Kelly Benefits data breach has impacted 550,000 people
Kelly Benefits data breach has impacted 550,000 people, and the situation continues to worsen as the investigation progresses Pierluigi Paganini July 03, 2025 A data…
Month: July 2025
What CISA’s BOD 25-01 Means for API Security and How Wallarm Can Help
The US government has taken another significant step towards strengthening cloud security with the release of CISA’s Binding Operational Directive (BOD) 25-01. Aimed at improving…
Apache Seata Flaw Enables Deserialization of Untrusted Data
A newly disclosed vulnerability in Apache Seata, a popular open-source distributed transaction solution, has raised security concerns for organizations relying on affected versions. The flaw,…
Ethereum’s Pivotal Role in Decentralized Finance Evolution
Once upon a time, say, 2016, Ethereum was a curious new arrival in the crypto space. It promised more than digital gold. It whispered of…
Healthcare CISOs must secure more than what’s regulated
In this Help Net Security interview, Henry Jiang, CISO at Ensora Health, discusses what it really takes to make DevSecOps work in healthcare. He explains…
Surge in LNK File Weaponization by 50%, Fueling Four Major Malware Types
The weaponization of Windows shortcut (LNK) files for malware distribution has increased by an astounding 50%, according to telemetry data, with dangerous samples rising from…
StealthMACsec strengthens Ethernet network security
StealthCores launched StealthMACsec, a comprehensive IEEE 802.1AE compliant MACsec engine that brings advanced side-channel countermeasures to Ethernet network security. Building on the proven security foundation…
GitPhish: Open-source GitHub device code flow security assessment tool
GitPhish is an open-source security research tool built to replicate GitHub’s device code authentication flow. It features three core operating modes: an authentication server, automated…
ModSecurity WAF Vulnerability Enables DoS Using Empty XML Elements
A newly disclosed vulnerability in ModSecurity, a widely used open-source web application firewall (WAF), exposes servers to denial-of-service (DoS) attacks by exploiting a flaw in…
Cyberattacks are draining millions from the hospitality industry
Every day, millions of travelers share sensitive information like passports, credit card numbers, and personal details with hotels, restaurants, and travel services. This puts pressure…
Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials
Jul 03, 2025Ravie LakshmananVulnerability / Network Security Cisco has released security updates to address a maximum-severity security flaw in Unified Communications Manager (Unified CM) and…
Cisco Patches Critical CVE-2025-20309 Root Access Flaw
Cisco has issued a new security advisory addressing a severe vulnerability in its Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition…