Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
Salesloft Drift data breach: Investigation reveals how attackers got in
The attack that resulted in the Salesloft Drift data breach started with the compromise of the company’s GitHub account, Salesloft confirmed.
Ongoing malvertising campaign targets European IT workers with fake GitHub Desktop installers
Researchers have spotted a malvertising (and clever malware delivery) campaign targeting IT workers in the European Union with fake GitHub Desktop installers.
Cybersecurity research is getting new ethics rules, here’s what you need to know
Top cybersecurity conferences are introducing new rules that require researchers to formally address ethics in their work.
CISA looks to partners to shore up the future of the CVE Program
The US Cybersecurity and Infrastructure Security Agency (CISA) has affirmed its continuing support for the Common Vulnerabilities and Exposures (CVE) program.
Connected cars are racing ahead, but security is stuck in neutral
Connected cars are already on Europe’s roads, loaded with software, sensors, and constant data connections. Drivers love the features these vehicles bring, from remote apps to smart navigation, but each new connection also opens a door to potential cyber risks.
Nearly 500 researchers urge EU to rethink controversial CSAM scanning proposal
Nearly 500 scientists and researchers have signed an open letter warning that the latest version of the EU’s Chat Control Proposal would weaken digital security while failing to deliver meaningful protection for children.
AI agents are here, now comes the hard part for CISOs
AI agents are being deployed inside enterprises today to handle tasks across security operations. This shift creates new opportunities for security teams but also introduces new risks.
Your heartbeat could reveal your identity, even in anonymized datasets
A new study has found that electrocardiogram (ECG) signals, often shared publicly for medical research, can be linked back to individuals. Researchers were able to re-identify people in anonymous datasets with surprising accuracy, raising questions about how health data is protected and shared.
How attackers weaponize communications networks
In this Help Net Security interview, Gregory Richardson, Vice President, Advisory CISO Worldwide, at BlackBerry, talks about the growing risks to communications networks. He explains why attackers focus on these networks and how their motivations range from corporate espionage to geopolitical influence.
When typing becomes tracking: Study reveals widespread silent keystroke interception
You type your email address into a website form but never hit submit. Hours later, a marketing email shows up in your inbox. According to new research, that is not a coincidence.
Ransomware, vendor outages, and AI attacks are hitting harder in 2025
Ransomware, third-party disruptions, and the rise of AI-powered attacks are reshaping the cyber risk landscape in 2025.
Fake npm 2FA reset email led to compromise of popular code packages
Malicious versions of at least 18 widely used npm packages were uploaded to the npm Registry on Monday, following the compromise of their maintainer’s account.
Plex tells users to change passwords due to data breach, pushes server owners to upgrade
Media streaming company Plex has suffered a data breach and is urging users to reset their account password and enable two-factor authentication.
Automated network pentesting uncovers what traditional tests missed
Most organizations run an annual network penetration test, remediate the issues it uncovers, and move on. But attackers are probing networks every day, using publicly available tools to exploit common misconfigurations and overlooked vulnerabilities.
Microsoft, Adobe, SAP deliver critical fixes for September 2025 Patch Tuesday
On September 2025 Patch Tuesday, Microsoft has released patches for 80+ vulnerabilities in its various software products, but the good news is that none of them are actively exploited.
Default Cursor setting can be exploited to run malicious code on developers’ machines
An out-of-the-box setting in Cursor, a popular AI source-code editor, could be leveraged by attackers to covertly run malicious code on users’ computers, researchers have warned.
Akira ransomware affiliates continue breaching organizations via SonicWall firewalls
Over a year after SonicWall patched CVE-2024-40766, a critical flaw in its next-gen firewalls, ransomware attackers are still gaining a foothold in organizations by exploiting it.
Attackers test the limits of railway cybersecurity
Railway systems are the lifeblood of many economies, supporting everything from daily passenger transport to military and industrial operations, so the question arises: how secure are they from a cybersecurity perspective?
Deepfakes are rewriting the rules of geopolitics
Deception and media manipulation have always been part of warfare, but AI has taken them to a new level.
Attackers are coming for drug formulas and patient data
In the pharmaceutical industry, clinical trial data, patient records, and proprietary drug formulas are prime targets for cybercriminals.
Cyber defense cannot be democratized
The democratization of AI has fundamentally lowered the barrier for threat actors, creating a bigger pool of people who can carry out sophisticated attacks. The so-called democratization of security, on the other hand, has resulted in chaos.
Fixing silent failures in security controls with adversarial exposure validation
Organizations often operate as if their security controls are fully effective simply because they’re deployed, configured, and monitored. Firewalls are in place, endpoints are protected, and SIEM rules are running. All good, right? Not so fast. Appearances can be deceiving. And deception can be devastating.
Signal adds secure backup option for chat history
Losing a phone can mean losing years of conversations. Signal is rolling out a new secure backup feature to help users keep their messages safe without giving up privacy.
Are we headed for an AI culture war?
In this Help Net Security video, Matt Fangman, Field CTO at SailPoint, discusses whether an AI culture war is inevitable.
The state of DMARC adoption: What 10M domains reveal
In this Help Net Security video, John Wilson, Senior Fellow, Threat Research at Fortra, explores the state of DMARC adoption across the top 10 million internet domains.
AI moves fast, but data security must move faster
Generative AI is showing up everywhere in the enterprise, from customer service chatbots to marketing campaigns. It promises speed and innovation, but it also brings new and unfamiliar security risks.
Identity management was hard, AI made it harder
Identity security is becoming a core part of cybersecurity operations, but many organizations are falling behind. A new report from SailPoint shows that as AI-driven identities and machine accounts grow, most security teams are not prepared to manage them at scale.
Employees keep feeding AI tools secrets they can’t take back
Employees are putting sensitive data into public AI tools, and many organizations don’t have the controls to stop it. A new report from Kiteworks finds that most companies are missing basic safeguards to manage this data.
CISOs, stop chasing vulnerabilities and start managing human risk
Breaches continue to grow in scale and speed, yet the weakest point remains unchanged: people. According to Dune Security’s 2025 CISO Risk Intelligence Survey, over 90 percent of incidents still originate from user behavior rather than technical flaws.
Download: Cyber defense guide for the financial sector
Data breaches cost more for financial organizations than they do for those in many other industries. In attempting to strengthen your financial organization’s cybersecurity, you must contend with evolving regulatory obligations, outdated IT infrastructure, and other challenges.
Garak: Open-source LLM vulnerability scanner
LLMs can make mistakes, leak data, or be tricked into doing things they were not meant to do. Garak is a free, open-source tool designed to test these weaknesses.
InterceptSuite: Open-source network traffic interception tool
InterceptSuite is an open-source, cross-platform network traffic interception tool designed for TLS/SSL inspection, analysis, and manipulation at the network level.
Cybersecurity jobs available right now: September 9, 2025
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.
New infosec products of the week: September 12, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Cynomi, DataLocker, Gigamon, Lookout, and Relyance AI.
Source link
