Infosecurity News
Ghost Tap Malware Fuels Surge in Remote NFC Payment Fraud
New Android malware enables unauthorized tap-to-pay transactions without physical access to bank cards
China intensifies Cyber-Attacks on Taiwan as Energy Sector Sees Tenfold Spike
Taiwan recorded an average of 2.63 million cyber intrusion attempts to it critical infrastructure per day coming from China in 2025
Personal LLM Accounts Drive Shadow AI Data Leak Risks
Lack of visibility and governance around employees using generative AI is resulting in rise in data security risks
Hackers Claim to Disconnect Brightspeed Customers After Breach
A hacking collective claims it has disconnected customers of US ISP Brightspeed
MFA Failure Enables Infostealer Breach At 50 Enterprises
Threat actor “Zestix” was able to breach around 50 firms using infostealers because they lacked multi-factor authentication
Hospitality Sector Hit By PHALT#BLYX ClickFix Malware Campaign
Multi-stage malware campaign targets hospitality organizations using social engineering and abuse of MSBuild.exe
High-Severity Flaw in Open WebUI Affects AI Connections
A high-severity security flaw in Open WebUI Direct Connections risks account takeover and server compromises
UK Launches New Cyber Unit to Bolster Defences Against Cyber Threats
UK government’s new Cyber Action plan looks to provide more ‘hands-on’ support for protecting against and responding to security incidents
Jaguar Land Rover's Q3 Sales Crash Amid Cyber-Attack Fallout
JLR’s wholesale sales plunged 43% and retail drops 25% in the third quarter of 2025 following the 2025 cyber-attack
Ilya Lichtenstein Released Early After Bitfinex Hack Conviction
Ilya Lichtenstein, convicted for the 2016 Bitfinex hack, has been released early from prison to home confinement
VVS Stealer Uses Advanced Obfuscation to Target Discord Users
A new Python-based malware called VVS stealer has been identified, targeting Discord users with stealthy techniques to steal data
New Zealand Orders Review of Manage My Health Breach Affecting 100,000+ Patients
A breach affecting Manage My Health could have exposed sensitive data for up to 120,000 New Zealand patients
European Space Agency Confirms Server Breach
The European Space Agency has said that external servers were recently involved in a security “issue”
Experts Trace $35m in Stolen Crypto to LastPass Breach
TRM Labs says it has recorded $35m drained from users’ wallets following 2022 LastPass breach
Infosecurity's Top 10 Cybersecurity Stories of 2025
Explore Infosecurity Magazine’s most-read cybersecurity stories of 2025, from major vendor shake-ups and zero-day exploits to AI-driven threats and supply chain attacks
SEC Charges Crypto Firms in $14m Investment Scam
The SEC has charged several crypto platforms and investment clubs for defrauding US investors of more than $14m
Coordinated Scams Target MENA Region With Fake Online Job Ads
A coordinated wave of fake online job ads targeting the Middle East and North Africa has been uncovered, exploiting remote work trends
NIST, MITRE Partner on $20m AI Centers For Manufacturing and Cybersecurity
NIST and MITRE are collaboratively launching two centers to advance AI security for US manufacturing and critical infrastructure
ServiceNow to Pay $7.8bn For OT Security Specialist Armis
ServiceNow is set to acquire Armis for $7.75bn in a cash-only deal expected to close in the second half of 2026
La Poste Still Offline After Major DDoS Attack
French postal service warns of “major network incident” just before Christmas
