Infosecurity News

  1. WooCommerce Patches Critical Plugin Flaw Affecting Half a Million Sites

    The vulnerability could allow an unauthenticated attacker to gain admin privileges and take over a website

  2. GitHub Updates Security Protocol For Operations Over SSH

    The move reportedly did not stem from a compromise of GitHub systems or customer information

  3. UK Parliament Bans TikTok from its Network and Devices

    Further blow for Chinese social media app

  4. IRS Phishing Emails Used to Distribute Emotet

    Monster 500MB attachment hides a nasty surprise

  5. Security Flaws Cost Fifth of Execs Business

    Business leaders still underestimate importance of security to growth

  6. China-Aligned "Operation Tainted Love" Targets Middle East Telecom Providers

    The deployment of custom credential theft malware is the main novelty of the new campaign

  7. SharePoint Phishing Scam Targets 1600 Across US, Europe

    Cyber-criminals used the scam to steal the credentials for various email accounts

  8. New Post-Exploitation Attack Method Found Affecting Okta Passwords

    The flaw derives from the way the Okta system records failed login attempts to instances

  9. UK Government Sets Out Vision for NHS Cybersecurity

    Plans to boost cyber-resilience in the health service by 2030

  10. Malicious ChatGPT Chrome Extension Hijacks Facebook Accounts

    Software was unwittingly downloaded thousands of times

  11. Irish Food Giant Dole Admits Employee Data Breach

    Incident was linked to previously disclosed ransomware attack

  12. BreachForums Shuts Down After Admin's Arrest

    The forum's admin said the move might be temporary and that they will set up a new Telegram group

  13. New Android Banking Trojan 'Nexus' Promoted As MaaS

    Nexus offers overlay attacks and keylogging activities designed to steal victims' credentials

  14. CISA and NSA Enhance Security Framework With New IAM Guide

    Guidance includes best practices for identity governance, environmental hardening, SSO, MFA and IAM auditing

  15. Security Researchers Spot $36m BEC Attack

    Threat actors impersonated target company's vendor

  16. Just 1% of Dot-Org Domains Are Fully DMARC Protected

    Organizations are failing with their anti-phishing measures

  17. Ransomware Attacks Double in Europe's Transport Sector

    ENISA claims most threats are opportunistic

  18. Over 2400 Fake Pages Found Targeting Job Seekers in Middle East, Africa

    The scam targeted more than 40 well-known brands from 13 countries in the MEA region

  19. CommonMagic Targets Entities in Russo-Ukrainian Conflict Zone

    Administrative, agriculture and transportation firms targeted in Donetsk, Luhansk and Crimea

  20. Hackers Use NuGet Packages to Target .NET Developers

    JFrog said this is the first instance of packages with malicious code in NuGet

Why Not Watch?

  1. Securing M365 Data and Identity Systems Against Modern Adversaries

  2. Time Is a New Attack Surface: Securing Networks with Trusted Time Synchronization

  3. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  4. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

What’s Hot on Infosecurity Magazine?