Infosecurity News
Threat Actors Exploit SVG Files in Stealthy JavaScript Redirects
A new phishing campaign uses SVG files for JavaScript redirects, bypassing traditional detection methods
SaaS Security Adoption Grows Amid Rising Breach Rates
The latest report from AppOmni has revealed 91% confidence in SaaS security while 75% of organizations have faced incidents
North Korean Actors Expand Contagious Interview Campaign with New Malware Loader
Socket has identified a new malware loader called XORIndex incorporated into malicious packages published to the npm registry, with over 9000 downloads so far
Abacus Market Shutters After Exit Scam, Say Experts
Darknet giant Abacus Market has gone offline due to a likely exit scam, according to TRM Labs
NCSC Launches Vulnerability Research Institute to Boost UK Resilience
The NCSC’s new Vulnerability Research Institute will help it develop outreach with the external cybersecurity community
Grok-4 Jailbroken Two Days After Release Using Combined Attack
Grok-4 was jailbroken 48 hours post-launch using Echo Chamber and Crescendo attack methods
IoT Devices at Risk Due to eSIM Flaw in Kigen eUICC Cards
A vulnerability in Kigen eUICC cards has exposed billions of IoT devices via flawed eSIM profile management
Fake News Sites Mimicking CNN, BBC and CNBC Pave Way for Investment Scams
CTM360 has identified over 17,000 fake news sites mimicking reputable brands like CNN, BBC and CNBC, spreading investment fraud across 50 countries
NCSC Urges Enterprises to Upgrade to Microsoft Windows 11 to Avoid Cyber Threats
The NCSC has warned that there are still a significant number of organizations using Windows 10, which will soon be unsupported with security updates
Interlock Ransomware Unleashes New RAT in Widespread Campaign
Interlock ransomware continues to develop custom tooling and a new RAT has been detected by researchers
Louis Vuitton UK Latest Retailer Hit by Data Breach
Louis Vuitton’s UK business has notified customers of a personal data breach
Indian Police Raid Tech Support Scam Call Center
Operation Chakra-V scores success as a fraud syndicate is busted following the raid of a scam call center operating in Noida, Uttar Pradesh
ISACA Addresses Experience Gap with CISA Associate Designation
The new CISA Associate designation recognizes ISACA members who have passed the CISA exam, but do not yet have the required experience
British Man Sentenced for Network Rail Wi-Fi Hack
The man was handed a suspended prison sentence for offenses relating to the hack of Network Rail public Wi-Fi, exposing customers to offensive messaging
Indian Cyber Espionage Group Targets Italian Government
DoNot APT, also known as APT-C-35, traditionally operates exclusively in South Asia
Over Half of “Finfluencer” Victims Have Lost Money, Says TSB
British bank TSB warns of rise of “finfluencers” who dispense dubious financial advice online
MPs Warn of “Significant” Iranian Cyber-Threat to UK
The Intelligence and Security Committee has warned of Iran’s “aggressive” and “extensive” cyber capabilities
LLMs Fall Short in Vulnerability Discovery and Exploitation
Forescout found that most LLMs are unreliable in vulnerability research and exploit tasks, with threat actors still skeptical about using tools for these purposes
TikTok's Handling of EU User Data in China Comes Under Scrutiny Again
A new probe, opened two months after a €530m fine to TikTok, will investigate the tech giant’s storage of EU users’ data in China
Four Arrested in Connection with April UK Retail Attacks
The NCA has arrested four individuals on suspicion of involvement in the attacks on M&S, Co-op and Harrods
