European Vulnerability Database goes live, but who benefits?
The European Union Agency for Cybersecurity (ENISA) has unveiled the European Vulnerability Database (EUVD), an initiative under the NIS2 Directive aimed at enhancing digital security…
Category: HelpnetSecurity
Patch Tuesday: Microsoft fixes 5 actively exploited zero-days
On May 2025 Patch Tuesday, Microsoft has released security fixes for 70+ vulnerabilities, among them five actively exploited zero-days and two publicly disclosed (but not…
Zero-day exploited to compromise Fortinet FortiVoice systems (CVE-2025-32756)
Fortinet has patched a critical vulnerability (CVE-2025-32756) that has been exploited in the wild to compromise FortiVoice phone / conferencing systems, the company’s product security…
Ivanti EPMM vulnerabilities exploited in the wild (CVE-2025-4427, CVE-2025-4428)
Attackers have exploited vulnerabilities in open-source libraries to compromise on-prem Ivanti Endpoint Manager Mobile (EPMM) instances of a “very limited” number of customers, Ivanti has…
Product showcase: Go beyond VPNs and Tor with NymVPN
If you care about online privacy, you probably already know: Centralized VPNs and even Tor aren’t enough anymore. Traditional VPNs require you to trust a…
CISOs must speak business to earn executive trust
In this Help Net Security interview, Pritesh Parekh, VP, CISO at PagerDuty talks about how CISOs can change perceptions of their role, build influence across…
Review: Resilient Cybersecurity – Help Net Security
Resilient Cybersecurity touches on nearly every major function of enterprise cybersecurity, from threat detection and identity management to vendor risk and regulatory compliance. About the…
Breaking down silos in cybersecurity
All organizations erect silos – silos between groups and departments, across functions and among technologies. Silos represent differences in practices, culture and operations. Their presence…
UNIDIR Intrusion Path: New framework to analyze ICT environment activities
Malicious activity in the ICT environment is growing. However, a non-technical audience often struggle to understand these threats, either because technical explanations are too complex…
Law enforcement takes down proxy botnets used by criminals
US and Dutch law enforcement, with the help of Lumen researchers, have disrupted 5socks and Anyproxy, two proxy-for-rent services that were used by criminals for…
Hunted Labs Entercept combats software supply chain attacks
Hunted Labs announced Entercept, an AI-powered source code security platform that gives enterprises instant visibility into suspicious behavior from the people and code in their…
Compromised SAP NetWeaver instances are ushering in opportunistic threat actors
A second wave of attacks against the hundreds of SAP NetWeaver platforms compromised via CVE-2025-31324 is underway. “[The] attacks [are] staged by follow-on, opportunistic threat…