Infosecurity News
CodeBuild Flaw Put AWS Console Supply Chain At Risk
A critical AWS CodeBuild misconfiguration has exposed core repositories to potential attack
Cyber Threat Actors Ramp Up Attacks on Industrial Environments
Hacktivists and cybercriminals have intensified their efforts to exploit vulnerabilities in industrial systems, according to a Cyble report
CISO Role Reaches “Inflexion Point” With Executive-Level Titles
IANS Research reveals a growth in executive-level CISO titles, amid resource challenges
Data Privacy Teams Face Staffing Shortages and Budget Constraints, ISACA Warns
ISACA’s State of Privacy 2026 report reveals that data privacy teams remain understaffed and underfunded, despite growing regulatory demands and rising technical privacy challenges
ICE Agent Doxxing Site DDoS-ed Via Russian Servers
DDoS-ers are striking a website linked to a data breach at the Department of Homeland Security
Criminal Subscription Service Behind AI-Powered Cyber-Attacks Taken Out By Microsoft
RedVDS cyber-crime-as-a-service platform powering phishing, BEC attacks and other fraud has cost victims millions
Hackers Use Fake PayPal Notices to Steal Credentials, Deploy RMMs
Phishing attacks have been identified using fake PayPal alerts to exploit remote monitoring and management tools
DeadLock Ransomware Uses Polygon Smart Contracts For Proxy Rotation
A new DeadLock ransomware operation uses Polygon blockchain smart contracts to manage proxy server addresses
G7 Sets 2034 Deadline for Finance to Adopt Quantum-Safe Systems
The financial sector should finalize its post-quantum cryptography transition circa 2034, G7 cyber experts said
Microsoft Fixes Three Zero-Days on Busy Patch Tuesday
Microsoft has patched three zero-day vulnerabilities in the first patch Tuesday of 2026, including one under active exploitation
Impersonation Fraud Drives Record $17bn in Crypto Losses
Chainalysis estimates $17bn will be lost to crypto scams in 2025 as AI takes hold
CISA Flags Actively Exploited Gogs Vulnerability With No Patch
A high-severity security flaw in the Gogs Git service is being actively exploited, leading to remote code execution
SHADOW#REACTOR Campaign Uses Text-Only Staging to Deploy Remcos RAT
SHADOW#REACTOR is a multi-stage Windows malware campaign that stealthily deploys the Remcos RAT using complex infection techniques
Phishing Scams Exploit Browser-in-the-Browser Attacks to Steal Facebook Passwords
Cybersecurity researchers issue warning over a surge in attacks designed to trick Facebook users into handing over login credentials
New Chinese-Made Malware Framework Targets Linux-Based Cloud Environments
Detected by Check Point researchers, VoidLink is a sophisticated malware framework that can be used to implant malware in the most common cloud environments
Parliament Asks Security Pros to Shape Cyber Security and Resilience Bill
Lawmakers want the security industry to help them scrutinize the Cyber Security and Resilience Bill
Global Magecart Campaign Targets Six Card Networks
Silent Push has discovered a new Magecart campaign targeting six major payment network providers that has been running since 2022
Palo Alto Networks Introduces New Vibe Coding Security Governance Framework
Researchers at Palo Alto’s Unit 42 have outlined a list of recommended security controls for vibe coding tools
CISA Closes Ten Emergency Directives After Federal Cyber Reviews
US agency CISA has retired ten Emergency Directives issued between 2019 and 2024, marking a new step in managing federal cyber-risk
California Shuts Down Health Data Resales By Unregistered Brokers
California privacy regulator, the CPPA, is cracking down on data brokers trading personal data without authorization
