Category: HelpnetSecurity

Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)
05
Sep
2025

Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)

A critical vulnerability (CVE-2025-42957) in SAP S/4HANA enterprise resource planning software is being exploited by attackers “to a limited extent”,…

September 2025 Patch Tuesday forecast: The CVE matrix
05
Sep
2025

September 2025 Patch Tuesday forecast: The CVE matrix

We work in an industry driven by Common Vulnerabilities and Exposures (CVE). Each security update released by myriad vendors addresses…

How to reclaim control over your online shopping data
05
Sep
2025

How to reclaim control over your online shopping data

Online shopping is convenient, saves time, and everything is just a click away. But how often do we stop to…

Smart ways CISOs can do more with less
05
Sep
2025

Smart ways CISOs can do more with less

In this Help Net Security video, Jill Knesek, CISO at BlackLine, shares practical strategies for CISOs navigating tighter budgets. From…

Connected cars are smart, convenient, and open to cyberattacks
05
Sep
2025

Connected cars are smart, convenient, and open to cyberattacks

Consumers are concerned about vulnerabilities in their vehicles, which directly impacts purchasing behavior and brand loyalty, according to RunSafe Security….

Google fixes actively exploited Android vulnerabilities (CVE-2025-48543, CVE-2025-38352)
04
Sep
2025

Google fixes actively exploited Android vulnerabilities (CVE-2025-48543, CVE-2025-38352)

Google has provided fixes for over 100 Android vulnerabilities, including CVE-2025-48543 and CVE-2025-38352, which “may be under limited, targeted exploitation.”…

macOS vulnerability allowed Keychain and iOS app decryption without a password
04
Sep
2025

macOS vulnerability allowed Keychain and iOS app decryption without a password

Today at Nullcon Berlin, a researcher disclosed a macOS vulnerability (CVE-2025-24204) that allowed attackers to read the memory of any…

LinkedIn expands company verification, mandates workplace checks for certain roles
04
Sep
2025

LinkedIn expands company verification, mandates workplace checks for certain roles

LinkedIn is rolling out new verification rules to make it easier to confirm that people and companies are who they…

Sitecore zero-day vulnerability exploited by attackers (CVE-2025-53690)
04
Sep
2025

Sitecore zero-day vulnerability exploited by attackers (CVE-2025-53690)

A threat actor is leveraging a zero-day vulnerability (CVE-2025-53690) and an exposed sample ASP.NET machine key to breach internet-facing, on-premises…

New threat group uses custom tools to hijack search results
04
Sep
2025

New threat group uses custom tools to hijack search results

ESET Research has identified a new threat group called GhostRedirector. In June 2025, this group broke into at least 65…

DDoS attacks serve as instruments of political influence and disruption
04
Sep
2025

DDoS attacks serve as instruments of political influence and disruption

In the first half of 2025, there were 8,062,971 DDoS attacks worldwide, with EMEA taking the brunt at 3.2 million…

Cutting through CVE noise with real-world threat signals
04
Sep
2025

Cutting through CVE noise with real-world threat signals

CISOs are dealing with an overload of vulnerability data. Each year brings tens of thousands of new CVEs, yet only…