Week in review: LLM package hallucinations harm supply chains, Nagios Log Server flaws fixed

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) Apple has released... Read more »

Attackers exploited SonicWall SMA appliances since January 2025

Threat actors are actively exploiting a remote code execution flaw in SonicWall Secure Mobile Access (SMA) appliances since January 2025. Arctic Wolf researchers warn that threat actors actively exploit... Read more »

ASUS routers with AiCloud vulnerable to auth bypass exploit

ASUS warns of an authentication bypass vulnerability in routers with AiCloud enabled that could allow unauthorized execution of functions on the device. ASUS warns of an authentication bypass vulnerability,... Read more »

The Zoom attack you didn’t see coming

Did you know that when participating in a Zoom call, you can grant permission to other participants to control your computer remotely? While this feature may come in handy... Read more »

U.S. CISA adds Apple products and Microsoft Windows NTLM flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products and Microsoft Windows NTLM flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added... Read more »

Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)

CVE-2021-20035, an old vulnerability affecting Sonicwall Secure Mobile Access (SMA) 100 series appliances, is being exploited by attackers. Sonicwall confirmed it by updating the original security advisory to reflect... Read more »

Entertainment venue management firm Legends International disclosed a data breach

Legends International disclosed a data breach from November 2024 that affected employees and visitors to its managed venues. Legends International is a global leader in sports and entertainment venue... Read more »

PKWARE Quantum Readiness Assessment secures data from quantum computing threats

PKWARE announced its quantum readiness assessment and encryption capabilities to help organizations protect sensitive data from quantum computing threats. Quantum computing is no longer theoretical—it is becoming a powerful reality... Read more »

The UK’s phone theft crisis is a wake-up call for digital security

Phone theft is now commonplace in London. The Met Police recently revealed that it seizes 1,000 stolen phones weekly as it cracks down on organized criminal networks driving the... Read more »

Securing digital products under the Cyber Resilience Act

In this Help Net Security interview, Dr. Dag Flachet, co-founder at Codific, explains what the Cyber Resilience Act (CRA) means for companies and how it compares to GDPR in... Read more »
Subscribe to our Newsletter