Tag: www.infosecurity-magazine.com

The Intelligence and Security Committee has warned of Iran’s “aggressive” and “extensive” cyber capabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: MPs Warn of “Significant” Iranian Cyber-Threat to UK

Read more →

Forescout found that most LLMs are unreliable in vulnerability research and exploit tasks, with threat actors still skeptical about using tools for these purposes This article has been indexed from www.infosecurity-magazine.com Read the original article: LLMs Fall Short in Vulnerability…

Read more →

The NCA has arrested four individuals on suspicion of involvement in the attacks on M&S, Co-op and Harrods This article has been indexed from www.infosecurity-magazine.com Read the original article: Four Arrested in Connection with April UK Retail Attacks

Read more →

A new probe, opened two months after a €530m fine to TikTok, will investigate the tech giant’s storage of EU users’ data in China This article has been indexed from www.infosecurity-magazine.com Read the original article: TikTok’s Handling of EU User…

Read more →

Personal data of Nippon Steel Solutions’ customers, partners and employees may be compromised This article has been indexed from www.infosecurity-magazine.com Read the original article: Nippon Steel IT Subsidiary Hit by “Zero-Day Attack,” Causing Data Breach

Read more →

The UK ICO has welcomed a ruling in its favor in a long-running battle to issue a fine to TikTok This article has been indexed from www.infosecurity-magazine.com Read the original article: Tribunal Ruling Brings ICO’s £12.7m TikTok Fine Closer

Read more →

Qantas says nearly six million passengers were impacted by a recent data breach This article has been indexed from www.infosecurity-magazine.com Read the original article: Qantas Confirms 5.7 Million Customers Hit by Data Breach

Read more →

Nova Scotia Power revealed that a ransomware attack has prevented meters from sending energy usage data to its systems, impacting billing This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Attack Stops Nova Scotia Power Meter Readings

Read more →

CVE-2025-47981 has the “unfortunate hallmarks of becoming a significant problem,” said WatchTowr’s CEO This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Patch Tuesday: One Zero-Day and A Potential ‘Wormable’ Flaw

Read more →

The US allege that the hacker stole critical COVID-19 research from universities at the behest of the Chinese government This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese State-Sponsored Hacker Charged Over COVID-19 Research Theft

Read more →

The addition of a backdoor to the Atomic macOS Stealer marks a pivotal shift in one of the most active macOS threats, said Moonlock This article has been indexed from www.infosecurity-magazine.com Read the original article: MacOS Infostealer AMOS Evolves with…

Read more →

M&S chairman Archie Norman provided more insights into the April ransomware attack, but did not confirm whether a payment was made to the attackers This article has been indexed from www.infosecurity-magazine.com Read the original article: M&S Chair Details Ransomware Attack,…

Read more →

Researchers from Koi Security have detected 18 malicious Chrome and Edge extensions masquerading as benign productivity and entertainment tools This article has been indexed from www.infosecurity-magazine.com Read the original article: Researchers Reveal 18 Malicious Chrome and Edge Extensions Disguised as…

Read more →

Check Point discovered around 500 suspected Scattered Spider phishing domains, suggesting the group is preparing to expand its targeting This article has been indexed from www.infosecurity-magazine.com Read the original article: Over 500 Scattered Spider Phishing Domains Poised to Target Multiple…

Read more →

Sonatype’s latest Open Source Malware Index report has identified more than 16,000 malicious open source packages, representing a 188% annual increase This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious Open Source Packages Surge 188% Annually

Read more →

The company behind AV/EDR evasion tool Shellter has confirmed the product is being used by threat actors This article has been indexed from www.infosecurity-magazine.com Read the original article: Red Team Tool Developer Shellter Admits ‘Misuse’ by Adversaries

Read more →

China’s Hikvision vows legal battle after Canada bans its operations, citing national security concerns This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Video Surveillance Vendor Hikvision to Fight Canadian Ban

Read more →

Trend Micro has observed the Bert ransomware group in operation since April 2025, with confirmed victims in sectors including healthcare, technology and event services This article has been indexed from www.infosecurity-magazine.com Read the original article: New Bert Ransomware Group Strikes…

Read more →

Iran-aligned BladedFeline group has been observed targeting the government of Iraq and KRG with advanced malware This article has been indexed from www.infosecurity-magazine.com Read the original article: Iran-Aligned Hacking Group Targets Middle Eastern Governments

Read more →

Vulnerability research company WatchTowr published a detection analysis for the Citrix Blled 2 flaw This article has been indexed from www.infosecurity-magazine.com Read the original article: Researchers Share CitrixBleed 2 Detection Analysis After Initial Hold

