Infosecurity News

  1. Two-Thirds of Organizations Have Unfilled Cybersecurity Positions

    Recruitment and retention remain a significant challenge for security teams, amid growing pressures on cyber professionals

  2. SonicWall SSL VPN Attacks Escalate, Bypassing MFA

    Akira ransomware attacks on SonicWall SSL VPN appliances are bypassing its MFA for rapid deployment

  3. Harrods Reveals Supply Chain Breach Impacting Online Customers

    Department store Harrods has notified e-commerce customers of a major data breach

  4. Singapore Threatens Meta With Fines Over Facebook Impersonation Scams

    The Singapore police said Facebook is the top platform for online scams in the country

  5. ArcaneDoor Threat Actor Resurfaces in Continued Attacks Against Cisco Firewalls

    An attack campaign has been identified which exploits vulnerabilities in Cisco Adaptive Security Appliance software

  6. Interpol Cracks Down on Large-Scale African Scamming Networks

    The effort, named Operation Contender 3.0, led to the arrest of 260 suspected cybercriminals

  7. JLR Begins Phased Restart of Operations After Cyber-Attack

    JLR said it is in a position to start clearing its backlog of payments for suppliers, while its parts logistics center is returning to full operations

  8. New LockBit Ransomware Variant Emerges as Most Dangerous Yet

    Trend Micro highlighted the new LockBit version’s improved technical improvements and cross-platform functionality compared to previous iterations

  9. Critical Vulnerability in Salesforce AgentForce Exposed

    Critical flaw ForcedLeak in Salesforce's AgentForce allows CRM data theft via prompt injection

  10. Malicious AI Agent Server Reportedly Steals Emails

    The security researchers who discovered the malicious npm package called it the “first malicious MCP in the wild”

  11. Phishing Campaign Evolves into PureRAT Deployment, Linked to Vietnamese Threat Actors

    Vietnamese phishing campaign evolves from Python infostealer to PureRAT trojan

  12. Chinese Hackers Use 'BRICKSTORM' Backdoor to Breach US Firms

    The hackers are likely trying to collect data to feed the development of zero-day exploits, said Google researchers

  13. Co-op Records £206m Revenue Loss Following Cyber-Attack

    The UK retailer estimated the losses from temporarily shutting down some of its systems to contain the threat

  14. Experts Warn of Global Breach Risk from Indian Suppliers

    SecurityScorecard report finds 53% of Indian vendors suffered third-party breaches in the past year

  15. NCA Arrest Man as HardBit Ransomware Blamed for Airport Outages

    The UK’s National Crime Agency has arrested a suspect in connection with a ransomware attack on Collins Aerospace

  16. npm Package Uses QR Code Steganography to Steal Credentials

    Malicious npm package Fezbox uses QR codes to steal credentials from browser cookies

  17. ShadowV2 Botnet Exposes Rise of DDoS-as-a-service Platforms

    New campaign merges traditional malware with DevOps tools, using GitHub CodeSpaces for DDoS attacks

  18. Vegas Gambling Giant Hit by Cyber Incident, Employee Data Exposed

    Boyd Gaming Corporation has disclosed that an unauthorized actor removed data from its systems, including information about employees and other individuals

  19. Cell Tower Hacking Gear Seized Ahead of UN General Assembly

    The equipment could be used to disable cell phone towers and conduct denial-of-services attacks across New York City

  20. Federal Agency Compromised Via GeoServer Exploit, CISA Reveals

    An unnamed federal agency was hacked last year after threat actors exploited a critical GeoServer vulnerability

Why Not Watch?

  1. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  2. Audit & Compliance in the Era of AI and Emerging Technology

  3. How To Enhance Security Operations with AI-Powered Defenses

  4. Why Your Organisation Needs Trusted Time Synchronisation

What’s Hot on Infosecurity Magazine?