Product showcase: Cogent Community democratizes vulnerability intelligence with agentic AI
The volume of threat intelligence data has grown exponentially, but the ability to interpret and act on it has not. Every day brings new CVE…
Category: HelpnetSecurity
Cyber-espionage campaign mirroring Sandworm TTPs hit Russian and Belarusian military
A spear-phishing campaign aimed to compromise Russian and Belarusian military personnel by using military-themed documents as a lure has been flagged by Cyble and Seqrite…
A new way to think about zero trust for workloads
Static credentials have been a weak point in cloud security for years. A new paper by researchers from SentinelOne takes direct aim at that issue…
Heisenberg: Open-source software supply chain health check tool
Heisenberg is an open-source tool that checks the health of a software supply chain. It analyzes dependencies using data from deps.dev, Software Bills of Materials…
Employees keep finding new ways around company access controls
AI, SaaS, and personal devices are changing how people get work done, but the tools that protect company systems have not kept up, according to…
Europe’s phone networks are drowning in fake calls
Caller ID spoofing has become one of Europe’s most persistent enablers of cyber fraud. A new position paper from Europol warns that manipulated phone identities…
Week in review: WSUS vulnerability exploited to drop Skuld infostealer, PoC for BIND 9 DNS flaw published
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Can your earbuds recognize you? Researchers are working on itBiometric…
Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491)
A Windows vulnerability (CVE-2025-9491, aka ZDI-CAN-25373) that state-sponsored threat actors and cybercrime groups have been quietly leveraging since at least 2017 continues to be exploited…
CISA and partners take action as Microsoft Exchange security risks mount
In partnership with international cybersecurity agencies, the US Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) outlined security best practices for…
AI chatbots are sliding toward a privacy crisis
AI chat tools are taking over offices, but at what cost to privacy? People often feel anonymous in chat interfaces and may share personal data…
ImmuniWeb Continuous now enables always-on, AI-powered security testing
ImmuniWeb has unveiled an upgraded version of ImmuniWeb Continuous, designed for continuous penetration testing and 24/7 automated vulnerability scanning of web applications, APIs, and microservices.…
Shadow AI: New ideas emerge to tackle an old problem in new form
Shadow AI is the second-most prevalent form of shadow IT in corporate environments, 1Password’s latest annual report has revealed. Based on a survey of over…