Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113)
With an exploit for a critical Roundcube vulnerability (CVE-2025-49113) being offered for sale on underground forums and a PoC exploit having been made public, attacks…
Category: HelpnetSecurity
fiddleitm: Open-source mitmproxy add-on identifies malicious web traffic
fiddleitm is an open-source tool built on top of mitmproxy that helps find malicious web traffic. It works by checking HTTP requests and responses for…
Balancing cybersecurity and client experience for high-net-worth clients
In this Help Net Security interview, Renana Friedlich-Barsky, EVP and CISO at LPL Financial, discusses how threat actors are targeting high-net-worth clients and exploiting digital…
CISOs, are you ready for cyber threats in biotech?
The threat landscape in the bioeconomy is different from what most CISOs are used to. It includes traditional risks like data breaches, but the consequences…
Enterprise SIEMs miss 79% of known MITRE ATT&CK techniques
Using the MITRE ATT&CK framework as a baseline, organizations are generally improving year-over-year in understanding security information and event management (SIEM) detection coverage and quality,…
Employees repeatedly fall for vendor email compromise attacks
In just 12 months, attackers attempted to steal more than $300 million via vendor email compromise (VEC), with 7% of engagements coming from employees who…
Week in review: Google fixes exploited Chrome zero-day, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: June 2025 Patch Tuesday forecast: Second time is the charm?Microsoft…
Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them?
Millions of Internet-of-Things (IoT) devices running the open-source version of the Android operating system are part of the Badbox 2.0 botnet, the FBI has warned.…
145 criminal domains linked to BidenCash Marketplace seized
Approximately 145 darknet and conventional internet domains, along with cryptocurrency funds linked to the BidenCash marketplace, have been seized by the U.S. Attorney’s Office for…
AI becomes key player in enterprise ransomware defense
Ransomware breaches continue to rise even as fewer victims pay, according to a Delinea report. 69% of organizations globally have fallen victim to ransomware, with…
June 2025 Patch Tuesday forecast: Second time is the charm?
Microsoft has been busy releasing more out-of-band (OOB) patches than usual throughout May. The May Patch Tuesday release of updates was typical in number of…
Why IAM should be the starting point for AI-driven cybersecurity
In this Help Net Security interview, Benny Porat, CEO at Twine Security, discusses applying AI agents to security decisions. He explains why identity and access…