Microsoft fixes “BadSuccessor” Kerberos vulnerability (CVE-2025-53779)

For August 2025 Patch Tuesday, Microsoft has released security updates resolving 100+ security vulnerabilities in its various solutions, including a relative path traversal flaw in Windows Kerberos (CVE-2025-53779) that... Read more »

BlackSuit ransomware payment recovered in takedown operation

US authorities reveal how over a million dollars’ worth of cryptocurrency assets laundered by the BlackSuit ransomware gang were seized ahead of a July takedown operation Read more »

Fortinet warns about FortiSIEM vulnerability with in-the-wild exploit code (CVE-2025-25256)

Fortinet has released patches for a critical OS command injection vulnerability (CVE-2025-25256) in FortiSIEM, after practical exploit code surfaced in the wild. About CVE-2025-25256 FortiSIEM is a security information... Read more »

Charon Ransomware targets Middle East with APT attack methods

New Charon ransomware targets Middle East public sector and aviation, using APT-style tactics, EDR evasion, and victim-specific ransom notes. Cybersecurity researchers have discovered a new campaign that employs a... Read more »

What the UK’s ransomware crackdown signals for Europe

The UK government is forging a bold path as it aims to ban ransomware payments from certain organisations. Its actions could herald an inflexion point in Europe’s broader response... Read more »

What is security theater?

Security theater refers to highly visible security measures that create the illusion of increased safety but don’t stop threats. Read more »

What is governance, risk and compliance (GRC)?

Governance, risk and compliance (GRC) refers to an organization’s strategy, or framework, for handling the interdependencies of the following three components: corporate governance policies, enterprise risk management programs, and... Read more »

WinRAR Zero-Day Exploited by Russian-Linked Hackers RomCom and Paper Werewolf

Older WinRAR versions let malicious archives override the user-specified path via crafted archives, enabling stealthy system compromise. Read more »

Hackers leak 2.8M sensitive records from Allianz Life in Salesforce data breach

Hackers leaked 2.8M sensitive records from Allianz Life, exposing data on business partners and customers in ongoing Salesforce data theft attacks. Hackers leaked 2.8 million sensitive records of US... Read more »

AWS CISO explains how cloud-native security scales with your business

In this Help Net Security interview, Amy Herzog, CISO at AWS, discusses how cloud-native security enables scalable, flexible protection that aligns with how teams build in the cloud. She... Read more »
Subscribe to our Newsletter