Infosecurity News
Microsoft Attributes Mastra AI Supply Chain Attack to North Korea
North Korean threat actor Sapphire Sleet has been linked to a supply chain attack targeting Mastra, according to Microsoft security researchers
Klue Breach Enables Hackers to Compromise Cybersecurity Firms via OAuth Tokens
At least five cybersecurity firms confirmed they have been affected by a breach of business intelligence platform Klue via Salesforce integration
UK Information Commissioner Resigns After Workplace Investigation
The UK’s data protection regulator the information commissioner has resigned after his position became “untenable”
NCSC Urges Fortinet Customers to Tackle FortiBleed Fallout
The NCSC has released guidance for Fortinet customers impacted by the FortiBleed threat campaign
AWS Unveils 'Continuum,' an AI-Powered Vulnerability Management Platform
Working with frontier AI models, this new platform aims to help discovering, prioritizing, validating and remediating code vulnerabilities
Operation Endgame Disrupts Malware Network Linked to Major Ransomware Gang
SocGholish malware has been removed from 15,000 sites associated with Evil Corp hackers
Confidence Lacks in Threat Detection Across Non-Email Channels like Slack and Teams
Half of cybersecurity leaders lack confidence in detecting threats on Slack, Teams and other non-email platforms, despite growing attacker focus
Fake GitHub Stars and AI Videos Mask a Crypto Clipper
A Rust crypto clipper hides behind fake GitHub stars and AI-narrated YouTube videos
ICO Cautions Healthcare Worker After Princess of Wales Incident
Hospital insider escapes criminal prosecution after attempting to sell royal’s medical records
Cybercriminals Are Worried About AI Taking Their Jobs Too
Analysis of chatter on underground forums by Sophos finds that hackers fear AI could take work away from them
LATAM Infrastructure Hit by Fortinet and Ivanti Exploits
CloudSEK maps Operation Escaneo, a campaign hitting Latin American infrastructure via perimeter bugs
Hostile States Behind 75% of Cyber-Attacks on UK Critical Infrastructure, NCSC Warns
Richard Horne, the NCSC CEO, said three-quarters of cyber-attacks targeting UK critical infrastructure came from nation-state actors
Cybercrime Surges in APAC as Digitalization Takes Hold
Interpol claims cybercrime accounts for third of crime in over half of Asia and South Pacific countries
North Korean Hiring Fraud Runs on AI and US Laptop Farms
Nisos infiltrated a North Korean IT-worker fraud cell running on AI interviews and a US laptop farm
Serverless Phishing Kit on GitHub Targets Mexican Banks
GitBait phishing kit abuses GitHub Pages and the SheetBest API to steal Mexican banking credentials
Sensitive Enterprise Data Uploads to AI Models Double in a Year
The rise of AI-assistants and applications in the enterprise has seen a 93% increase in employees attempting to upload sensitive data, bringing security challenges
AI Threats and Alert Fatigue Challenge Cybersecurity Teams
Filigran survey at Infosecurity Europe 2026 reveals AI-powered attacks as the top concern, with false positives, alert fatigue and manual processes draining security teams
EU Security Experts to Support Ukrainian Organizations in Case of Cyber-Attacks
Ukraine has been added to the EU Cybersecurity Reserve, which provides incident response services against large-scale incidents
Fifteen JetBrains Marketplace Plugins Found Stealing API Keys
Aikido Security has discovered at least 15 IDE plugins on the JetBrains Marketplace
Staffing Is Top SOC Challenge Even as AI Proliferates, Says SANS
SANS Institute study finds few SOCs have built AI into defined workflows, despite widespread adoption
