Infosecurity News

  1. 86% Surge in Fake Delivery Websites Hits Shoppers During Holiday Rush

    NordVPN has warned that malicious postal service websites have surged by 86% over the past month, targeting holiday delivery tracking

  2. Monitoring Tool Nezha Abused For Stealthy Post-Exploitation Access

    Open-source server monitoring tool, Nezha, is being exploited by attackers for remote system control

  3. UK: NHS Supplier Confirms Cyber-Attack, Operations Unaffected

    DXS International, an official partner of NHS England, said the breach has not affected its operations

  4. Nefilim Ransomware Affiliate Pleads Guilty

    A Ukrainian man has pleaded guilty to charges connecting him to Nefilim ransomware attacks

  5. Scripted Sparrow Sends Millions of BEC Emails Each Month

    Fortra has uncovered a prolific BEC group dubbed “Scripted Sparrow” spanning three continents and at least five countries

  6. Denmark Blames Russia for "Destructive" Cyber-Attacks

    The Danish intelligence service believes some pro-Russian hacktivist groups have links with the Kremlin

  7. US Charges 54 in Massive ATM Jackpotting Conspiracy

    The US has charged 54 individuals in a massive ATM jackpotting conspiracy linked to Venezuelan crime syndicate Tren de Aragua, accused of stealing millions

  8. FBI Disrupts Russian Crypto Laundering Hub Enabling Cybercrime

    A 39-year-old Russian national is accused of working with cybercriminals to convert criminal proceeds from cryptocurrency into various cash currencies

  9. OAuth Device Code Phishing Campaigns Surge Targets Microsoft 365

    A surge in phishing attacks exploiting Microsoft’s OAuth device code flow has been identified by Proofpoint

  10. North Korea Steals Over $2bn in Crypto in 2025

    Chainalysis warns North Korea continues to steal billions in crypto for its weapons program

  11. New BeaverTail Malware Variant Linked to Lazarus Group

    A new variant of the BeaverTail malware linked to North Korean hackers has been identified targeting cryptocurrency traders and developers

  12. HMRC Warns of Over 135,000 Scam Reports

    The UK’s tax office has received 135,500 reports of suspected scams in the past 10 months including 4800 related to self assessment filings

  13. Motors WordPress Vulnerability Exposes Sites to Takeover

    A critical flaw in the Motors WordPress theme affecting more than 20,000 installations allows low-privileged users to gain full control of websites

  14. New “Lies-in-the-Loop” Attack Undermines AI Safety Dialogs

    A novel attack technique dubbed ”Lies-in-the-Loop” (LITL) has been observed manipulating human approval prompts in agentic AI systems

  15. ISACA Named Global Credentialing Authority for DoD’s CMMC Program

    ISACA has been appointed by the US DoD as the global credentialing authority for its CMMC program

  16. US Autoparts Maker LKQ Confirms Oracle EBS Breach

    LKQ confirmed that over 9000 individuals saw their personal data compromised because of the breach

  17. European Investigators Disrupt $12m Call Center Fraud Ring

    Eurojust reveals new policing operation which helped to smash a Ukraine-based call center fraud gang

  18. Chinese Ink Dragon Group Hides in European Government Networks

    China’s Ink Dragon is using European government networks to hide its espionage activity

  19. Urban VPN Proxy Accused of Harvesting AI Chat Conversations

    The browser extension Urban VPN Proxy has been reportedly collecting users’ AI chat conversations

  20. JumpCloud Windows Agent Flaw Enables Local Privilege Escalation

    A flaw in JumpCloud Remote Assist for Windows has exposed managed endpoints to local privilege escalation and denial-of-service attacks

Why Not Watch?

  1. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  2. Time Is a New Attack Surface: Securing Networks with Trusted Time Synchronization

  3. Exposing AI’s Blind Spots: Security vs Safety in the Age of Gen AI

  4. Mastering AI Security With ISACA’s New AAISM Certification

What’s Hot on Infosecurity Magazine?