Infosecurity News
SHADOW#REACTOR Campaign Uses Text-Only Staging to Deploy Remcos RAT
SHADOW#REACTOR is a multi-stage Windows malware campaign that stealthily deploys the Remcos RAT using complex infection techniques
Phishing Scams Exploit Browser-in-the-Browser Attacks to Steal Facebook Passwords
Cybersecurity researchers issue warning over a surge in attacks designed to trick Facebook users into handing over login credentials
New Chinese-Made Malware Framework Targets Linux-Based Cloud Environments
Detected by Check Point researchers, VoidLink is a sophisticated malware framework that can be used to implant malware in the most common cloud environments
Parliament Asks Security Pros to Shape Cyber Security and Resilience Bill
Lawmakers want the security industry to help them scrutinize the Cyber Security and Resilience Bill
Global Magecart Campaign Targets Six Card Networks
Silent Push has discovered a new Magecart campaign targeting six major payment network providers that has been running since 2022
Palo Alto Networks Introduces New Vibe Coding Security Governance Framework
Researchers at Palo Alto’s Unit 42 have outlined a list of recommended security controls for vibe coding tools
CISA Closes Ten Emergency Directives After Federal Cyber Reviews
US agency CISA has retired ten Emergency Directives issued between 2019 and 2024, marking a new step in managing federal cyber-risk
California Shuts Down Health Data Resales By Unregistered Brokers
California privacy regulator, the CPPA, is cracking down on data brokers trading personal data without authorization
World Economic Forum: Cyber-fraud overtakes ransomware as business leaders' top cyber-security concern
“Pervasive” threat of phishing, invoice scams and other cyber-enabled fraud is at “record highs”, warns WEF Cybersecurity Outlook 2026
Illicit Crypto Activity Hits Record $158bn in 2025
TRM Labs says illegal crypto flows into digital wallets increased to $158bn in 2025
BreachForums Database Leak Turns the Tables on Threat Actors
A database featuring 300,000+ users of notorious hacking forum BreachForums has been leaked online
Europol Leads Global Crackdown on Black Axe Cybercrime Gang, 34 Arrested
Europol-backed operation targets group behind numerous BEC attacks and romance scams
World Economic Forum: Deepfake Face-Swapping Tools Are Creating Critical Security Risks
Researchers at the World Economic Forum have shown that threat actors can use commercial deepfake tools to bypass corporate security protections
AI-Powered Truman Show Operation Industrializes Investment Fraud
Check Point has uncovered a vast, AI-powered scam operation dubbed the “Truman Show”
FBI Warns of North Korean QR Phishing Campaigns
The FBI says North Korea’s Kimsuky APT group is using QR codes in spear phishing campaigns
GoBruteforcer Botnet Targets Linux Servers
The GoBruteforcer botnet has been observed targeting exposed Linux servers on services like FTP and MySQL
New Zero-Click Attack Lets ChatGPT User Steal Data
Researchers at Radware discovered new prompt injection attacks in ChatGPT agentic features
China-Linked UAT-7290 Targets Telecom Networks in South Asia
A long-term cyber-espionage campaign targeting South Asia's telecom firms has been linked to UAT-7290
Phishing Attacks Exploit Misconfigured Email Routing Settings to Target Microsoft 365 Users
Misconfigurations abused to make phishing emails look like they come from within the organization
Fifth of Breaches Take Two Weeks to Recover From
Absolute Security claims that full recovery from endpoint-related downtime can take up to a fortnight for most organizations
