Released: MITRE ATT&CK v17.0, now with ESXi attack TTPs
MITRE has released the latest version of its ATT&CK framework, which now also includes a new section (“matrix”) to cover the tactics, techniques and procedures…
Category: HelpnetSecurity
2025 Data Breach Investigations Report: Third-party breaches double
The exploitation of vulnerabilities has seen another year of growth as an initial access vector for breaches, reaching 20%, according to Verizon’s 2025 Data Breach…
Attackers phish OAuth codes, take over Microsoft 365 accounts
Suspected Russian threat actors are using OAuth-based phishing attacks to get targets to grant them access to their Microsoft 365 (M365) accounts. “The primary tactics…
Veeam simplifies the protection of organizations’ Microsoft Entra ID users
Veeam Software announced Veeam Data Cloud for Microsoft Entra ID. With Entra ID (formerly Azure AD) facing over 600 million attacks daily, protecting organizations’ digital…
Skyhawk Security enhances Autonomous Purple Team to secure custom cloud apps
Skyhawk Security expanded its AI-powered Autonomous Purple Team to include custom cloud applications. For the first time, organizations can preemptively and continuously secure custom cloud…
SWE-agent: Open-source tool uses LLMs to fix issues in GitHub repositories
By connecting powerful language models like GPT-4o and Claude Sonnet 3.5 to real-world tools, the open-source tool SWE-agent allows them to autonomously perform complex tasks:…
The dark side of YouTube: Malicious links, phishing, and deepfakes
With billions of users, YouTube has become a tempting target for cybercriminals. They post malicious links in video descriptions and comments. Some send phishing emails…
Phishing emails delivering infostealers surge 84%
Cybercriminals continued to shift to stealthier tactics, with lower-profile credential theft spiking, while ransomware attacks on enterprises declined, according to IBM. Researchers observed an 84%…
PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433)
There are now several public proof-of-concept (PoC) exploits for a maximum-severity vulnerability in the Erlang/OTP SSH server (CVE-2025-32433) unveiled last week. “All users running an…
Stellar Cyber boosts security operations with human-augmented Autonomous SOC
At the upcoming RSAC 2025 Conference in San Francisco, Stellar Cyber will unveil the next evolution of modern SecOps: the human-augmented Autonomous SOC, powered by…
What school IT admins are up against, and how to help them win
School IT admins are doing tough, important work under difficult conditions. From keeping Wi-Fi stable during exams to locking down systems from phishing emails, their…
The legal blind spot of shadow IT
Shadow IT isn’t just a security risk, it’s a legal one. When teams use unsanctioned tools, they can trigger compliance violations, expose sensitive data, or…