Read more →

Cybersecurity researchers have observed a 156% increase in credential theft incidents between 2024 and Q1 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: Hackers Target Employee Credentials Amid Spike in ID Attacks

Read more →

Qantas said it is currently validating the contact, and has informed law enforcement This article has been indexed from www.infosecurity-magazine.com Read the original article: Qantas Contacted by Potential Cybercriminal Following Data Breach

Read more →

Check Point has discovered over 1000 suspicious domains registered in the run-up to Amazon Prime Day This article has been indexed from www.infosecurity-magazine.com Read the original article: Hundreds of Malicious Domains Registered Ahead of Prime Day

Read more →

Distributor Ingram Micro says it has found ransomware on its internal systems This article has been indexed from www.infosecurity-magazine.com Read the original article: IT Giant Ingram Micro Reveals Ransomware Breach

Read more →

Some admins of Hunters International are now part of the encryption-less cyber extortion group World Leaks This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware: Hunters International Is Not Shutting Down, It’s Rebranding

Read more →

Taiwan warned that popular Chinese-owned apps, including TikTok and Weibo, are harvesting personal data and sending it back to servers in China This article has been indexed from www.infosecurity-magazine.com Read the original article: Taiwan Flags Chinese Apps Over Data Security…

Read more →

The EU’s Quantum Strategy includes plans to develop secure quantum communication infrastructure across the region This article has been indexed from www.infosecurity-magazine.com Read the original article: EU Launches Plan to Implement Quantum-Secure Infrastructure

Read more →

A severe flaw identified in the Forminator WordPress plugin allows arbitrary file deletion and potential site takeover This article has been indexed from www.infosecurity-magazine.com Read the original article: WordPress Plugin Flaw Exposes 600,000 Sites to File Deletion

Read more →

A critical Azure Machine Learning flaw allows privilege escalation, risking subscription compromise This article has been indexed from www.infosecurity-magazine.com Read the original article: Privilege Escalation Flaw Found in Azure Machine Learning Service

Read more →

The CVE Board has launched a Consumer Working Group and a Researcher Working Group, allowing new stakeholders to shape the future of the CVE Program This article has been indexed from www.infosecurity-magazine.com Read the original article: CVE Program Launches Two…

Read more →

ReliaQuest warns that initial access vulnerability exploitation is driving successful ransomware attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Automation and Vulnerability Exploitation Drive Mass Ransomware Breaches

Read more →

SentinelLabs observed North Korean actors deploying novel TTPs to target crypto firms, including a mix of programming languages and signal-based persistence This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korean Hackers Target Crypto Firms with Novel…

Read more →

Two elevation of privilege vulnerabilities have been discovered on the popular Sudo utility, affecting 30-50 million endpoints in the US alone This article has been indexed from www.infosecurity-magazine.com Read the original article: Linux Users Urged to Patch Critical Sudo CVE

Read more →

A third of AI-generated login URLs lead to incorrect or dangerous domains, according to Netcraft This article has been indexed from www.infosecurity-magazine.com Read the original article: AI Models Mislead Users on Login URLs

Read more →

New Android malware Qwizzserial has infected 100,000 devices, primarily in Uzbekistan, stealing SMS data via Telegram distribution This article has been indexed from www.infosecurity-magazine.com Read the original article: Android SMS Stealer Infects 100,000 Devices in Uzbekistan

Read more →

The French cybersecurity agency identified Houken, a new Chinese intrusion campaign targeting various industries in France This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Hackers Target France in Ivanti Zero-Day Exploit Campaign

Read more →

The Treasury said that Aeza Group has provided infrastructure services for notorious infostealer and ransomware operators This article has been indexed from www.infosecurity-magazine.com Read the original article: US Treasury Sanctions Russian Bulletproof Hosting Service Aeza Group

Read more →

Benefits admin specialist Kelly Benefits has revealed a breach impacting over 500,000 individuals across 45 client organizations This article has been indexed from www.infosecurity-magazine.com Read the original article: Dozens of Corporates Caught in Kelly Benefits Data Breach

Read more →

Qantas admits that a “significant” volume of customer data may have been stolen from a contact center This article has been indexed from www.infosecurity-magazine.com Read the original article: Qantas Reveals “Significant” Contact Center Data Breach

Read more →

Cloudflare now blocks AI web crawlers by default, requiring permission from site owners for access This article has been indexed from www.infosecurity-magazine.com Read the original article: Cloudflare Now Blocks AI Web Scraping by Default

