Infosecurity News

  1. US Autoparts Maker LKQ Confirms Oracle EBS Breach

    LKQ confirmed that over 9000 individuals saw their personal data compromised because of the breach

  2. European Investigators Disrupt $12m Call Center Fraud Ring

    Eurojust reveals new policing operation which helped to smash a Ukraine-based call center fraud gang

  3. Chinese Ink Dragon Group Hides in European Government Networks

    China’s Ink Dragon is using European government networks to hide its espionage activity

  4. Urban VPN Proxy Accused of Harvesting AI Chat Conversations

    The browser extension Urban VPN Proxy has been reportedly collecting users’ AI chat conversations

  5. JumpCloud Windows Agent Flaw Enables Local Privilege Escalation

    A flaw in JumpCloud Remote Assist for Windows has exposed managed endpoints to local privilege escalation and denial-of-service attacks

  6. Amazon Warns Russian GRU Hackers Target Western Firms via Edge Devices

    Amazon researchers believe this campaign is part of a bigger operation spearheaded by Russia’s military intelligence service, the GRU

  7. Millions of Car Owners Hit By Credit700 Data Breach

    US financial services firm Credit700 has revealed a major data breach impacting 5.8 million people

  8. Phishing Messages and Social Scams Flood Users Ahead of Christmas

    Check Point has detected thousands of phishing emails in the past fortnight, offering fake promotions and special deals

  9. Third Defendant Pleads Guilty in Fantasy Sports Betting Hack Case

    A Minnesota man has pleaded guilty to a credential stuffing scheme that compromised over 60,000 accounts

  10. Russian Phishing Campaign Delivers Phantom Stealer Via ISO Files

    A new phishing campaign has been identified, delivering the Phantom information-stealing malware via an ISO attachment

  11. Asahi to Launch Cybersecurity Overhaul After Crippling Cyber-Attack

    Asahi Group’s CEO said he is considering creating a dedicated cyber unit following the ransomware attack that crippled the company

  12. Top 25 Most Dangerous Software Weaknesses of 2025 Revealed

    MITRE has released its Top 25 CWE list for 2025, compiled from software and hardware flaws behind almost 40,000 CVEs

  13. NCSC Playbook Embeds Cyber Essentials in Supply Chains

    The UK’s National Cyber Security Centre has called on businesses to apply Cyber Essentials to suppliers

  14. NCSC Plugs Gap in Cyber-Deception Guidance

    The National Cyber Security Centre has released new learnings from a cyber deception pilot

  15. ICO Fines LastPass £1.2m After 2022 Breach

    The UK’s data protection regulator has fined password manager provider LastPass £1.2m after 2022 data breach

  16. South Korean Police Raid Coupang Over Data Breach as CEO Resigns

    The Coupang South Korean unit's response will be spearheaded by an executive based in the US

  17. OpenAI Enhances Defensive Models to Mitigate Cyber-Threats

    OpenAI has reported a surge in performance as GPT-5.1-Codex-Max reaching 76% in capability assessments, and warned of upcoming cyber-risks

  18. Malware Discovered in 19 Visual Studio Code Extensions

    A new campaign involving 19 malicious Visual Studio Code extensions used a legitimate npm package to embed malware in dependency folders

  19. Scam-Busting FCA Firm Checker Tool Given Cautious Welcome

    Experts say a new Firm Checker tool from the FCA won’t move the dial on fraud but is a step in the right direction

  20. Google Releases Critical Chrome Security Update to Address Three Zero-Days

    Google has released a Chrome security update to fix three zero-day vulnerabilities, including a high-severity flaw with an active exploit

Why Not Watch?

  1. Mastering AI Security With ISACA’s New AAISM Certification

  2. Modernizing GRC: From Checkbox to Strategic Advantage

  3. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  4. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

What’s Hot on Infosecurity Magazine?