Infosecurity News

  1. DockerDash Exposes AI Supply Chain Weakness In Docker's Ask Gordon

    DockerDash vulnerability allows RCE and data exfiltration via unverified metadata in Ask Gordon

  2. UK ICO Launches Investigation into X Over AI Generated Non-Consensual Sexual Imagery

    UK Data Protection Watchdog has “serious concerns” over data privacy on Elon Musk’s social platform

  3. Researchers Warn of New “Vect” RaaS Variant

    A new ransomware-as-a-service operation dubbed “Vect” features custom malware

  4. Cybercrime Unit of Paris Prosecutors Raid Elon Musk’s X Offices in France

    Elon Musk and X’s former CEO were summoned for voluntary interviews in Paris on April 20, 2026

  5. New Password-Stealing Phishing Campaign Targets Corporate Dropbox Credentials

    Multi-stage attack begins with fake message relating to business requests and evades detection with link hidden in a PDF

  6. Vibe-Coded Moltbook Exposes User Data, API Keys and More

    Wiz Security claims Moltbook misconfiguration allowed full read and write access

  7. NSA Publishes New Zero Trust Implementation Guidelines

    NSA released new guidelines to help organizations achieve target-level Zero Trust maturity

  8. Notepad++ Update Hijacking Linked to Hosting Provider Compromise

    A supply chain attack on Notepad++ update process was linked to compromised hosting infrastructure

  9. Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks

    Russia-linked hacking group Fancy Bear is exploiting a brand-new vulnerability in Microsoft Office, CERT-UA says

  10. Android RAT Uses Hugging Face to Host Malware

    Bitdefender has discovered a new Android malware campaign that uses Hugging Face

  11. Former Google Engineer Found Guilty of Stealing AI Secrets

    Linwei Ding, a former Google engineer, has been found guilty of stealing trade secrets for China

  12. Labyrinth Chollima Evolves into Three North Korean Hacking Groups

    CrowdStrike assessed that two new threat actor groups have spun off from North Korean Labyrinth Chollima hackers

  13. New AI-Developed Malware Campaign Targets Iranian Protests

    The RedKitten campaign distributes lures designed to target people seeking information about missing persons or political dissidents in Iran

  14. National Crime Agency and NatWest Issue Joint Warning Over Invoice Fraud Threat

    Cyber fraudsters targeting corporate finance departments costs businesses millions a year

  15. Google Disrupts Extensive Residential Proxy Networks

    Google has taken coordinated action against the massive IPIDEA residential proxy network, enhancing customer protections and disrupting cybercrime operations

  16. Operation Winter SHIELD: FBI Issues Call to Arms for Organizations to Improve Cybersecurity

    The FBI outlines ten actions which organizations can take to defend networks against cybercriminal and nation-state threats

  17. France Fines National Employment Agency €5m Over 2024 Data Breach

    The French data protection regulator said that France Travail’s response to a 2024 data breach violated GDPR

  18. New CISA Guidance Targets Insider Threat Risks

    CISA urges action against insider threats with publication of a new infographic offering strategies to manage risks

  19. FBI Takes Down RAMP Ransomware Forum

    The dark web forum administrator confirmed the takedown and said they had “no plans to rebuild”

  20. Ransomware Victim Numbers Rise, Despite Drop in Active Extortion Groups

    Ransomware victims surged in Q4 2025 despite fewer active extortion groups, with data leaks rising 50%, ReliaQuest researchers report

Why Not Watch?

  1. Securing M365 Data and Identity Systems Against Modern Adversaries

  2. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  3. How To Enhance Security Operations with AI-Powered Defenses

  4. Time Is a New Attack Surface: Securing Networks with Trusted Time Synchronization

What’s Hot on Infosecurity Magazine?