Infosecurity News

  1. North Korea's APT37 Expands Toolkit to Breach Air-Gapped Networks

    The security researchers from Zscaler ThreatLabz have also discovered five new tools deployed by the North Korean hacking group

  2. UK Vulnerability Monitoring Service Cuts Unresolved Security Flaws by 75%

    The UK government says its new Vulnerability Monitoring Service has cut unresolved security flaws by 75% and reduced cyber-attack fix times from nearly two months to just over a week

  3. ‘Project Compass’ Cracks Down on ‘The Com’: 30 Members of Notorious Cybercrime Gang Arrested

    International law enforcement operation led by Europol targets network of teenagers and young adults involved in ransomware attacks, extortion and other crimes

  4. Aeternum Botnet Shifts Command Control to Polygon Blockchain

    New botnet Aeternum shifted C2 operations to Polygon blockchain, complicating takedown efforts

  5. Darktrace Flags 32 Million Phishing Emails in 2025 as Identity Attacks Intensify

    2025 saw 32M phishing emails, with identity threats surpassing vulnerabilities

  6. Exploitable Vulnerabilities Present in 87% of Organizations

    Datadog report reveals two-fifths of services are affected by exploitable bugs

  7. UK's Data Watchdog Gets a Makeover to Match Growing Demands

    The UK’s Information Commissioner's Office is about to ditch single-leader model for CEO and board in a major shake-up

  8. Google Disrupts ‘Prolific’ and ‘Elusive’ China-Linked Global Hacking Campaign

    UNC2814 hit 53 victims in 42 countries with novel backdoor in decade long cyber espionage operation

  9. Global Cyber Agencies Urge Immediate Patching of Cisco SD-WAN Zero Day

    The US and allies are urging Cisco Catalyst SD-WAN customers to hunt for signs of exploitation

  10. 44% Surge in App Exploits as AI Speeds Up Cyber-Attacks, IBM Finds

    IBM's 2026 X-Force report reveals 44% rise in cyber-attacks on public apps, driven by AI and flaws

  11. Malicious NuGet Package Targets Stripe Developers

    Malicious NuGet package mimicking Stripe's library targeted developers

  12. Former Defense Contractor Boss Gets 7+ Years for Selling Zero Days

    A former general manager of a US defense contractor has been sentenced after selling zero days to Russia

  13. ICO’s £14m Reddit Fine Highlights Age Check Privacy Concerns

    The UK’s ICO has fined Reddit over £14m for failing to use children’s personal information lawfully

  14. Cost of Insider Incidents Surges 20% to Nearly $20m

    DTEX claims insider incidents cost $19.5m in 2025, with employee negligence most expensive

  15. Multifaceted Phishing Scheme Deceives Bitpanda Customers

    Phishing attack mimicking Bitpanda targets users, harvesting credentials and personal information

  16. North Korean Lazarus Group Expands Ransomware Activity With Medusa

    Ransomware Medusa linked to North Korean hackers targets US healthcare amid ongoing attacks

  17. AI Accelerates Attacker Breakout Time to Just Four Minutes

    ReliaQuest claims AI has reduced breakout and exfiltration time to under 10 minutes

  18. Chinese AI Firms Hit Claude with Distillation Attacks, Anthropic Warns

    Anthropic accused DeepSeek, Moonshot and MiniMax of illicitly using Claude to steal some of the AI model’s capabilities

  19. AI-powered Cyber-Attacks Up Significantly in the Last Year, Warns CrowdStrike

    CrowdStrike Global Threat Report warns how adversaries are leveraging AI to make campaigns more efficient and more effective

  20. Shai-Hulud-Like Worm Targets Developers via npm and AI Tools

    Supply chain worm mimicking Shai-Hulud malware spread via malicious npm packages, targeting AI tools has been identified by security researchers

Why Not Watch?

  1. How To Enhance Security Operations with AI-Powered Defenses

  2. Why Your Organisation Needs Trusted Time Synchronisation

  3. Audit & Compliance in the Era of AI and Emerging Technology

  4. Modernizing GRC: From Checkbox to Strategic Advantage

What’s Hot on Infosecurity Magazine?