Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities
07
Nov
2025

Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities

Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities that appears to be…

Claude Desktop Hit by Critical RCE Flaws Allowing Remote Code Execution
07
Nov
2025

Claude Desktop Hit by Critical RCE Flaws Allowing Remote Code Execution

Security researchers have uncovered severe remote code execution vulnerabilities in three official Claude Desktop extensions developed and published by Anthropic….

Metrics don’t lie, but they can be misleading when they only tell IT's side of the story
07
Nov
2025

Metrics don’t lie, but they can be misleading when they only tell IT’s side of the story

In this Help Net Security interview, Rik Mistry, Managing Partner at Interval Group, discusses how to align IT strategy with…

Cavalry Werewolf Launches Cyberattack on Government Agencies to Deploy Network Backdoor
07
Nov
2025

Cavalry Werewolf Launches Cyberattack on Government Agencies to Deploy Network Backdoor

In July 2025, Doctor Web’s anti-virus laboratory received a critical alert from a government-owned organization within the Russian Federation. The…

What keeps phishing training from fading over time
07
Nov
2025

What keeps phishing training from fading over time

When employees stop falling for phishing emails, it is rarely luck. A new study shows that steady, mandatory phishing training…

DVA trials ChatGPT-based tool with 300 staff
07
Nov
2025

DVA trials ChatGPT-based tool with 300 staff

Australia’s lead veterans’ welfare department has started testing an AI chatbot in the hope of making it easier for staff…

Sandworm Hackers Target Ukrainian Organizations With Data-Wiping Malware
07
Nov
2025

Sandworm Hackers Target Ukrainian Organizations With Data-Wiping Malware

Russia-aligned threat actor Sandworm has intensified its destructive cyber operations against Ukrainian organizations, deploying data wiper malware to cripple critical…

Hospitals are running out of excuses for weak cyber hygiene
07
Nov
2025

Hospitals are running out of excuses for weak cyber hygiene

Healthcare leaders continue to treat cybersecurity as a technical safeguard instead of a strategic business function, according to the 2025…

M365 portal buckling as demand for Copilot refunds soar
07
Nov
2025

M365 portal buckling as demand for Copilot refunds soar

Microsoft is struggling to meet customer demand for refunds related to its Copilot AI agent add-on to M365 after announcing…

Amazon WorkSpaces for Linux Vulnerability Exposes Valid Auth Tokens to Attackers
07
Nov
2025

Amazon WorkSpaces for Linux Vulnerability Exposes Valid Auth Tokens to Attackers

A recently disclosed vulnerability in the Amazon WorkSpaces client for Linux exposes a critical security flaw that could allow attackers…

New infosec products of the week: November 7, 2025
07
Nov
2025

New infosec products of the week: November 7, 2025

Here’s a look at the most interesting products from the past week, featuring releases from 1touch.io, Barracuda Networks, Bitdefender, Forescout,…

Cisco Identity Services Engine Vulnerability Allows Attackers to Restart ISE unexpectedly
07
Nov
2025

Cisco Identity Services Engine Vulnerability Allows Attackers to Restart ISE unexpectedly

A critical vulnerability in Cisco Identity Services Engine (ISE) could allow remote attackers to crash the system through a crafted…