Help Net Security

Spanish authorities arrested five members of a criminal network responsible for laundering €460 million stolen through global cryptocurrency investment fraud schemes. Source: Europol The operation, led by the Guardia Civil with support from Europol and law enforcement in Estonia, France, and the United States, uncovered that more than 5,000 victims worldwide were defrauded. The action day led to: 5 arrests (3 on the Canary Islands and 2 in Madrid), and 5 searches (3 on the … More → The post Fraudsters behind €460 million crypto scam arrested in Spain appeared first on Help Net Security.

While Citrix has observed some instances where CVE-2025-6543 has been exploited on vulnerable NetScaler networking appliances, the company still says that they don’t have evidence of exploitation for CVE-2025-5349 or CVE-2025-5777, both of which have been patched earlier this month. CVE-2025-5777, in particular, has captured the attention of infosec professionals due to its similarity to CVE-2023-4966, aka CitrixBleed. Consequently, CVE-2025-5777 has been informally dubbed “CitrixBleed 2” by security researcher Kevin Beaumont. Both CitrixBleed and CitrixBleed … More → The post CitrixBleed 2 might be actively exploited (CVE-2025-5777) appeared first on Help Net Security.

Cato Networks has raised $359 million in a late-stage funding round, bringing its total valuation to $4.8 billion. The company, which provides a secure networking platform built entirely in the cloud, says the money will support its product development, AI capabilities, and global expansion. The new investment is intended to accelerate development of Cato’s AI-driven SASE (Secure Access Service Edge) platform. The company also plans to use the funds to expand its global operations and … More → The post Cato Networks raises $359 million to redefine enterprise security appeared first on Help Net Security.

Microsoft’s Threat Intelligence Center has released a new tool called RIFT to help malware analysts identify malicious code hidden in Rust binaries. While Rust is becoming more popular for its speed and memory safety, those same qualities make malware written in Rust harder to analyze. RIFT is designed to cut through that complexity and make the job easier. Overview of RIFT Static Analyzer (Source: Microsoft) Why Rust malware is hard to analyze To show the … More → The post RIFT: New open-source tool from Microsoft helps analyze Rust malware appeared first on Help Net Security.

In this Help Net Security interview, Chris McGranahan, Director of Security Architecture & Engineering at Backblaze, discusses how AI is shaping both offensive and defensive cybersecurity tactics. He talks about how AI is changing the threat landscape, the complications it brings to penetration testing, and what companies can do to stay ahead of AI-driven attacks. McGranahan also points out that human expertise remains essential, and we can’t depend on AI alone to protect cloud environments. … More → The post Are we securing AI like the rest of the cloud? appeared first on Help Net Security.

Gartner projects that by 2028, organizations enriching their Security Operations Center (SOC) data with exposure insights will reduce the frequency and impact of cyberattacks by 50%. This bold forecast underscores a crucial shift: proactive exposure management is quickly becoming foundational to modern cyber defense. Why organizations struggle to prioritize what matters Security teams are responsible for defending an organization against looming cyber threats. Needless to say, they’re inundated with data from constantly expanding attack surfaces. … More → The post How exposure-enriched SOC data can cut cyberattacks in half by 2028 appeared first on Help Net Security.

Europe is banking on AI to help solve its economic problems. Productivity is stalling, and tech adoption is slow. Global competitors, especially the U.S., are pulling ahead. A new report from Accenture says AI could help reverse that trend, but only if European companies move faster and invest more boldly. Right now, most are not. The report shows that only 8 percent of large AI investments aimed at transforming business operations have been scaled in … More → The post Europe’s AI strategy: Smart caution or missed opportunity? appeared first on Help Net Security.

In this Help Net Security video, Arun Shrestha, CEO of BeyondID, explains how AI agents, now embedded in daily operations, are often over-permissioned, under-monitored, and invisible to identity governance systems. With a special focus on the healthcare sector, Shrestha outlines the real-world risks, from HIPAA violations to compromised patient safety, and offers five actionable steps to manage non-human identities before they become your next breach. The post Why AI agents could be the next insider threat appeared first on Help Net Security.

Supply chain risks remain top-of-mind for the vast majority of CISOs and cybersecurity leaders, according to SecurityScorecard. Their findings reveal that the way most organizations manage supply chain cyber risk isn’t keeping pace with expanding threats. The expanding web of vendors increases supply chain cyber risks Third-party involvement in breaches has doubled, rising from 15% to nearly 30%, according to the 2025 Verizon DBIR. A small group of third-party providers supports much of the world’s … More → The post Third-party breaches double, creating ripple effects across industries appeared first on Help Net Security.

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Stealthy backdoor found hiding in SOHO devices running Linux SecurityScorecard’s STRIKE team has uncovered a network of compromised small office and home office (SOHO) devices they’re calling LapDogs. High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218) A recently patched directory traversal vulnerability (CVE-2025-6218) in WinRAR could be leveraged by remote attackers to execute arbitrary code on affected installations. Breaking the … More → The post Week in review: Backdoor found in SOHO devices running Linux, high-risk WinRAR RCE flaw patched appeared first on Help Net Security.