Infosecurity News
US Charges 54 in Massive ATM Jackpotting Conspiracy
The US has charged 54 individuals in a massive ATM jackpotting conspiracy linked to Venezuelan crime syndicate Tren de Aragua, accused of stealing millions
FBI Disrupts Russian Crypto Laundering Hub Enabling Cybercrime
A 39-year-old Russian national is accused of working with cybercriminals to convert criminal proceeds from cryptocurrency into various cash currencies
OAuth Device Code Phishing Campaigns Surge Targets Microsoft 365
A surge in phishing attacks exploiting Microsoft’s OAuth device code flow has been identified by Proofpoint
North Korea Steals Over $2bn in Crypto in 2025
Chainalysis warns North Korea continues to steal billions in crypto for its weapons program
New BeaverTail Malware Variant Linked to Lazarus Group
A new variant of the BeaverTail malware linked to North Korean hackers has been identified targeting cryptocurrency traders and developers
HMRC Warns of Over 135,000 Scam Reports
The UK’s tax office has received 135,500 reports of suspected scams in the past 10 months including 4800 related to self assessment filings
Motors WordPress Vulnerability Exposes Sites to Takeover
A critical flaw in the Motors WordPress theme affecting more than 20,000 installations allows low-privileged users to gain full control of websites
New “Lies-in-the-Loop” Attack Undermines AI Safety Dialogs
A novel attack technique dubbed ”Lies-in-the-Loop” (LITL) has been observed manipulating human approval prompts in agentic AI systems
ISACA Named Global Credentialing Authority for DoD’s CMMC Program
ISACA has been appointed by the US DoD as the global credentialing authority for its CMMC program
US Autoparts Maker LKQ Confirms Oracle EBS Breach
LKQ confirmed that over 9000 individuals saw their personal data compromised because of the breach
European Investigators Disrupt $12m Call Center Fraud Ring
Eurojust reveals new policing operation which helped to smash a Ukraine-based call center fraud gang
Chinese Ink Dragon Group Hides in European Government Networks
China’s Ink Dragon is using European government networks to hide its espionage activity
Urban VPN Proxy Accused of Harvesting AI Chat Conversations
The browser extension Urban VPN Proxy has been reportedly collecting users’ AI chat conversations
JumpCloud Windows Agent Flaw Enables Local Privilege Escalation
A flaw in JumpCloud Remote Assist for Windows has exposed managed endpoints to local privilege escalation and denial-of-service attacks
Amazon Warns Russian GRU Hackers Target Western Firms via Edge Devices
Amazon researchers believe this campaign is part of a bigger operation spearheaded by Russia’s military intelligence service, the GRU
Millions of Car Owners Hit By Credit700 Data Breach
US financial services firm Credit700 has revealed a major data breach impacting 5.8 million people
Phishing Messages and Social Scams Flood Users Ahead of Christmas
Check Point has detected thousands of phishing emails in the past fortnight, offering fake promotions and special deals
Third Defendant Pleads Guilty in Fantasy Sports Betting Hack Case
A Minnesota man has pleaded guilty to a credential stuffing scheme that compromised over 60,000 accounts
Russian Phishing Campaign Delivers Phantom Stealer Via ISO Files
A new phishing campaign has been identified, delivering the Phantom information-stealing malware via an ISO attachment
Asahi to Launch Cybersecurity Overhaul After Crippling Cyber-Attack
Asahi Group’s CEO said he is considering creating a dedicated cyber unit following the ransomware attack that crippled the company
