Infosecurity News

  1. Interpol Dismantles SniperDz Phishing-as-a-Service Platform

    New revelations by Group-IB expose the full scale of the decade-old SniperDz phishing operation

  2. Extortion-Only Attacks Increase, With Data Theft Dominating Ransomware Claims

    Extortion-only attacks are increasing as data theft drives most ransomware claims, with many organizations unable to stop stolen data from being exposed

  3. New “Agentjacking” Attacks Could Hijack AI Coding Agents

    Tenet Security researchers reveal how new “agentjacking” attacks could trick coding agents into executing arbitrary code

  4. Fake Software Tutorials on TikTok Spread Vidar Stealer

    Threat actors push fake free-software tutorials on TikTok and Instagram to spread Vidar stealer

  5. New SilabRAT Trojan Hijacks Sessions to Steal Crypto

    MaaS trojan SilabRAT uses HVNC and browser cloning to hijack sessions and steal crypto

  6. Cybersecurity Software Fails to Detect Fifth of Brower-Based Phishing Attacks

    Menlo Security research warns that as enterprise applications become increasingly browser based, traditional cybersecurity tools leave them vulnerable to cyber threats

  7. New Fable 5 Is a "Mythos-Class" LLM Available to All, Anthropic Announces

    Anthropic unveils Claude Mythos 5 and Fable 5, a restricted-access frontier AI model and guardrailed version for everyone to use

  8. Over a Quarter of Identity Crime Victims Hit by Multiple Incidents, ITRC Data Shows

    Nearly 26% of identity crime victims faced multiple incidents in the past year, as ITRC warns of a growing "multi-layered crisis"

  9. Microsoft Fixes 200 CVEs in June Patch Tuesday

    Microsoft has patched 200 vulnerabilities including three zero-days

  10. 75% of Firms Deploy Vulnerable Code Amid Pressure on CISOs, Report Finds

    Checkmarx report warns that business pressure is among the reason security leaders let security compliance slip

  11. AI Coding Adoption Hits 97% but Governance Lags Behind

    Most dev teams use AI coding assistants but only 30% have full governance in place

  12. Critical phpBB Flaw Lets Attackers Hijack Any Account with One Request

    Critical phpBB authentication bypass lets attackers hijack any account with one request

  13. Google Releases Patch for Chrome Vulnerability Exploited in the Wild

    The flaw, CVE-2026-11645, can allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page

  14. Check Point Warns Critical Auth Bypass Bug Exploited in the Wild

    Check Point says a critical vulnerability in its Remote Access VPN and Mobile Access solutions has been exploited by Qilin

  15. Infosecurity Europe: Why JLR’s CISO Enforced In-Person Password Resets Following Cyber-Attack

    Speaking at Infosecurity Europe, Ashish Shrestha, former CISO at Jaguar Land Rover revealed why he wanted over 30,000 employees to change their passwords in the immediate aftermath of the incident

  16. WhatsApp Discovers NSO Group-Linked Spearphishing Attempts

    Meta’s WhatsApp demands contempt ruling after users report NSO Group-linked phishing

  17. North Korean Hackers Use Fake Coding Tasks to Steal Crypto

    North Korean actor UNK_DeadDrop targeted developers with fake coding tasks to steal crypto

  18. OpenAI Unveils ChatGPT Account Security Controls

    OpenAI brings Lockdown Mode and Active Sessions to ChatGPT to curb prompt injection data theft

  19. Infosecurity Europe: Prompt Injection Remains Unsolved, OWASP Researcher Warns

    At Infosecurity Europe 2026, OWASP’s Ariel Fogel warned that prompt injection remains an “unresolved problem” within generative AI architecture

  20. Two-Thirds of Open Source Community Unaware of Cyber Resilience Act

Why Not Watch?

  1. Building True Cyber Resilience Across Financial Supply Chains

  2. How To Enhance Security Operations with AI-Powered Defenses

  3. How Trusted Time Strengthens Network Security

  4. Behind the Curtain of Microsoft 365 Cybersecurity: Lessons from Overlooked Resilience Gaps

What’s Hot on Infosecurity Magazine?