Read more →

Google has patched a critical type confusion vulnerability in Chrome, the fourth zero-day fix in 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Issues Emergency Patch for Fourth Chrome Zero-Day of 2025

Read more →

Proofpoint has identified similarities between the tactics of a pro-Russian cyber espionage group and a cybercriminal gang This article has been indexed from www.infosecurity-magazine.com Read the original article: New Report Uncovers Major Overlaps in Cybercrime and State-Sponsored Espionage

Read more →

The ICC said the new incident was the second “of its type” it has faced in recent years, relating to an espionage attack in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: International Criminal Court Hit…

Read more →

CertiK found $2.47bn in crypto was stolen in H1 2025, largely due to two major security incidents – ByBit and Cetus This article has been indexed from www.infosecurity-magazine.com Read the original article: Crypto Hack Losses in First Half of 2025…

Read more →

The threat actor Sarcoma has been held responsible for a ransomware attack on a Swiss health foundation This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Strike on Swiss Health Foundation Exposes Government Data

Read more →

Interpol warns that scam centers are expanding beyond Southeast Asia This article has been indexed from www.infosecurity-magazine.com Read the original article: Scam Centers Expand Global Footprint with Trafficked Victims

Read more →

Both the US authorities and Microsoft have taken action to disrupt North Korean IT worker schemes This article has been indexed from www.infosecurity-magazine.com Read the original article: US DoJ and Microsoft Target North Korean IT Workers

Read more →

A €460m cryptocurrency fraud scheme has been disrupted by authorities, leading to five arrests in Spain This article has been indexed from www.infosecurity-magazine.com Read the original article: International Taskforce Dismantles €460m Crypto Fraud Network

Read more →

Ahold Delhaize has confirmed a cyber-attack exposed personal data of over 2.2 million individuals in the US This article has been indexed from www.infosecurity-magazine.com Read the original article: Food Retailer Ahold Delhaize Discloses Data Breach Impacting 2.2 Million

Read more →

US Defense Industrial Base (DIB) companies are “at increased risk” of cyber-attacks from Iran-aligned hacking groups This article has been indexed from www.infosecurity-magazine.com Read the original article: Iranian Cyber Threats Persist Despite Ceasefire, US Intelligence Warns

Read more →

The ban on Hikvision products follows a national security review under the Investment Canada Act This article has been indexed from www.infosecurity-magazine.com Read the original article: Canada Bans Chinese CCTV Vendor Hikvision Over National Security Concerns

Read more →

The FBI alert comes amid several reported cyber incidents impacting North America-based airlines, including Hawaiian Airlines This article has been indexed from www.infosecurity-magazine.com Read the original article: Scattered Spider Actively Targeting Airlines, FBI Warns

Read more →

An IT worker has been jailed for launching a cyber-attack after he was suspended at work This article has been indexed from www.infosecurity-magazine.com Read the original article: IT Worker Jailed After Revenge Attack on Employer

Read more →

Glasgow City Council is alerting residents to a parking scam which could be linked to a recent cyber-incident This article has been indexed from www.infosecurity-magazine.com Read the original article: Glasgow City Council Warns of Parking Fine Scam

Read more →

The US airline said that incident was affecting some of its IT systems, but flights are continuing to operate safely and as scheduled This article has been indexed from www.infosecurity-magazine.com Read the original article: Hawaiian Airlines Hit by Cybersecurity Incident

Read more →

This new CitrixBleed lookalike flaw is being exploited in the wild to gain initial access, according to ReliaQuest This article has been indexed from www.infosecurity-magazine.com Read the original article: CitrixBleed 2 Vulnerability Exploited, Recalling Earlier CitrixBleed Fallout

Read more →

GreyNoise observed a surge in scanning activity targeting MOVEit Transfer systems since May 27, indicating the software could face renewed attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: MOVEit Transfer Systems Face Fresh Attack Risk Following…

Read more →

Misconfigured AI-linked MCP servers are exposing users to data breaches and remote code execution threats This article has been indexed from www.infosecurity-magazine.com Read the original article: Hundreds of MCP Servers at Risk of RCE and Data Leaks

Read more →

A patient’s death was linked to the 2024 ransomware attack on Synnovis, which disrupted NHS facilities This article has been indexed from www.infosecurity-magazine.com Read the original article: Patient Death Linked to NHS Cyber-Attack

Read more →

The ClickFix social engineering technique has become the second most common attack vector, behind only phishing, according to ESET research This article has been indexed from www.infosecurity-magazine.com Read the original article: ClickFix Attacks Surge 517% in 2025

