Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
Adopting a counterintelligence mindset in luxury logistics
In this Help Net Security interview, Andrea Succi, Group CISO at Ferrari Group, discusses how cybersecurity is integrated into every aspect of the logistics industry. He explains why protecting data can be as critical as securing physical assets and how a layered defense approach helps safeguard both. Succi adds that awareness, collaboration, and resilience keep client trust and operations consistent.
Wi-Fi signals may hold the key to touchless access control
Imagine walking into a secure building where the door unlocks the moment your hand hovers near it. No keycards, no PINs, no fingerprints. Instead, the system identifies you by the way your palm distorts the surrounding Wi-Fi signal. That is the idea behind a new study from researchers at the Aeronautics Institute of Technology (ITA) in Brazil.
To get funding, CISOs are mastering the language of money
In this Help Net Security interview, Chris Wheeler, CISO at Resilience, talks about how CISOs are managing changing cybersecurity budgets. While overall spending is up, many say the increases don’t match their most pressing needs. Wheeler explains how organizations are reallocating funds, measuring ROI, and linking cybersecurity plans to business goals.
When every day is threat assessment day
In this Help Net Security interview, Paul J. Mocarski, VP & CISO at Sammons Financial Group, discusses how insurance carriers are adapting their cybersecurity strategies. He explains how ongoing threat assessments, AI-driven automation, and third-party risk management help maintain readiness.
Healthcare security is broken because its systems can’t talk to each other
In this Help Net Security interview, Cameron Kracke, CISO at Prime Therapeutics, discusses how the healthcare ecosystem can achieve cohesive security visibility. With hospitals, clinics, telehealth, and cloud partners all in the mix, maintaining visibility remains a complex task. Kracke shares how interoperability, collaboration, and strategic investment can strengthen resilience across the healthcare security landscape.
Why your security strategy is failing before it even starts
In this Help Net Security interview, Adnan Ahmed, CISO at Ornua, discusses how organizations can build a cybersecurity strategy that aligns with business goals. He explains why many companies stumble by focusing on technology before understanding risk and shares how embedding cybersecurity across the business helps build resilience.
Attackers exploited another Gladinet Triofox vulnerability (CVE-2025-12480)
Attackers have exploited yet another vulnerability (CVE-2025-12480) in the Gladinet Triofox secure file sharing and remote access platform, Mandiant revealed on Monday.
CISA: Patch Samsung flaw exploited to deliver spyware (CVE-2025-21042)
CISA has added CVE-2025-21042, a vulnerability affecting Samsung mobile devices, to its Known Exploited Vulnerabilities (KEV) catalog, and has ordered US federal civilian agencies to address it by the start of December.
Patch Tuesday: Microsoft fixes actively exploited Windows kernel vulnerability (CVE-2025-62215)
Microsoft has delivered a rather light load of patches for November 2025 Patch Tuesday: some 60+ vulnerabilities have received a fix, among them an actively exploited Windows Kernel flaw (CVE-2025-62215).
UK’s new Cyber Security and Resilience Bill targets weak links in critical services
The UK government has introduced the Cyber Security and Resilience Bill, a major piece of legislation designed to boost the country’s protection against cyber threats. The new law aims to strengthen the digital defenses of essential public services and update the ageing Network and Information Systems (NIS) Regulations 2018, the UK’s only cross-sector cyber security law.
Rhadamanthys infostealer operation disrupted by law enforcement
The rumors were true: Operation Endgame, a joint effort between law enforcement and judicial authorities of several European countries, Australia, Canada, the UK and the US, has disrupted the infrastructure supporting the operation of the Rhadamanthys infostealer.
“Patched” but still exposed: US federal agencies must remediate Cisco flaws (again)
CISA has ordered US federal agencies to fully address two actively exploited vulnerabilities (CVE-2025-20333, CVE-2025-20362) in Cisco Adaptive Security Appliances (ASA) and Firepower firewalls.
Fake spam filter alerts are hitting inboxes
A new phishing campaign is attempting to trick users into believing they’ve missed important emails, security researchers are warning. The bogus email alerts look like they are coming from the recipient’s email domain, and falsely claim that due to a “Secure Message system” upgrade, important messages have been blocked.
A suspected Fortinet FortiWeb zero-day is actively exploited, researchers warn
A suspected (but currently unidentified) zero-day vulnerability in Fortinet FortiWeb is being exploited by unauthenticated attackers to create new admin accounts on vulnerable, internet-facing devices.
Shadow AI risk: Navigating the growing threat of ungoverned AI adoption
AI is transforming how businesses operate, but it’s also creating new, often hidden risks. As employees and business units eagerly embrace and experiment with AI solutions, many organizations are losing control over where and how AI is being used. A new threat is emerging: shadow AI. This unsanctioned use of AI tools without oversight from IT or security teams has quickly become a top concern for CISOs.
How to adopt AI security tools without losing control
In this Help Net Security video, Josh Harguess, CTO of Fire Mountain Labs, explains how to evaluate, deploy, and govern AI-driven security tools. He talks about the growing role of AI in security operations and the new kinds of risks it brings.
sqlmap: Open-source SQL injection and database takeover tool
Finding and exploiting SQL injection vulnerabilities is one of the oldest and most common steps in web application testing. sqlmap streamlines this process. It is an open-source penetration testing tool that automates the detection and exploitation of SQL injection flaws and can take over database servers when configured to do so.
