Infosecurity News

  1. Apple Fixes Actively Exploited iPhone Zero-Day Vulnerability

    The vulnerability could allow remote code execution (RCE) on a victim's device

  2. New Google Tool Helps Devs Root Out Open Source Bugs

    Free OSV-Scanner searches transitive dependencies

  3. Loan Fee Fraud Surges by a Fifth as Christmas Approaches

    FCA warns of pressure tactics as cost of living bites

  4. Two Zero-Days Fixed in December Patch Tuesday

    Close to 50 CVEs addressed this month

  5. Twitter Addresses November Data Leak Claims

    No passwords were reportedly exposed, but Twitter prompted users to enable 2FA to protect accounts

  6. California Hit By Cyber-Attack, LockBit Claims Responsibility

    At the time of writing, the California Budget website remains offline

  7. Uber Hit By New Data Breach After Attack on Third-Party Vendor

    Company information was stolen from third-party vendor Teqtivity and posted on a dark web forum

  8. Experts Warn ChatGPT Could Democratize Cybercrime

    Researchers claim AI bot can write malware and craft phishing emails

  9. Aussie Data Breaches Surge 489% in Q4 2022

    Country bucks the global trend thanks to high-profile incidents

  10. Security Overlooked in Rush to Hybrid Working

    Apogee study finds just 14% consider it a priority

  11. HSE Cyber-Attack Costs Ireland $83m So Far

    A total of roughly 100,000 people had their personal data stolen during the cyber-attack

  12. Chaos RAT Used to Enhance Linux Cryptomining Attacks

    The main downloader script and further payloads were hosted in different locations

  13. Royal Ransomware Targets US Healthcare

    Requested ransom payment demands ranged from $250,000 to over $2m

  14. Transitive Dependencies Account for 95% of Bugs

    Endor Labs warns of dangerous complexities in open source

  15. North Korean Hackers Impersonate Researchers to Steal Intel

    Report associates new intelligence-gathering tactic with Kimsuky group

  16. Researchers Find 63 Zero-Day Bugs at Latest Pwn2Own

    Competition awards winning participants nearly $1m

  17. Truebot Malware Activity Increases With Possible Evil Corp Connections

    The campaigns observed by Cisco Talos have resulted in the creation of two botnets

  18. BEC Attacks Expand Beyond Email and Toward Mobile Devices

    Scammers typically obtain mobile numbers from data breaches, social media and data brokers

  19. Cobalt Mirage Affiliate Uses GitHub to Relay Drokbk Malware Instructions

    Secureworks said the malicious code is written in .NET and comprises a dropper and a payload

  20. Software Supply Chain Attacks Leveraging Open-Sources Repos Growing

    ReversingLabs found an increasing number of malicious packages in three popular repositories

Why Not Watch?

  1. Audit & Compliance in the Era of AI and Emerging Technology

  2. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

  3. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

  4. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

What’s Hot on Infosecurity Magazine?