platform. Customers now have the ability to deploy Semantic Intelligence within their own private... Read more »
Help Net Security

Push Security detects and blocks malicious copy-and-paste activity

December 18, 2025 add comment
Push Security announced the release of a new feature designed to tackle one of the fastest-growing cyber threats: ClickFix-style attacks. The company’s latest innovation, malicious copy-and-paste detection, blocks users... Read more »
Subscribe to our Newsletter