The XCSSET info-stealing malware is back, targeting macOS users and devs

A new, improved variant of the XCSSET macOS malware has been spotted “in limited attacks” by Microsoft’s threat researchers. XCSSET macOS malware XCSSET in information-stealing and backdoor-injecting malware targeting Mac users. It&#8… Continue reading The XCSSET info-stealing malware is back, targeting macOS users and devs

A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094)

The suspected Chinese state-sponsored hackers who breached workstations of several US Treasury employees in December 2024 did so by leveraging not one, but two zero-days, according to Rapid7 researchers. It was initially reported that the attackers com… Continue reading A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094)

Two Estonians plead guilty in $577M cryptocurrency Ponzi scheme

Two Estonian nationals may spend the next 20 years in prison for stealing hundreds of millions of dollars through a massive cryptocurrency Ponzi scheme, the US Department of Justice announced last week. The fraudulent operation “According to cour… Continue reading Two Estonians plead guilty in $577M cryptocurrency Ponzi scheme

How CISOs can balance security and business agility in the cloud

In this Help Net Security interview, Natalia Belaya, CISO at Cloudera, discusses common misconceptions about cloud security, the balance between protection and business agility, and overlooked risks that CISOs should prioritize. Belaya also offers prac… Continue reading How CISOs can balance security and business agility in the cloud

The hidden risks of a broken data provisioning system

In this Help Net Security video, Bart Koek, Field CTO at Immuta, discusses their 2025 State of Data Security Report, highlighting emerging challenges for IT and data security leaders. Key takeaways from the report: GenAI is causing significant change m… Continue reading The hidden risks of a broken data provisioning system

North Korean hackers spotted using ClickFix tactic to deliver malware

North Korean state-sponsored group Kimsuky (aka Emerald Sleet, aka VELVET CHOLLIMA) is attempting to deliver malware to South Korean targets by leveraging the so-called “ClickFix” tactic. A relatively new tactic The ClickFix social engineer… Continue reading North Korean hackers spotted using ClickFix tactic to deliver malware

Sandworm APT’s initial access subgroup hits organizations accross the globe

A subgroup of Russia’s Sandworm APT has been working to achieve initial and persistent access to the IT networks of organizations working in economic sectors Russia is interested in. “In 2022, its primary focus was Ukraine, specifically tar… Continue reading Sandworm APT’s initial access subgroup hits organizations accross the globe

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108)

Palo Alto Networks has fixed a high-severity authentication bypass vulnerability (CVE-2025-0108) in the management web interface of its next-gen firewalls, a proof-of-concept exploit (PoC) for which has been made public. “Palo Alto Networks is no… Continue reading PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108)

The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance

The United Kingdom government has secretly requested that Apple build a backdoor into its iCloud service, granting the government unrestricted access to users’ private data. This revelation deeply concerns me – it is a blatant overreach that threatens … Continue reading The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance