Infosecurity News

  1. New Xiu Gou Phishing Kit Targets US, Other Countries with Mascot

    New phishing kit Xiu Gou, featuring a unique “doggo” mascot, targets users in US, UK, Spain, Australia and Japan with 2000+ scam websites

  2. Misconfigured Git Configurations Targeted in Emeraldwhale Attack

    Emeraldwhale breach allowed access to over 10,000 repositories and resulted in the theft of more than 15,000 cloud service credentials

  3. Canadian Government Data Stolen By Chinese Hackers

    A report by the Canadian Centre for Cyber Security described China as the most sophisticated cyber threat to Canada, also identified India as an emerging threat

  4. North Korean Hackers Collaborate with Play Ransomware

    Palo Alto Networks’ Unit 42 has observed the first-ever collaboration between North Korean-backed Jumpy Pisces and Play ransomware

  5. Government Sector Suffers 236% Surge in Malware Attacks

    Malware-related attacks against global government organizations increased 236% year-on-year in Q1 2024, according to SonicWall

  6. Over 80% of US Small Businesses Have Been Breached

    ITRC data finds 81% of US small businesses have suffered a data or security breach over the past year

  7. LiteSpeed Cache Plugin Vulnerability Poses Admin Access Risk

    The LiteSpeed Cache vulnerability allows administrator-level access, risking security for over 6 million WordPress sites

  8. Updated FakeCall Malware Targets Mobile Devices with Vishing

    The new FakeCall variant uses advanced vishing tactics, featuring Bluetooth for device monitoring

  9. Apple Rolls Out Major Security Update to Patch macOS and iOS Vulnerabilities

    In a major security update, Apple has fixed dozens of bugs and vulnerabilities across its operating systems and services

  10. CISA Launches First International Cybersecurity Plan

    CISA’s 2025-2026 International Strategic Plan aims to strengthen external partnerships to reduce risks to critical infrastructure relied on in the US

  11. Over Half of US County Websites “Could Be Spoofed”

    Comparitech warns that voters could be misled as most local government sites are failing on basic security

  12. Midnight Blizzard Spearphishing Campaign Targets Thousands with RDP Files

    Microsoft has spotted a major spearphishing campaign from the Russian APT29 group using RDP for compromise

  13. New LightSpy Spyware Targets iOS with Enhanced Capabilities

    ThreatFabric researchers have discovered significant updates to the LightSpy spyware, featuring plugins designed to interfere with device functionality

  14. Chenlun’s Evolving Phishing Tactics Target Trusted Brands

    The phishing campaign targeted users via texts impersonating Amazon, linked to the threat actor Chenlun

  15. Law Enforcement Operation Takes Down Redline and Meta Infostealers

    Operation Magnus took down infrastructure used to run the Redline and Meta infostealers, widely used tools in cybercriminal activities

  16. NIS2 Compliance Puts Strain on Business Budgets

    A Veeam report found that businesses are prioritizing NIS2 compliance, with 95% of applicable firms diverting funds from other areas of the business

  17. Suspicious Social Media Accounts Deployed Ahead of COP29

    Global Witness uncovered a network of 71 suspicious accounts on X supporting the Azeri government

  18. Five Eyes Agencies Launch Startup Security Initiative

    The UK has joined forces with its Five Eyes peers to offer cybersecurity guidance to startups

  19. ICO: 55% of UK Adults Have Had Data Lost or Stolen

    The UK’s information commissioner claims most adults in the country have had their personal data exposed or compromised

  20. Evasive Panda’s CloudScout Toolset Targets Taiwan

    Evasive Panda’s CloudScout uses MgBot to steal session cookies, infiltrating and extracting cloud data from Taiwanese institutions

What’s hot on Infosecurity Magazine?