Unpatched Windows Server vulnerability allows full domain compromise
A privilege escalation vulnerability in Windows Server 2025 can be used by attackers to compromise any user in Active Directory (AD), including Domain Admins. “The…
Category: HelpnetSecurity
StackHawk raises $12 million to help security teams tackle AI-powered dev cycles
StackHawk, the shift-left API security platform, announced it has taken on $12 million in additional funding from Sapphire and Castanoa Ventures to help security teams…
Signal blocks Microsoft Recall from screenshotting conversations
Signal has released a new version of its end-to-end encrypted communication app for Windows that prevents Microsoft Recall and users from screenshotting text-based conversations happening…
CTM360 report: Ransomware exploits trust more than tech
A recent wave of ransomware attacks has disrupted major retailers across the UK. According to a new report from CTM360, the attackers didn’t need to…
The hidden gaps in your asset inventory, and how to close them
In this Help Net Security interview, Tim Grieveson, CSO at ThingsRecon, breaks down the first steps security teams should take to regain visibility, the most…
Many rush into GenAI deployments, frequently without a security net
70% percent of organizations view the pace of AI development, particularly in GenAI, as the leading security concern related to its adoption, followed by lack…
Review: CompTIA Network+ Study Guide, 6th Edition
If you’re planning to tackle the CompTIA Network+ certification (N10-009), chances are you’ve already come across the name Todd Lammle. A long-established authority in the…
Be careful what you share with GenAI tools at work
We use GenAI at work to make tasks easier, but are we aware of the risks? According to Netskope, the average organization now shares more…
Lumma Stealer Malware-as-a-Service operation disrupted
A coordinated action by US, European and Japanese authorities and tech companies like Microsoft and Cloudflare has disrupted the infrastructure behind Lumma Stealer, the most…
Data-stealing VS Code extensions removed from official Marketplace
Developers who specialize in writing smart (primarily Ethereum) contracts using the Solidity programming language have been targeted via malicious VS Code extensions that install malware…
Anchore SBOM tracks software supply chain issues
Anchore announced the next phase of its SBOM strategy with the release of Anchore SBOM. With the addition of Anchore SBOM, Anchore Enterprise now provides…
Strider Spark protects organizations from state-sponsored threats
Strider announced new capabilities for Spark, the company’s proprietary AI-powered intelligence engine that is transforming how organizations identify and mitigate risks associated with state-sponsored threats.…