Read more →

The hackers are also suspected of being behind several cyber-attacks, including against the French Football Federation This article has been indexed from www.infosecurity-magazine.com Read the original article: French Authorities Arrest Four with Suspected Ties to Notorious BreachForums

Read more →

Interpol claims cybercrime has risen sharply in Africa with cyber-offences accounting for a “medium-to-high” share of all crime This article has been indexed from www.infosecurity-magazine.com Read the original article: Interpol Warns of Rapid Rise in Cybercrime on African Continent

Read more →

Glasgow City Council has warned of service disruption and potential data loss after a security incident This article has been indexed from www.infosecurity-magazine.com Read the original article: Supply Chain Incident Imperils Glasgow Council Services and Data

Read more →

The threat actor used a combination of open-source and publicly available tools to establish their attack framework This article has been indexed from www.infosecurity-magazine.com Read the original article: Hackers Use Open-Source Offensive Cyber Tools to Attack Financial Businesses in Africa

Read more →

NSA and CISA are urging developers to adopt memory safe languages (MSLs) to combat vulnerabilities in software This article has been indexed from www.infosecurity-magazine.com Read the original article: NSA and CISA Urge Adoption of Memory Safe Languages for Safety

Read more →

Semperis estimates that at least 15,000 enterprise SaaS applications are still vulnerable to a flaw discovered in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft nOAuth Flaw Still Exposes SaaS Apps Two Years After Discovery

Read more →

Two SAP GUI vulnerabilities have been identified exposing sensitive data due to weak encryption in input history features This article has been indexed from www.infosecurity-magazine.com Read the original article: SAP GUI Input History Found Vulnerable to Weak Encryption

Read more →

NCC Group found that ransomware attacks fell for the third consecutive month in May 2025, despite a surge in incidents impacting retailers This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Attacks Dip in May Despite Persistent…

Read more →

UK ransomware victims are paying extortionists twice as much as a year ago This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Ransom Payments Double as Victims Fall Behind Global Peers

Read more →

The Common Good Cyber Fund will receive funding from the UK and Canadian governments, with further pledges from G7 nations This article has been indexed from www.infosecurity-magazine.com Read the original article: Common Good Cyber Fund Launched to Support Non-Profit Security…

Read more →

Okta says over 46% of new customer registrations are bot-driven fraud attempts This article has been indexed from www.infosecurity-magazine.com Read the original article: Half of Customer Signups Are Now Fraudulent

Read more →

A representative of NCSC-FI shared some lessons learned from a 2024 data breach affecting the Finnish capital This article has been indexed from www.infosecurity-magazine.com Read the original article: Lessons from Helsinki: NCSC-FI’s Role in Mitigating a Major Data Breach

Read more →

A long-running malware campaign targeting WordPress via a rogue plugin has been observed skimming data, stealing credentials and user profiling This article has been indexed from www.infosecurity-magazine.com Read the original article: Malware Campaign Uses Rogue WordPress Plugin to Skim Credit…

Read more →

Data breach at McLaren Health Care affecting over 743,000 individuals has been linked to a ransomware attack This article has been indexed from www.infosecurity-magazine.com Read the original article: Mclaren Health Care Data Breach Impacts Over 743,000 Patients

Read more →

Cobalt found that many security professionals believe a “strategic pause” in genAI deployment is necessary to recalibrate defenses This article has been indexed from www.infosecurity-magazine.com Read the original article: Half of Security Pros Want GenAI Deployment Pause

Read more →

New ITRC data reveals identity crimes are down but impersonation scams now account for a third of all scams This article has been indexed from www.infosecurity-magazine.com Read the original article: Reported Impersonation Scams Surge 148% as AI Takes Hold

Read more →

The NCSC says its Cyber Advisor program is not growing fast enough This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Urges Experts to Join Cyber Advisor Program

Read more →

Draugnet is a new anonymous threat reporting platform built for the MISP ecosystem This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Intel Pros and Hobbyists Can Now Report Threats Anonymously

Read more →

A cyber-attack by pro-Iranian group Cyber Fattah has leaked personal information from the Saudi Games online This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Fattah Leaks Data from Saudi Games in Alleged Iranian Operation

Read more →

A cyber-attack on CoinMarketCap exposed users to a fake Web3 wallet prompt, draining $43,266 from wallets This article has been indexed from www.infosecurity-magazine.com Read the original article: Fake Web3 Wallet Prompt Steals $43,000 from CoinMarketCap Users

