Infosecurity News
75% of Firms Deploy Vulnerable Code Amid Pressure on CISOs, Report Finds
Checkmarx report warns that business pressure is among the reason security leaders let security compliance slip
AI Coding Adoption Hits 97% but Governance Lags Behind
Most dev teams use AI coding assistants but only 30% have full governance in place
Critical phpBB Flaw Lets Attackers Hijack Any Account with One Request
Critical phpBB authentication bypass lets attackers hijack any account with one request
Google Releases Patch for Chrome Vulnerability Exploited in the Wild
The flaw, CVE-2026-11645, can allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page
Check Point Warns Critical Auth Bypass Bug Exploited in the Wild
Check Point says a critical vulnerability in its Remote Access VPN and Mobile Access solutions has been exploited by Qilin
Infosecurity Europe: Why JLR’s CISO Enforced In-Person Password Resets Following Cyber-Attack
Speaking at Infosecurity Europe, Ashish Shrestha, former CISO at Jaguar Land Rover revealed why he wanted over 30,000 employees to change their passwords in the immediate aftermath of the incident
WhatsApp Discovers NSO Group-Linked Spearphishing Attempts
Meta’s WhatsApp demands contempt ruling after users report NSO Group-linked phishing
North Korean Hackers Use Fake Coding Tasks to Steal Crypto
North Korean actor UNK_DeadDrop targeted developers with fake coding tasks to steal crypto
OpenAI Unveils ChatGPT Account Security Controls
OpenAI brings Lockdown Mode and Active Sessions to ChatGPT to curb prompt injection data theft
Infosecurity Europe: Prompt Injection Remains Unsolved, OWASP Researcher Warns
At Infosecurity Europe 2026, OWASP’s Ariel Fogel warned that prompt injection remains an “unresolved problem” within generative AI architecture
Infosecurity Europe: How DSIT Protects Thousands of UK Orgs from Cyber Vulnerabilities
The Department of Science, Innovation and Technology details how a combination of hands-on human advice and technology systems keeps government agencies safe
Meta AI Bug Exposes Over 20,000 Instagram Accounts
Meta confirms an AI tool vulnerability led to unauthorized access to Instagram accounts after a failure in email verification during password reset
Infosecurity Europe: Practical Lessons From Lloyds' Agentic AI Security Playbook
Lloyds Banking Group shared its approach for securing agentic AI workflows, with a mix of hands on experimentation and cross functional governance
Infosecurity Europe: OWASP Introduces Agentic AI Security Maturity Framework
The OWASP agentic AI security framework helps organizations assess governance maturity vs adoption and adjust governance as needed
Infosecurity Europe: AI Coding Tools Need Built-In Security for Agentic Development Era
Ox Security field CTO, Boaz Barzel, makes the case for vibe security to tackle AI agent coding risks
Infosecurity Europe: Reactive Security Is Failing Healthcare Organizations, Experts Warn
A perfect storm of legacy devices, hyper connectivity and human fatigue is bad news for the healthcare sector, warns Cyber Salus
Everest Forms Pro Vulnerability Allows Remote Code Execution on WordPress Sites
Critical Everest Forms Pro RCE flaw exploited to create rogue WordPress admin accounts
Chinese-Speaking Actor TA4922 Widens Its Global Reach
Newly named Chinese-speaking actor TA4922 expands from East Asia into Europe and Africa
Infosecurity Europe: AI Adoption Creates New Opportunities for Attackers to Distribute Malware, Microsoft Warns
Microsoft Detection and Response Team (DART) details how it has uncovered malicious AI applications as cyber criminals manipulate organizations adopting AI tools
