Security researchers have disclosed a critical vulnerability in the HTTP/2 protocol that could enable massive distributed denial-of-service (DDoS) attacks, potentially affecting millions of web servers worldwide. The flaw, dubbed “MadeYouReset” and assigned CVE-2025-8671, was publicly disclosed on August 13, 2025,…
Category: EN
Cyber insurance market shows early signs of maturity
The cyber insurance market is entering a new phase of evolution and showing early signs of maturity, according to recent research from Arctic Wolf. Brokers and carriers are taking on different but connected roles to help customers get policies. Brokers…
300 Million In Crypto Fraud Funds Frozen: Cybersecurity Today
Cyber Crime Crackdown: $300 Million in Crypto Frozen, FBI Accounts Hacked, and Critical Microsoft Patches Released In this episode of Cybersecurity Today, host Jim Love covers major recent events in cybercrime and cybersecurity. Over $300 million in cryptocurrency tied to…
Obot MCP Gateway: Open-source platform to securely manage the adoption of MCP servers
Obot MCP Gateway is a free, open-source gateway that enables IT organizations to securely manage and scale adoption of Model Context Protocol (MCP) servers. MCPs are becoming the standard for how AI agents interface with real-world systems. Without a control…
Cisco Secure Firewall Vulnerability Lets Attackers Execute Remote Shell Commands
Cisco has disclosed a critical security vulnerability in its Secure Firewall Management Center software that could allow unauthenticated attackers to remotely execute shell commands with elevated privileges. The flaw, tracked as CVE-2025-20265, carries a maximum CVSS score of 10.0 and…
Fighting fraud with AI: The new identity security playbook
In this Help Net Security video, Hal Lonas, CTO at Trulioo, talks about the rise of synthetic identity fraud and how it’s quickly becoming one of the biggest threats in financial crime. He breaks down how fraudsters are using generative…
Employees race to build custom AI apps despite security risks
The latest Netskope findings show a 50% increase in GenAI platform usage among enterprise end-users, driven by growing employee demand for tools to develop custom AI applications and agents. Top LLM interfaces by percentage in organizations (source: Netskope) Despite an…
Cisco Secure Firewall Vulnerability Allows Hackers to Inject Remote Shell Command Injection
Cisco has disclosed a critical security vulnerability in its Secure Firewall Management Center (FMC) Software that could allow unauthenticated attackers to execute arbitrary shell commands with high-level privileges remotely. The vulnerability, tracked as CVE-2025-20265 and assigned the maximum CVSS score…
New infosec products of the week: August 15, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Brivo, Envoy, Prove, Rubrik, and Trellix. Rubrik Agent Rewind enables organizations to undo mistakes made by agentic AI Agent Rewind, powered by Predibase AI infrastructure,…
Threat Actors Personalize Phishing Attacks With Advanced Tactics for Malware Delivery
Cybercriminals are increasingly leveraging personalization tactics to enhance the effectiveness of their malware-delivery phishing campaigns, with threat actors customizing subject lines, attachment names, and embedded links to create a false sense of authenticity and urgency. This sophisticated approach represents a…