Infosecurity News
US Government Warns of Wide-Ranging Interlock Attacks
A joint US government advisory highlighted novel initial access techniques deployed by Interlock, and urged businesses and critical infrastructure to stay vigilant
Global Ransomware Attacks Plummet 43% in Q2 2025
NCC Group observed a 43% drop in ransomware attacks in Q2 2025, driven by law enforcement actions and internal conflicts in groups
Russian Threat Actors Target NGOs with New OAuth Phishing Tactics
A new wave of phishing attacks exploiting Microsoft 365 OAuth tools has been observed impersonating diplomats to steal access codes
Widespread Net RFQ Scam Targets High-Value Goods
A widespread RFQ scam exploited net payment terms to fraudulently obtain high-value devices
SharePoint 'ToolShell' Vulnerabilities Exploited by Chinese Nation-State Hackers
Microsoft has observed three China-based threat actors, Linen Typhoon, Violet Typhoon and Storm-2603, exploiting the SharePoint vulnerabilities
UK Confirms Ransomware Payment Ban for Public Sector and CNI
The UK government said a public consultation showed widespread support on a payment ban for public sector and CNI organizations
Ransomware Group Uses AI Chatbot to Intensify Pressure on Victims
Despite being a rebrand of several ransomware families, GLOBAL GROUP innovated with the use of an AI chatbot in the negotiation process
Australian Regulator Alleges Financial Firm Exposed Clients to Unacceptable Cyber Risks
ASIC said the financial services firm’s failings led to a data breach impacting nearly 10,000 clients
AI Adoption is Driving SOC Role Reallocation Without Cutting Headcount
Abnormal AI found that 96% of security leaders have no plans to reduce the headcount in SOC teams as a result of AI adoption, instead focusing on reallocating roles
Iranian Hackers Deploy New Android Spyware Version
New samples of DCHSpy, a spyware implant linked to Iranian APT group MuddyWater, were detected by Lookout one week after the start of the Israel-Iran conflict
Fake Receipt Generators Fuel Rise in Online Fraud
An investigation has revealed novel scams using tools like MaisonReceipts, creating realistic fake receipts to resell stolen or counterfeit good
Accounting Firm Targeted by Malware Campaign Using New Crypter
An attack on a US accounting firm delivered PureRAT via Ghost Crypt, involving social engineering and advanced obfuscation techniques
New CrushFTP Critical Vulnerability Exploited in the Wild
CVE-2025-54309 could allow remote attackers to obtain admin access via HTTPS
Microsoft: Attackers Actively Compromising On-Prem SharePoint Customers
On-prem SharePoint customers have been told to assume compromise, with attackers observed to be exfiltrating data from victim servers across critical sectors
CISA Issues Advisories on Critical ICS Vulnerabilities Across Multiple Sectors
The US CISA has issued advisories for Industrial Control Systems vulnerabilities affecting multiple vendors including Johnson Controls, ABB, Hitachi Energy, and Schneider Electric
Russia Linked to New Malware Targeting Email Accounts for Espionage
Russian military intelligence-linked hackers are using a new malware called “Authentic Antics” to secretly access Microsoft cloud email accounts, the UK's NCSC reports
New “LameHug” Malware Deploys AI-Generated Commands
Ukraine’s CERT-UA has identified a new AI-powered malware, dubbed “LameHug,” which executes commands on compromised Windows systems in cyber-attacks, targeting the nation’s security and defense sector
AI-Generated Lcryx Ransomware Discovered in Cryptomining Botnet
A cryptomining botnet active since 2019 has incorporated likely AI-generated Lcryx ransomware into its operations
Retail Becomes New Target as Healthcare Ransomware Attacks Slow
Comparitech found that healthcare ransomware attacks rose 4% in H1 2025, a significantly lower rate than the cross-sector average of 50%
Malware-as-a-Service Campaign Exploits GitHub to Deliver Payloads
A new malware campaign uses GitHub to deliver payloads via Amadey botnet, bypassing email distribution
