Infosecurity News

  1. ArcaneDoor Threat Actor Resurfaces in Continued Attacks Against Cisco Firewalls

    An attack campaign has been identified which exploits vulnerabilities in Cisco Adaptive Security Appliance software

  2. Interpol Cracks Down on Large-Scale African Scamming Networks

    The effort, named Operation Contender 3.0, led to the arrest of 260 suspected cybercriminals

  3. JLR Begins Phased Restart of Operations After Cyber-Attack

    JLR said it is in a position to start clearing its backlog of payments for suppliers, while its parts logistics center is returning to full operations

  4. New LockBit Ransomware Variant Emerges as Most Dangerous Yet

    Trend Micro highlighted the new LockBit version’s improved technical improvements and cross-platform functionality compared to previous iterations

  5. Critical Vulnerability in Salesforce AgentForce Exposed

    Critical flaw ForcedLeak in Salesforce's AgentForce allows CRM data theft via prompt injection

  6. Malicious AI Agent Server Reportedly Steals Emails

    The security researchers who discovered the malicious npm package called it the “first malicious MCP in the wild”

  7. Phishing Campaign Evolves into PureRAT Deployment, Linked to Vietnamese Threat Actors

    Vietnamese phishing campaign evolves from Python infostealer to PureRAT trojan

  8. Chinese Hackers Use 'BRICKSTORM' Backdoor to Breach US Firms

    The hackers are likely trying to collect data to feed the development of zero-day exploits, said Google researchers

  9. Co-op Records £206m Revenue Loss Following Cyber-Attack

    The UK retailer estimated the losses from temporarily shutting down some of its systems to contain the threat

  10. Experts Warn of Global Breach Risk from Indian Suppliers

    SecurityScorecard report finds 53% of Indian vendors suffered third-party breaches in the past year

  11. NCA Arrest Man as HardBit Ransomware Blamed for Airport Outages

    The UK’s National Crime Agency has arrested a suspect in connection with a ransomware attack on Collins Aerospace

  12. npm Package Uses QR Code Steganography to Steal Credentials

    Malicious npm package Fezbox uses QR codes to steal credentials from browser cookies

  13. ShadowV2 Botnet Exposes Rise of DDoS-as-a-service Platforms

    New campaign merges traditional malware with DevOps tools, using GitHub CodeSpaces for DDoS attacks

  14. Vegas Gambling Giant Hit by Cyber Incident, Employee Data Exposed

    Boyd Gaming Corporation has disclosed that an unauthorized actor removed data from its systems, including information about employees and other individuals

  15. Cell Tower Hacking Gear Seized Ahead of UN General Assembly

    The equipment could be used to disable cell phone towers and conduct denial-of-services attacks across New York City

  16. Federal Agency Compromised Via GeoServer Exploit, CISA Reveals

    An unnamed federal agency was hacked last year after threat actors exploited a critical GeoServer vulnerability

  17. European Police Bust €100m Crypto-Fraud Ring

    Police have arrested five suspects linked to a €100m cryptocurrency fraud ring

  18. Iranian Hacking Group Nimbus Manticore Expands European Targeting

    Nimbus Manticore intensified European cyber-espionage, targeting aerospace, telecom, defense sectors

  19. Deepfake Attacks Hit Two-Thirds of Businesses

    Gartner research found that 62% of organizations have experienced a deepfake attack in the past 12 months

  20. Critical Security Flaws Grow with AI Use, New Report Shows

    Rising hardware, API, and network flaws expose organizations to new risks in an AI-driven landscape

Why Not Watch?

  1. Mastering AI Security With ISACA’s New AAISM Certification

  2. Modernizing GRC: From Checkbox to Strategic Advantage

  3. How Mid-Market Businesses Can Leverage Microsoft Security for Proactive Defenses

  4. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

What’s Hot on Infosecurity Magazine?