News – Help Net Security

Palo Alto Networks researchers have discovered and analyzed “IUAM ClickFix Generator”, a phishing kit that allows less skilled attackers to infect unsuspecting users with malware by using the increasingly popular ClickFix social engineering technique. “This tool allows threat actors to create highly customizable phishing pages that mimic the challenge-response behavior of a browser verification page commonly deployed by Content Delivery Networks (CDNs) and cloud security providers to defend against automated threats. The spoofed interface is … More → The post Researchers uncover ClickFix-themed phishing kit appeared first on Help Net Security.

North Korean hackers have stolen more than $2 billion in cryptocurrency in 2025, according to blockchain analytics firm Elliptic, and the year isn’t over yet. Though this year’s record losses are driven largely by the February attack on cryptocurrency exchange Bybit ($1.46 billion stolen), the company has also linked more than thirty additional hacks to North Korea this year. “The actual figure may be even higher,” the company says. “We are aware of many other … More → The post North Korean hackers stole over $2 billion in cryptocurrency this year appeared first on Help Net Security.

If you think managing cloud security is complex, try doing it across hundreds of satellites orbiting the planet. Each one is a moving endpoint that must stay secure while communicating through long, delay-prone links. A new study explores how AI could automate security for space systems and whether the best approach is to centralize control or spread it out. Space security enters a new era Commercial satellite constellations are changing how the space industry works. … More → The post Rethinking AI security architectures beyond Earth appeared first on Help Net Security.

DefectDojo is an open-source tool for DevSecOps, application security posture management (ASPM), and vulnerability management. It helps teams manage security testing, track and remove duplicate findings, handle remediation, and generate reports. Whether you’re a solo security practitioner or a CISO managing multiple teams, DefectDojo helps you organize your security work and report your organization’s security posture. At its core, it functions as a bug tracker for security vulnerabilities. It is designed to collect, organize, and … More → The post DefectDojo: Open-source DevSecOps platform appeared first on Help Net Security.

Cybercrime is a global problem, but not every country is equally equipped to fight it. In many developing economies, cybersecurity is still seen as a luxury, something nice to have when budgets allow. That means little investment in tools, training, or talent. At the same time, limited job opportunities and high unemployment make cybercrime an appealing alternative for some. When income matters more than how it’s earned, online crime can look like an easy way … More → The post Developing economies are falling behind in the fight against cybercrime appeared first on Help Net Security.

When disaster strikes, communication often fails. Cell towers can go offline, internet connections can disappear, and people are left without a way to share information or ask for help. A new research project looks at how to keep people talking even when regular networks are gone. Researchers from the University of Zürich and the University of St. Gallen have developed a system that combines low-power radios with a smartphone app. It is designed for situations … More → The post New system aims to keep people connected when networks fail appeared first on Help Net Security.

Redis, the company behind the widely used in-memory data structure store of the same name, has released patches for a critical vulnerability (CVE-2025-49844) that may allow attackers full access to the underlying host system. “This flaw allows a post auth attacker to send a specially crafted malicious Lua script (a feature supported by default in Redis) to escape from the Lua sandbox and achieve arbitrary native code execution on the Redis host,” Wiz researchers noted. … More → The post Redis patches critical “RediShell” RCE vulnerability, update ASAP! (CVE-2025-49844) appeared first on Help Net Security.

Resecurity and watchTowr researchers have analyzed the leaked scripts used by attackers to exploit CVE-2025-61882 on internet-facing Oracle ESB instances. Whether the attackers were Cl0p or LAPSUS$, both, or even additional threat actors is still unknown, as the scripts have been leaked on Telegram. CVE-2025-61882 exploit scripts analyzed “What we have observed is that CVE-2025-61882 (…) is not ‘just’ one vulnerability. It is a poetic flow of numerous small/medium weaknesses,” watchTowr researchers Sina Kheirkhah and … More → The post Leaked Oracle EBS exploit scripts expected to drive new wave of attacks (CVE-2025-61882) appeared first on Help Net Security.

The wrong bug bounty strategy can flood your team with low-value reports. The right one can surface critical vulnerabilities that would otherwise slip through. A new academic study based on Google’s Vulnerability Rewards Program (VRP) offers rare data on how to tell the difference. The team behind the study included experts from Harvard, Bocconi University, Hebrew University, and Google Research. They analyzed data before and after a major change in July 2024, when Google increased … More → The post How to get better results from bug bounty programs without wasting money appeared first on Help Net Security.

Bot farms have moved into the center of information warfare, using automated accounts to manipulate public opinion, influence elections, and weaken trust in institutions. Algorithms reward noise over truth Thales reports that in 2024, automated bot traffic made up 51% of all web traffic, the first time in a decade it has surpassed human activity online. As bots become more common and harder to tell from real users, people start to lose confidence in what … More → The post The architecture of lies: Bot farms are running the disinformation war appeared first on Help Net Security.