Category: HelpnetSecurity

Most critical vulnerabilities aren't worth your attention
28
Apr
2025

Most critical vulnerabilities aren’t worth your attention

Web applications face a wide range of risks, including known-exploitable vulnerabilities, supply chain attacks, and insecure identity configurations in CI/CD,…

Week in review: MITRE ATT&CK v17.0 released, PoC for Erlang/OTP SSH bug is public
27
Apr
2025

Week in review: MITRE ATT&CK v17.0 released, PoC for Erlang/OTP SSH bug is public

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Released: MITRE ATT&CK v17.0, now…

Rack Ruby vulnerability could reveal secrets to attackers (CVE-2025-27610)
25
Apr
2025

Rack Ruby vulnerability could reveal secrets to attackers (CVE-2025-27610)

Researchers have uncovered three serious vulnerabilities in Rack, a server interface used by most Ruby web app frameworks (Ruby on…

LastPass Secure Access Experiences simplifies access management
25
Apr
2025

LastPass Secure Access Experiences simplifies access management

As cloud app adoption continues to rise, and the modern workplace continues to evolve, LastPass will introduce a new approach…

BreachLock AEV simulates Real attacks to validate and prioritize exposures
25
Apr
2025

BreachLock AEV simulates Real attacks to validate and prioritize exposures

BreachLock AEV automates multistep, threat-intelligence-led attack scenarios—helping security teams uncover real exposures and prioritize what matters most. Going beyond just…

Dashlane introduces Omnix for AI-powered credential protection
25
Apr
2025

Dashlane introduces Omnix for AI-powered credential protection

Dashlane unveiled a new approach to addressing human risk in response to the rise of AI-driven phishing attacks and shadow…

25
Apr
2025

Top must-visit companies at RSAC 2025

RSAC 2025 Conference is taking place at the Moscone Center in San Francisco from April 28 – May 1. With…

Exposure validation emerges as critical cyber defense component
25
Apr
2025

Exposure validation emerges as critical cyber defense component

Organizations have implemented various aspects of threat exposure validation, including security control validation (51%) and filtering threat exposures based on…

Flexible working models fuel surge in device theft
25
Apr
2025

Flexible working models fuel surge in device theft

76% of respondents have been impacted by incidents of device theft in the past two years, with incidents more common…

13 core principles to strengthen AI cybersecurity
25
Apr
2025

13 core principles to strengthen AI cybersecurity

The new ETSI TS 104 223 specification for securing AI provides reliable and actionable cybersecurity guidance aimed at protecting end…

New infosec products of the week: April 25, 2025
25
Apr
2025

New infosec products of the week: April 25, 2025

Here’s a look at the most interesting products from the past week, featuring releases from Bitdefender, PowerDMARC, Skyhawk Security, Stellar…

Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028)
24
Apr
2025

Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028)

If your organization is using Commvault Command Center for your data protection, backup creation, configuration and restoration needs, you should…