Read more →

The DHS warned of a heightened risk of cyber and physical attacks on US targets by Iran in retaliation for strikes on Iranian nuclear facilities over the weekend This article has been indexed from www.infosecurity-magazine.com Read the original article: US…

Read more →

The UK government’s Cyber Essentials scheme hits 10,000 certifications for the first time in a quarter but challenges persist This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Essentials Breaks Quarterly Record for Certifications

Read more →

SecurityScorecard has discovered a covert cyber-espionage botnet dubbed “LapDogs” linked to China This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese “LapDogs” ORB Network Targets US and Asia

Read more →

The UK’s Cyber Monitoring Centre (CMC) assessed the incident as a Category 2 systemic event, based on the significant economic impact This article has been indexed from www.infosecurity-magazine.com Read the original article: M&S and Co-op Hacks Classified as Single Cyber…

Read more →

Oxford City Council revealed that attackers accessed data of individuals who worked on Council-administered elections between 2001 and 2022 This article has been indexed from www.infosecurity-magazine.com Read the original article: Personal Data of Oxford City Council Officers Exposed

Read more →

Around half of the world’s top 100 websites have already integrated passkey support This article has been indexed from www.infosecurity-magazine.com Read the original article: Meta To Introduce Full Passkey Support for Facebook on Mobiles

Read more →

Bridewell’s analysis of advertised UK cybersecurity roles revealed that the public sector offers one the lowest average salaries across all industries This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Gov Cybersecurity Jobs Average Salary is Under…

Read more →

A prominent expert on Russian information operations was targeted by a sophisticated spear phishing attack likely coming from Russian hackers This article has been indexed from www.infosecurity-magazine.com Read the original article: Russia Expert Falls Prey to Elite Hackers Disguised as…

Read more →

Banana Squad exploited GitHub to distribute malicious Python code disguised as legitimate tools This article has been indexed from www.infosecurity-magazine.com Read the original article: Banana Squad’s Stealthy GitHub Malware Campaign Targets Devs

Read more →

Doughnut maker Krispy Kreme has revealed that sensitive financial and personal data of over 160,000 individuals has been impacted following a November 2024 cyber incident This article has been indexed from www.infosecurity-magazine.com Read the original article: Krispy Kreme Data Breach…

Read more →

Python RAT PylangGhost, linked to Famous Chollima, targeted crypto professionals via fake job sites This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korean Hackers Deploy Python-Based Trojan Targeting Crypto

Read more →

Banking giant UBS revealed it had suffered a data breach following a cyber-attack on procurement service provider Chain IQ This article has been indexed from www.infosecurity-magazine.com Read the original article: UBS Employee Data Reportedly Exposed in Third Party Attack

Read more →

Cato Networks researchers demonstrated an attack leveraging Atlassian’s AI agent-enabling server This article has been indexed from www.infosecurity-magazine.com Read the original article: Researchers Warn of ‘Living off AI’ Attacks After PoC Exploits Atlassian’s AI Agent Protocol

Read more →

An alleged former member of the infamous Ryuk ransomware group has been extradited to the US This article has been indexed from www.infosecurity-magazine.com Read the original article: Alleged Ryuk Initial Access Broker Extradited to the US

Read more →

Pro-Israel Predatory Sparrow Group steals $90m in crypto from Iranian exchange Nobitex This article has been indexed from www.infosecurity-magazine.com Read the original article: Israeli Hacktivists Steal and Burn $90m+ from Iranian Crypo Biz

Read more →

Two critical Linux flaws allow unprivileged users to gain root access, affecting major distributions This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical Linux Flaws Discovered Allowing Root Access Exploits

Read more →

Barracuda observed a big spike in spam emails generated using AI tools, making up the majority detected in April 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: AI Now Generates Majority of Spam and Malicious Emails

Read more →

Upgraded GodFather banking malware now uses on-device virtualization to hijack apps, enabling real-time fraud This article has been indexed from www.infosecurity-magazine.com Read the original article: GodFather Malware Upgraded to Hijack Legitimate Mobile Apps

Read more →

ClickFix techniques are enabling threat actors to bypass defenses using tools like MSHTA, says ReliaQuest This article has been indexed from www.infosecurity-magazine.com Read the original article: ClickFix Helps Infostealers Use MHSTA for Defense Evasion

Read more →

The new Cyber Growth Action Plan aims to support the UK’s cyber industry, including the development of innovative new technologies and startups This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Government Publishes Plan to Boost Cyber…

Read more →