Infosecurity News

  1. Three-Quarters of Firms Knowingly Ship Vulnerable Code

    AI risks threaten to permeate supply chains through unvetted code and unaudited suppliers

  2. Nine-Year-Old Linux Kernel Flaw Leaks SSH Keys and Password Hashes

    Qualys finds nine-year-old Linux ptrace flaw exposing SSH keys and password hashes locally

  3. Grafana Labs Says Code Breach Stemmed from TanStack Attack

    Grafana Labs has confirmed a recent data breach was caused by the TanStack supply chain attack

  4. Android Malware Campaign Used Hundreds of Fake Apps to Silently Charge Users

    Premium Deception campaign uses 250 Android apps to silently sign victims up to paid services

  5. Mini Shai-Hulud Hits Hundreds of npm Packages in AntV Ecosystem

    Mini Shai-Hulud worm hits Alibaba AntV ecosystem in largest npm supply chain wave to date

  6. China-Linked Webworm APT Evolves Tactics, Expands to European Targets

    China-linked Webworm APT expands beyond Asia, targeting European government organizations and refining its cyber espionage tactics, according to ESET research

  7. GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension

    The prolific threat group TeamPCP has claimed a hack into GitHub’s internal repositories

  8. Researchers Warn CypherLoc Scareware Has Targeted Millions of Users

    Barracuda reveals new CypherLoc scareware has featured in nearly three million attacks

  9. Verizon DBIR: Vulnerability Exploits Overtake Credentials as Top Access Vector

    Verizon DBIR finds 31% of data breaches began with software flaws last year

  10. Microsoft Takes Down Fox Tempest for Providing Ransomware-Enabling Signing Tool

    Microsoft’s Digital Crimes Unit has taken down the infrastructure of Fox Tempest, a prolific cybercrime-enabling threat group

  11. AI Raises the Bar on Vulnerability Awareness and Secure-by-Design Software

    AI-powered vulnerability scanning leaves no excuse for unpatched bugs as the EU Cyber Resilience Act pushes firms toward secure-by-design software

  12. Agentic AI Accelerates Software Builds and Mobile App Attacks

    Digital.ai data reveals 87% of apps were attacked over the past year

  13. Grafana Labs Confirms Hackers Stole Source Code

    Open source tool maker Grafana says hackers stole codebase via GitHub breach

  14. Hackers Bypass Security Tools to Target Users Directly

    Bridewell report calls out emergence of “fix-style” attacks

  15. Interpol Launches Sweeping Cybercrime Crackdown in MENA Region

    Over 200 people were arrested in an anti-cybercrime operation that spanned 13 countries across the Middle East and North Africa

  16. The Infosecurity Europe Cyber Startup Competition: Meet the Finalists

    New for 2026, the Infosecurity Europe Startup competition will see five finalists pitch their ideas in front of a live audience, including senior industry leaders, investors and buyers

  17. NCSC Publishes Guidance on Securing Agentic AI Use

    The UK’s National Cyber Security Centre is helping organizations to understand agentic AI security risks

  18. Security Researchers Find 47 Zero-Days at Pwn2Own Berlin

    The research community was awarded $1.3m as it found dozens of novel vulnerabilities at Pwn2Own Berlin

  19. Bank of England, FCA and Treasury Raise Alarm Over Frontier AI

    The UK’s financial authorities have set expectations for the sector on cybersecurity and operational resilience

  20. Gremlin Stealer Evolves into Modular Threat with Advanced Evasion Capabilities

    A new Gremlin stealer variant has evolved into a modular toolkit with advanced evasion and data theft capabilities, according to new Unit 42 research

Why Not Watch?

  1. How to Recover From a Cyber-Attack: A Step-by-Step Playbook

  2. Behind the Curtain of Microsoft 365 Cybersecurity: Lessons from Overlooked Resilience Gaps

  3. Financial Services Under Pressure: Supply Chain Risk, Regulation and Operational Resilience

  4. How To Enhance Security Operations with AI-Powered Defenses

What’s Hot on Infosecurity Magazine?