North Korean hackers stole over $2 billion in cryptocurrency this year
North Korean hackers have stolen more than $2 billion in cryptocurrency in 2025, according to blockchain analytics firm Elliptic, and the year isn’t over yet.…
Category: HelpnetSecurity
Researchers uncover ClickFix-themed phishing kit
Palo Alto Networks researchers have discovered and analyzed “IUAM ClickFix Generator”, a phishing kit that allows less skilled attackers to infect unsuspecting users with malware…
Radiflow360 unifies OT risk, compliance, and response
Radiflow has launched the new Radiflow360, a unified, AI-enhanced OT cybersecurity platform that delivers visibility, risk management and streamlined incident response for mid-sized industrial enterprises.…
Rethinking AI security architectures beyond Earth
If you think managing cloud security is complex, try doing it across hundreds of satellites orbiting the planet. Each one is a moving endpoint that…
DefectDojo: Open-source DevSecOps platform – Help Net Security
DefectDojo is an open-source tool for DevSecOps, application security posture management (ASPM), and vulnerability management. It helps teams manage security testing, track and remove duplicate…
Developing economies are falling behind in the fight against cybercrime
Cybercrime is a global problem, but not every country is equally equipped to fight it. In many developing economies, cybersecurity is still seen as a…
New system aims to keep people connected when networks fail
When disaster strikes, communication often fails. Cell towers can go offline, internet connections can disappear, and people are left without a way to share information…
Redis patches critical “RediShell” RCE vulnerability, update ASAP! (CVE-2025-49844)
Redis, the company behind the widely used in-memory data structure store of the same name, has released patches for a critical vulnerability (CVE-2025-49844) that may…
OPSWAT’s MetaDefender Drive delivers portable, network-free threat scanning
OPSWAT launched MetaDefender Drive with Smart Touch, a portable cybersecurity device designed for malware and compliance scanning of transient cyber assets regardless of network connectivity.…
Leaked Oracle EBS exploit scripts expected to drive new wave of attacks (CVE-2025-61882)
Resecurity and watchTowr researchers have analyzed the leaked scripts used by attackers to exploit CVE-2025-61882 on internet-facing Oracle ESB instances. Whether the attackers were Cl0p…
How to get better results from bug bounty programs without wasting money
The wrong bug bounty strategy can flood your team with low-value reports. The right one can surface critical vulnerabilities that would otherwise slip through. A…
The architecture of lies: Bot farms are running the disinformation war
Bot farms have moved into the center of information warfare, using automated accounts to manipulate public opinion, influence elections, and weaken trust in institutions. Algorithms…