European Windows 10 users get an additional year of free security updates
Windows 10 users in the European Economic Area (EEA) will be able to receive extended security updates until October 14, 2026, without having to pay…
Category: HelpnetSecurity
Microsoft spots LLM-obfuscated phishing attack
Cybercriminals are increasingly using AI-powered tools and (malicious) large language models to create convincing, error-free emails, deepfakes, online personas, lookalike/fake websites, and malware. There’s even…
North Korean IT workers use fake profiles to steal crypto
ESET Research has published new findings on DeceptiveDevelopment, also called Contagious Interview. This North Korea-aligned group has become more active in recent years and focuses…
GenAI is exposing sensitive data at scale
Sensitive data is everywhere and growing fast. A new report from Concentric AI highlights how unstructured data, duplicate files, and risky sharing practices are creating…
Secure Code Warrior gives CISOs visibility into developer AI tool usage
Secure Code Warrior has launched a beta program to expand the AI capabilities of its Trust Agent product. The new offering provides CISOs with security…
The fight to lock down drones and their supply chains
Drones have already shown their impact in military operations, and their influence is spreading across the agricultural and industrial sectors. Given their technological capabilities, we…
Predicting DDoS attacks: How deep learning could give defenders an early warning
Distributed denial-of-service (DDoS) attacks remain one of the most common and disruptive forms of cybercrime. Defenders have traditionally focused on detecting these attacks once they…
$439 million recovered in global financial crime crackdown
Authorities around the world have recovered $439 million from criminals following a months-long operation led by INTERPOL. The effort, called HAECHI VI, ran from April…
New framework sets baseline for SaaS security controls
Managing security across dozens or even hundreds of SaaS apps has become a major headache. Each tool has its own settings, permissions, and logs, and…
SolarWinds fixes critical Web Help Desk RCE vulnerability (CVE-2025-26399)
SolarWinds has fixed yet another unauthenticated remote code execution vulnerability (CVE-2025-26399) in Web Help Desk (WHD), its popular web-based IT ticketing and asset management solution.…
Libraesva ESG zero-day vulnerability exploited by attackers (CVE-2025-59689)
Suspected state-sponsored attackers have exploited a zero-day vulnerability (CVE-2025-59689) in the Libraesva Email Security Gateway (ESG), the Italian email security company has confirmed. About CVE-2025-59689…
Teleport unveils AI-powered summaries for session recordings
Teleport released AI Session Summaries, a new capability in Teleport Identity Security that enables customers to summarize insights from thousands of hours of session recordings…