Infosecurity News
Web-Based AI Usage Surge Shifts Global Internet Traffic Patterns
Web traffic to AI sites surged 50% from Feb 2024 to Jan 2025, driven by browser-based GenAI tools
Uptick in Akira Ransomware Actors Targeting SonicWall VPNs
Arctic Wolf has spotted an increase in Akira ransomware attacks targeting SonicWall SSL VPNs
Pwn2Own Offers $1m for Zero-Click WhatsApp Exploit
The Pwn2Own competition is offering a $1m reward to any teams able to unearth a WhatsApp code execution exploit
#BHUSA: Cloud Intrusions Skyrocket in 2025
CrowdStrike revealed the surge in cloud intrusions was partly driven by a 40% increase in Chinese-state actors exploiting these environments
Secret Blizzard Targets Moscow-Based Embassies in New Espionage Campaign
Microsoft has observed Russian state actor Secret Blizzard using an AiTM position to gain initial access, assisted by official domestic intercept systems
Hackers Regularly Exploit Vulnerabilities Before Public Disclosure, Study Finds
Spikes in attacker activity precede the disclosure of vulnerabilities 80% of the time, according to a new GreyNoise report
Staggering 800% Rise in Infostealer Credential Theft
Flashpoint data reveals an 800% increase in credentials stolen via infostealers in just six months
UK Leads the Way with £15m AI Alignment Project
The UK’s AI Security Institute has announced a new AI misalignment research program
Android Malware Targets Banking Users Through Discord Channels
The DoubleTrouble Android banking Trojan has evolved, using Discord for delivery and introducing several new features
CISA Unveils Eviction Strategies Tool to Aid Incident Response
CISA has launched a new tool to streamline cyber incident response and aid in adversary eviction
Ransomware Attacks Escalate to Physical Threats Against Executives
Semperis found that executives were physically threatened in 40% of ransomware incidents, in a bid to pressure victims to pay demands
Cybercriminals ‘Spooked’ After Scattered Spider Arrests
The arrest of members of the Scattered Spider cyber-attack group have temporarily halted new intrusions, however, similar threat actors continue to pose risks
FunkSec Ransomware Victims Can Now Recover Files with Free Decryptor
Avast researchers shared a step-by-step guide to decrypt files for victims of FunkSec ransomware
Passwordless Future Years Away Despite Microsoft Authenticator Move
Experts argue that password managers are still useful despite Microsoft Authenticator ditching its capabilities
Over 200 Malicious Open Source Packages Traced to Lazarus Campaign
North Korea’s Lazarus Group has been blamed for a cyber-espionage campaign using open source packages
Hafnium Tied to Advanced Chinese Surveillance Tools
A SentinelLabs report has revealed patents linked to firms aiding China's cyber-espionage operations, exposing new capabilities
Hidden Backdoor Found in ATM Network via Raspberry Pi
A covert ATM attack used a Raspberry Pi to breach bank systems, employing stealthy malware and anti-forensics techniques
Google to Publicly Report New Vulnerabilities Within One Week of Vendor Disclosure
Google’s Project Zero team will provide limited details of new vulnerabilities early following discovery, in a bid to speed up end users’ patching
Third of Exploited Vulnerabilities Weaponized Within a Day of Disclosure
32.1% of vulnerabilities listed in VulnCheck’s Known Exploited Vulnerabilities catalog were weaponized before being detected or within the following day
Data Breach Costs Fall for First Time in Five Years
IBM found that the global average cost of a data breach has fallen by 9% compared to 2024, driven by improved detection and containment
