Infosecurity News
Cybercriminals Exploit Low-Cost Initial Access Broker Market
Rapid7 found that threat actors are able to purchase low-cost initial access broker services, with many packages offering a variety of options
MITRE: Russian APT28's LameHug, a Pilot for Future AI Cyber-Attacks
While “fairly primitive”, APT28’s LameHug was a testbed for future AI-powered attacks, said two MITRE experts during Black Hat USA 2025
Financial Services Could Be Next in Line for ShinyHunters
New threat intelligence points to targeting of financial services and technology sectors by ShinyHunters group
Hackers Raid Dutch Lab, Stealing Data on 500,000 Patients
Threat actors have stolen data on at least half a million cancer screening patients
Connex Credit Union Breach Exposes 172,000 Members’ Data
A cyber-attack at Connex Credit Union has compromised data of 172,000 individuals, including sensitive information
New WinRAR Zero-Day Exploited by RomCom Hackers
A flaw in WinRAR, tracked as CVE-2025-8088, has been exploited by the RomCom group to deploy malware
Ghanaian Nationals Extradited for Roles in $100M Romance and Wire Fraud Ring
Four senior members of a Ghana-based criminal network have been indicted for stealing over $100 million through romance scams and BEC frau
Embargo Ransomware Gang Amasses $34.2m in Attack Proceeds
TRM Labs observed crypto payments worth $34.2m moved from victims addresses to a range of destinations likely associated with the group
Eight Countries Face EU Action Over NIS2 Deadline Failings
Eight European countries have yet to transpose NIS2 into law, exposing them to regulatory action
UK Red Teamers “Deeply Skeptical” of AI
Commercial red team experts believe AI’s current impact on cyber is overstated
#DEFCON: AI Cyber Challenge Winners Revealed in DARPA’s $4M Cybersecurity Showdown
The winners of the AI Cybersecurity Challenge (AIxCC), Team Atlanta, won a $4m prize
#BHUSA: CISA Execs ‘Hopeful’ for Extension of Cybersecurity Information Sharing Act
Leaders of the US Cybersecurity and Infrastructure Agency (CISA) pushed back on layoff concerns and highlighted new initiatives
Australian Regulator Sues Optus Over 2022 Data Breach
The Information Commissioner has applied for a civil penalty against Optus following the 2022 data breach that exposed the personal details of 9.5 million Australians
US Federal Judiciary Tightens Security Following Escalated Cyber-Attacks
The judiciary announced stronger protections for its case management system following reports of a major breach of sensitive court documents in multiple states
Bouygues Telecom Data Breach Exposes 6.4 Million Customer Records
Bouygues Telecom revealed the attackers stole personal data of 6.4 million customers, including contact details, contractual data and international bank account numbers
#BHUSA: 1000 DoD Contractors Now Covered by NSA’s Free Cyber Services Program
The NSA’s CAPT program, launched in 2024 with Horizon3.ai, now benefits 1000 of the 300,000 US Defense Industrial Base companies
#BHUSA: Microsoft Debuts AI Agent Able to Reverse Engineer Malware
A new Microsoft AI agent, named Project Ire, is able to autonomously classify malware at a global scale with a high level of precision
New Microsoft Exchange Vulnerability Puts Hybrid Cloud Environments at Risk
Microsoft Exchange customers have been urged to apply fixes set out in a hybrid deployment security update published in April
Google Among Victims in Ongoing Salesforce Data Theft Campaign
Google confirms it was among the victims of an ongoing data theft campaign targeting Salesforce instances, where publicly available business names and contact details were retrieved by the threat actor
Experts Alarmed by UK Government’s Companies House ID Checks
A UK government initiative to tackle Companies House fraud has raised security concerns
