Infosecurity News

  1. CISA Closes Ten Emergency Directives After Federal Cyber Reviews

    US agency CISA has retired ten Emergency Directives issued between 2019 and 2024, marking a new step in managing federal cyber-risk

  2. California Shuts Down Health Data Resales By Unregistered Brokers

    California privacy regulator, the CPPA, is cracking down on data brokers trading personal data without authorization

  3. World Economic Forum: Cyber-fraud overtakes ransomware as business leaders' top cyber-security concern

    “Pervasive” threat of phishing, invoice scams and other cyber-enabled fraud is at “record highs”, warns WEF Cybersecurity Outlook 2026

  4. Illicit Crypto Activity Hits Record $158bn in 2025

    TRM Labs says illegal crypto flows into digital wallets increased to $158bn in 2025

  5. BreachForums Database Leak Turns the Tables on Threat Actors

    A database featuring 300,000+ users of notorious hacking forum BreachForums has been leaked online

  6. Europol Leads Global Crackdown on Black Axe Cybercrime Gang, 34 Arrested

    Europol-backed operation targets group behind numerous BEC attacks and romance scams

  7. World Economic Forum: Deepfake Face-Swapping Tools Are Creating Critical Security Risks

    Researchers at the World Economic Forum have shown that threat actors can use commercial deepfake tools to bypass corporate security protections

  8. AI-Powered Truman Show Operation Industrializes Investment Fraud

    Check Point has uncovered a vast, AI-powered scam operation dubbed the “Truman Show”

  9. FBI Warns of North Korean QR Phishing Campaigns

    The FBI says North Korea’s Kimsuky APT group is using QR codes in spear phishing campaigns

  10. GoBruteforcer Botnet Targets Linux Servers

    The GoBruteforcer botnet has been observed targeting exposed Linux servers on services like FTP and MySQL

  11. New Zero-Click Attack Lets ChatGPT User Steal Data

    Researchers at Radware discovered new prompt injection attacks in ChatGPT agentic features

  12. China-Linked UAT-7290 Targets Telecom Networks in South Asia

    A long-term cyber-espionage campaign targeting South Asia's telecom firms has been linked to UAT-7290

  13. Phishing Attacks Exploit Misconfigured Email Routing Settings to Target Microsoft 365 Users

    Misconfigurations abused to make phishing emails look like they come from within the organization

  14. Fifth of Breaches Take Two Weeks to Recover From

    Absolute Security claims that full recovery from endpoint-related downtime can take up to a fortnight for most organizations

  15. US To Leave Global Forum on Cyber Expertise

    The Trump administration decided to leave 66 international organizations, including the GFCE and the European Centre of Excellence for Countering Hybrid Threats

  16. Maximum Severity “Ni8mare” Bug Lets Hackers Hijack n8n Servers

    A newly discovered vulnerability in authentication platform n8n could allow threat actors to take control of n8n servers

  17. Versatile Malware Loader pkr_mtsi Delivers Diverse Payloads

    Malicious Windows packer named pkr_mtsi used as a flexible malware loader in malvertising campaigns

  18. Ghost Tap Malware Fuels Surge in Remote NFC Payment Fraud

    New Android malware enables unauthorized tap-to-pay transactions without physical access to bank cards

  19. China intensifies Cyber-Attacks on Taiwan as Energy Sector Sees Tenfold Spike

    Taiwan recorded an average of 2.63 million cyber intrusion attempts to it critical infrastructure per day coming from China in 2025

  20. Personal LLM Accounts Drive Shadow AI Data Leak Risks

    Lack of visibility and governance around employees using generative AI is resulting in rise in data security risks

Why Not Watch?

  1. Audit & Compliance in the Era of AI and Emerging Technology

  2. Securing M365 Data and Identity Systems Against Modern Adversaries

  3. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

  4. How To Enhance Security Operations with AI-Powered Defenses

What’s Hot on Infosecurity Magazine?