Patch ToolShell SharePoint zero-day immediately, says Microsoft

Active exploitation of a dangerous zero-day vulnerability chain in Microsoft SharePoint – which was disclosed over the weekend – is underway. Immediate action is advised. Read more »

Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025‑54309)

Unknown attackers have exploited a vulnerability (CVE-2025‑54309) in the CrushFTP enterprise file-transfer server solution to gain administrative access to vulnerable deployments. It’s currently unclear what the attackers are using... Read more »

The Security Interviews: Jason Nurse, University of Kent

Jason Nurse, reader in cyber security at the University of Kent, discusses the psychological side of cyber and online safety, why placing blame on users as ‘the weakest link’... Read more »

Microsoft issues emergency patches for SharePoint zero-days exploited in “ToolShell” attacks

Microsoft patched an exploited SharePoint flaw (CVE-2025-53770) and disclosed a new one, warning of ongoing attacks on on-prem servers. Microsoft released emergency SharePoint updates for two zero-day flaws, tracked... Read more »

Meet the deepfake fraudster who applied to work at a deepfake specialist

A recruiter at voice fraud specialist Pindrop had a shock when they came face-to-face with the same deepfake job candidate not once, but twice. Hear their story and learn... Read more »

SharePoint zero-day CVE-2025-53770 actively exploited in the wild

Microsoft warns of ongoing active exploitation of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770. Microsoft warns of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770 (CVSS score of 9.8), which... Read more »

One year on from the CrowdStrike outage: What have we learned?

A year has passed since the CrowdStrike outage caused widespread disruption to enterprise IT systems and infrastructure, but what – if anything – has been learned from the situation? Read more »

How to land your first job in cybersecurity

According to LinkedIn, job applications have surged over 45% in the past year, with 11,000 applications submitted every minute. This flood of applications is making it harder than ever... Read more »

World Health Organization CISO on securing global health emergencies

In this Help Net Security interview, Flavio Aggio, CISO at the World Health Organization (WHO), explains how the organization prepares for and responds to cyber threats during global health... Read more »

Calico: Open-source solution for Kubernetes networking, security, and observability

Calico is an open-source unified platform that brings together networking, security, and observability for Kubernetes, whether you’re running in the cloud, on-premises, or at the edge. The solution uses... Read more »
Subscribe to our Newsletter