Infosecurity News

  1. Smartphones Now Involved in Nearly Every Police Investigation

    Cellebrite data confirms digital evidence is now central to almost all cases

  2. New Hacking Campaign Exploits Microsoft Windows WinRAR Vulnerability

    Researchers at Check Point link ‘Amarath-Dragon’ attacks to prolific Chinese cyber-espionage operation

  3. AI-Enabled Voice and Virtual Meeting Fraud Surges 1000%+

    Pindrop warns of 1210% increase in AI-powered fraud last year

  4. Global SystemBC Botnet Found Active Across 10,000 Infected Systems

    SystemBC malware linked to 10,000 infected IPs, posing risks to sensitive government infrastructure

  5. New Technical Markers Reveal Expanding ShadowSyndicate Cybercriminal Infrastructure

    ShadowSyndicate cluster expands with new SSH fingerprints connecting servers to other ransomware ops

  6. AI Drives Doubling of Phishing Attacks in a Year

    Cofense claims AI is making phishing emails more personalized and sophisticated

  7. Two Critical Flaws in n8n AI Workflow Automation Platform Allow Complete Takeover

    Pillar Security discovered two new critical vulnerabilities in n8n that could lead to supply chain compromise, credential harvesting and complete takeover attacks

  8. SolarWinds Web Help Desk Vulnerability Actively Exploited

    CISA has added a critical CVE in SolarWinds Web Help Desk to its KEV Catalog

  9. Hundreds of Malicious Crypto Trading Add-Ons Found in Moltbot/OpenClaw

    A security researcher found 386 malicious ‘skills’ published on ClawHub, a skill repository for the popular OpenClaw AI assistant project

  10. SQL Injection Flaw Affects 40,000 WordPress Sites

    40,000 WordPress sites are vulnerable to SQL injection in Quiz and Survey Master plugin

  11. DockerDash Exposes AI Supply Chain Weakness In Docker's Ask Gordon

    DockerDash vulnerability allows RCE and data exfiltration via unverified metadata in Ask Gordon

  12. UK ICO Launches Investigation into X Over AI Generated Non-Consensual Sexual Imagery

    UK Data Protection Watchdog has “serious concerns” over data privacy on Elon Musk’s social platform

  13. Researchers Warn of New “Vect” RaaS Variant

    A new ransomware-as-a-service operation dubbed “Vect” features custom malware

  14. Cybercrime Unit of Paris Prosecutors Raid Elon Musk’s X Offices in France

    Elon Musk and X’s former CEO were summoned for voluntary interviews in Paris on April 20, 2026

  15. New Password-Stealing Phishing Campaign Targets Corporate Dropbox Credentials

    Multi-stage attack begins with fake message relating to business requests and evades detection with link hidden in a PDF

  16. Vibe-Coded Moltbook Exposes User Data, API Keys and More

    Wiz Security claims Moltbook misconfiguration allowed full read and write access

  17. NSA Publishes New Zero Trust Implementation Guidelines

    NSA released new guidelines to help organizations achieve target-level Zero Trust maturity

  18. Notepad++ Update Hijacking Linked to Hosting Provider Compromise

    A supply chain attack on Notepad++ update process was linked to compromised hosting infrastructure

  19. Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks

    Russia-linked hacking group Fancy Bear is exploiting a brand-new vulnerability in Microsoft Office, CERT-UA says

  20. Android RAT Uses Hugging Face to Host Malware

    Bitdefender has discovered a new Android malware campaign that uses Hugging Face

Why Not Watch?

  1. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  2. Modernizing GRC: From Checkbox to Strategic Advantage

  3. Mastering AI Security With ISACA’s New AAISM Certification

  4. Audit & Compliance in the Era of AI and Emerging Technology

What’s Hot on Infosecurity Magazine?