Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Patch Tuesday: Microsoft fixes 5 actively exploited zero-days On May 2025 Patch Tuesday, Microsoft has released security fixes for 70+ vulnerabilities, among them five actively…
Tag: Help Net Security
Cranium introduces AI red teaming platform
Cranium has launched Arena, an AI red teaming platform built to proactively test and secure AI systems across the full model and supply chain lifecycle. As artificial intelligence continues its rapid integration into enterprise infrastructure, so too does the urgency for…
CISA: Recently fixed Chrome vulnerability exploited in the wild (CVE-2025-4664)
A high-severity Chrome vulnerability (CVE-2025-4664) that Google has fixed on Wednesday is being leveraged by attackers, CISA has confirmed by adding the flaw to its Known Exploited Vulnerabilities catalog. About CVE-2025-4664 CVE-2025-4664 stems from insufficient policy enforcement in Google Chrome’s…
Deepfake attacks could cost you more than money
In this Help Net Security interview, Camellia Chan, CEO at X-PHY, discusses the dangers of deepfakes in real-world incidents, including their use in financial fraud and political disinformation. She explains AI-driven defense strategies and recommends updating incident response plans and…
Polymorphic phishing attacks flood inboxes
AI is transforming the phishing threat landscape at a pace many security teams are struggling to match, according to Cofense. In 2024, researchers tracked one malicious email every 42 seconds. Many of the 42-second attacks were part of polymorphic phishing…
How working in a stressful environment affects cybersecurity
Stressful work environments don’t just erode morale, they can quietly undermine cybersecurity. When employees feel overworked, unsupported, or mistreated, their judgment and decision-making suffer. “From an organizational perspective, a toxic culture often leads to increased errors, missed threats, decreased productivity,…
Cybersecurity Skills Framework connects the dots between IT job roles and the practical skills needed
The Linux Foundation, in collaboration with OpenSSF and Linux Foundation Education, has released the Cybersecurity Skills Framework, a global reference guide that helps organizations identify and address critical cybersecurity competencies across a broad range of IT job families. “Cybersecurity is…
New infosec products of the week: May 16, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Hunted Labs, McAfee, Obsidian Security, PentestPad, Resecurity, and SecuX. Resecurity One simplifies cybersecurity operations Resecurity One provides real-time cyber threat intelligence from multiple sources, enabling…
Proofpoint to acquire Hornetsecurity
Proofpoint has entered into a definitive agreement to acquire Hornetsecurity, a pan-European provider of AI-powered Microsoft 365 (M365) security, data protection, compliance, and security awareness services. Terms of the deal are confidential. The acquisition significantly enhances Proofpoint’s ability to provide…
Coinbase suffers data breach, gets extorted (but won’t pay)
Cryptocurrency exchange platform Coinbase has suffered a breach, which resulted in attackers acquiring customers’ data that can help them mount social engineering attacks, the company confirmed today by filing a report with the US Securities and Exchange Commission (SEC). The…