The hidden risks inside open-source code
Open-source software is everywhere. It runs the browsers we use, the apps we rely on, and the infrastructure that keeps businesses connected. For many security…
Month: September 2025
CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems
Sep 30, 2025Ravie LakshmananVulnerability / Linux The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting the Sudo command-line…
Industry groups worry about cyber info sharing
The US federal law that facilitates a significant portion of information sharing between the federal government and private sector is likely to expire October 1…
Apple Font Parser Vulnerability Enables Malicious Fonts to Crash or Corrupt Process Memory
Apple has rolled out security updates across its operating systems to address a vulnerability in the Font Parser component that could allow malicious fonts to…
New Harrods Data Breach Leaks Personal Information of 430,000 Customers
Luxury department store Harrods has become the latest victim of a significant cybersecurity incident after hackers successfully accessed personal data belonging to 430,000 customers. The prestigious London retailer…
Cyber risk quantification helps CISOs secure executive support
In this Help Net Security interview, Vivien Bilquez, Global Head of Cyber Resilience at Zurich Resilience Solutions, discusses how organizations are rethinking cyber resilience. He…
Asahi Group production impacted by cyberattack
Japanese beer and beverage giant Asahi Group Holdings has not been able to resume production at domestic factories a day after a cyberattack and cannot…
Hackers Distribute Malicious Microsoft Teams Build to Steal Remote Access
Cybersecurity researchers have identified a sophisticated campaign where threat actors are using malicious advertisements and search engine optimization poisoning to distribute fake Microsoft Teams installers…
Keeping the internet afloat: How to protect the global cable network
The resilience of the world’s submarine cable network is under new pressure from geopolitical tensions, supply chain risks, and slow repair processes. A new report…
Singtel says Optus CEO needs time to fix issues
Optus’s CEO will need more time to turn around the embattled telecom carrier, the boss of its parent Singapore Telecommunications, who is in Australia to…
DevOps1 acquires Innablr to scale up
Australian consultancy DevOps1 has acquired cloud engineering firm Innablr, marking a major step in its strategy to build a scaled local alternative to the global…
First malicious MCP server for AI found
Security researchers have spotted what they think is the world’s first malicious model context protocol (MCP) server, made available as open source on Microsoft owned…