All Recent Posts

Help Net Security

Week in review: WSUS vulnerability exploited to drop Skuld infostealer, PoC for BIND 9 DNS flaw published

November 2, 2025 add comment
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Can your earbuds recognize you? Researchers are working on it Biometric authentication has moved... Read more »
Internet Security

BadCandy Webshell threatens unpatched Cisco IOS XE devices, warns Australian government

November 1, 2025 add comment
Australia warns of attacks on unpatched Cisco IOS XE devices exploiting CVE-2023-20198, allowing BadCandy webshell install. The Australian Signals Directorate (ASD) warns of ongoing attacks on unpatched Cisco IOS XE... Read more »
Internet Security

China-linked UNC6384 exploits Windows zero-day to spy on European diplomats

November 1, 2025 add comment
A China-linked APT group UNC6384 exploits a Windows zero-day in an active cyber espionage targeting European diplomats. Arctic Wolf Labs researchers uncovered a cyber espionage campaign by China-linked APT... Read more »
The Hacker News

Chrome Zero-Day Exploited to Deliver Italian Memento Labs’ LeetAgent Spyware

November 1, 2025 add comment
The zero-day exploitation of a now-patched security flaw in Google Chrome led to the distribution of an espionage-related tool from Italian information technology and services provider Memento Labs, according... Read more »

China-Linked Tick Group Exploits Lanscope Zero-Day to Hijack Corporate Systems

November 1, 2025 add comment
The exploitation of a recently disclosed critical security flaw in Motex Lanscope Endpoint Manager has been attributed to a cyber espionage group known as Tick. The vulnerability, tracked as... Read more »
The Hacker News

New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves

November 1, 2025 add comment
A group of academic researchers from Georgia Tech, Purdue University, and Synkhronix have developed a side-channel attack called TEE.Fail that allows for the extraction of secrets from the trusted... Read more »
Internet Security

Old Linux Kernel flaw CVE-2024-1086 resurfaces in ransomware attacks

October 31, 2025 add comment
CISA warns ransomware gangs exploit CVE-2024-1086, a Linux kernel flaw in netfilter: nf_tables, introduced in 2014 and patched in Jan 2024. CISA warned that ransomware gangs are exploiting CVE-2024-1086,... Read more »
Help Net Security

Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491)

October 31, 2025 add comment
A Windows vulnerability (CVE-2025-9491, aka ZDI-CAN-25373) that state-sponsored threat actors and cybercrime groups have been quietly leveraging since at least 2017 continues to be exploited for attacks. “Arctic Wolf... Read more »
IT Security

European governments opt for open source alternatives to Big Tech encrypted communications

October 31, 2025 add comment
European governments are rolling out decentralised secure messaging and collaboration services as they seek to reduce their reliance on Big Tech companies Read more »
The Hacker News

New AI-Targeted Cloaking Attack Tricks AI Crawlers Into Citing Fake Info as Verified Facts

October 31, 2025 add comment
Cybersecurity researchers have flagged a new security issue in agentic web browsers like OpenAI ChatGPT Atlas that exposes underlying artificial intelligence (AI) models to context poisoning attacks. In the... Read more »
Subscribe to our Newsletter