CISOs are cracking under pressure
Cybersecurity leaders are hitting their limit. A new report from Nagomi Security shows that most CISOs are stretched thin, dealing with nonstop incidents, too many tools, and growing pressure from their boards. The pressures are so intense that many say they are burned out and thinking about walking away.
How far can police push privacy before it breaks
Police use drones, body cameras, and license plate readers as part of their daily work. Supporters say these tools make communities safer. Critics see something different, a system that collects too much data and opens the door to abuse. When surveillance expands without public oversight, civil liberties start to slip away, especially for people who already face bias and discrimination.
ProxyBridge: Open-source proxy routing for Windows applications
ProxyBridge is a lightweight, open-source tool that lets Windows users route network traffic from specific applications through SOCKS5 or HTTP proxies. It can redirect both TCP and UDP traffic and gives users the option to route, block, or allow connections on a per-application basis.
Autonomous AI could challenge how we define criminal behavior
Whether we ever build AI that thinks like a person is still uncertain. What seems more realistic is a future with more independent machines. These systems already work across many industries and digital environments. Alongside human-to-human and human-to-machine contact, communication between machines is growing fast. Criminology should start to look at what this shift means for crime and social control.
Google adds Emerging Threats Center to speed detection and response
When a new vulnerability hits the news, security teams often scramble to find out if they are at risk. The process of answering that question can take days or weeks, involving manual research, rule-writing, and testing. Google Security Operations wants to close that window with its new Emerging Threats Center, designed to help teams understand their exposure and detection coverage in near real time.
Sprout: Open-source bootloader built for speed and security
Sprout is an open-source bootloader that delivers sub-second boot times and uses a clean, data-driven configuration format that works across operating systems.
Wanna bet? Scammers are playing the odds better than you are
Placing a bet has never been this easy, and that’s the problem. The convenience of online gambling is the same thing scammers are cashing in on. Whether it’s a fake app, a “can’t-miss” tipster, or a rigged casino, the game is stacked against you.
Los Alamos researchers warn AI may upend national security
For decades, the United States has built its defense posture around predictable timelines for technological progress. That assumption no longer holds, according to researchers at Los Alamos National Laboratory. Their paper argues that AI is advancing so quickly that the current defense system cannot adapt in time.
Protecting mobile privacy in real time with predictive adversarial defense
Mobile sensors are everywhere, quietly recording how users move, tilt, or hold their phones. The same data that powers step counters and activity trackers can also expose personal details such as gender, age, or even identity. A new study introduces a method designed to stop that information from being inferred in the first place, without interrupting the phone’s normal functions.
AI is rewriting how software is built and secured
AI has become part of everyday software development, shaping how code is written and how fast products reach users. A new report from Cycode, The 2026 State of Product Security for the AI Era, explores how deeply AI now runs through development pipelines and how security teams are trying to manage the risks that come with it.
Hidden risks in the financial sector’s supply chain
When a cyber attack hits a major bank or trading platform, attention usually turns to the institution. But new research suggests the real danger may lie elsewhere. BitSight researchers found that many of the technology providers serving the financial sector have weaker cybersecurity performance than the institutions they support.
GNU Coreutils 9.9 brings fixes and updates across essential tools
GNU Coreutils is the backbone of many enterprise Linux environments. It provides the basic file, shell, and text utilities that every GNU-based system depends on. The latest release, version 9.9, refines these tools with fixes and performance improvements.
What the latest data reveals about hard drive reliability
What really counts as a hard drive failure? That’s the question at the center of Backblaze’s Q3 2025 Drive Stats report, which tracks the performance of 328,348 hard drives across its global data centers. The latest findings build on more than a decade of data that has made Backblaze one of the most transparent sources on drive reliability for IT teams, researchers, and data professionals.
AI is forcing boards to rethink how they govern security
Boards are spending more time on cybersecurity but still struggle to show how investments improve business performance. The focus has shifted from whether to fund protection to how to measure its return and ensure it supports growth.
The browser is eating your security stack
Employees log into SaaS platforms, upload files, use AI tools, and manage customer data from a single tab. While the browser has become the enterprise’s main workspace, it remains largely outside the reach of security controls. According to the 2025 Browser Security Report by LayerX, that blind spot has turned into a major risk surface for data loss, identity theft, and AI misuse.
Automation can’t fix broken security basics
Most enterprises continue to fall short on basic practices such as patching, access control, and vendor oversight, according to Swimlane’s Cracks in the Foundation: Why Basic Security Still Fails report. Leadership often focuses on broad resilience goals while the day-to-day work that supports them remains inconsistent and underfunded.
What happens when employees take control of AI
Executives may debate AI strategy, but many of the advances are happening at the employee level. A recent Moveworks study shows that AI adoption is being led from the ground up, with employees, not senior leaders, driving the change.
Download: Strengthening Identity Security whitepaper
Identity threats are escalating. Attackers increasingly exploit compromised credentials, often undetected by organizations, and use social engineering to gain access. Most companies lack visibility into service account activity and don’t have the tools to detect identity-led threats.
Cybersecurity jobs available right now: November 11, 2025
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.
New infosec products of the week: November 14, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Action1, Avast, Cyware, Firewalla, and Nokod Security.