Infosecurity News

  1. NSA and CISA Urge Adoption of Memory Safe Languages for Safety

    NSA and CISA are urging developers to adopt memory safe languages (MSLs) to combat vulnerabilities in software

  2. Microsoft nOAuth Flaw Still Exposes SaaS Apps Two Years After Discovery

    Semperis estimates that at least 15,000 enterprise SaaS applications are still vulnerable to a flaw discovered in 2023

  3. SAP GUI Input History Found Vulnerable to Weak Encryption

    Two SAP GUI vulnerabilities have been identified exposing sensitive data due to weak encryption in input history features

  4. Ransomware Attacks Dip in May Despite Persistent Retail Targeting

    NCC Group found that ransomware attacks fell for the third consecutive month in May 2025, despite a surge in incidents impacting retailers

  5. UK Ransom Payments Double as Victims Fall Behind Global Peers

    UK ransomware victims are paying extortionists twice as much as a year ago

  6. Common Good Cyber Fund Launched to Support Non-Profit Security Efforts

    The Common Good Cyber Fund will receive funding from the UK and Canadian governments, with further pledges from G7 nations

  7. Half of Customer Signups Are Now Fraudulent

    Okta says over 46% of new customer registrations are bot-driven fraud attempts

  8. Lessons from Helsinki: NCSC-FI's Role in Mitigating a Major Data Breach

    A representative of NCSC-FI shared some lessons learned from a 2024 data breach affecting the Finnish capital

  9. Malware Campaign Uses Rogue WordPress Plugin to Skim Credit Cards

    A long-running malware campaign targeting WordPress via a rogue plugin has been observed skimming data, stealing credentials and user profiling

  10. Mclaren Health Care Data Breach Impacts Over 743,000 Patients

    Data breach at McLaren Health Care affecting over 743,000 individuals has been linked to a ransomware attack

  11. Half of Security Pros Want GenAI Deployment Pause

    Cobalt found that many security professionals believe a “strategic pause” in genAI deployment is necessary to recalibrate defenses

  12. Reported Impersonation Scams Surge 148% as AI Takes Hold

    New ITRC data reveals identity crimes are down but impersonation scams now account for a third of all scams

  13. NCSC Urges Experts to Join Cyber Advisor Program

    The NCSC says its Cyber Advisor program is not growing fast enough

  14. Cyber Intel Pros and Hobbyists Can Now Report Threats Anonymously

    Draugnet is a new anonymous threat reporting platform built for the MISP ecosystem

  15. Cyber Fattah Leaks Data from Saudi Games in Alleged Iranian Operation

    A cyber-attack by pro-Iranian group Cyber Fattah has leaked personal information from the Saudi Games online

  16. Fake Web3 Wallet Prompt Steals $43,000 from CoinMarketCap Users

    A cyber-attack on CoinMarketCap exposed users to a fake Web3 wallet prompt, draining $43,266 from wallets

  17. US Warns of Heightened Risk of Iranian Cyber-Attacks After Military Strikes

    The DHS warned of a heightened risk of cyber and physical attacks on US targets by Iran in retaliation for strikes on Iranian nuclear facilities over the weekend

  18. Cyber Essentials Breaks Quarterly Record for Certifications

    The UK government’s Cyber Essentials scheme hits 10,000 certifications for the first time in a quarter but challenges persist

  19. Chinese “LapDogs” ORB Network Targets US and Asia

    SecurityScorecard has discovered a covert cyber-espionage botnet dubbed “LapDogs” linked to China

  20. M&S and Co-op Hacks Classified as Single Cyber Event

    The UK’s Cyber Monitoring Centre (CMC) assessed the incident as a Category 2 systemic event, based on the significant economic impact

Why Not Watch?

  1. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  2. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

  3. Modernizing GRC: From Checkbox to Strategic Advantage

  4. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

What’s Hot on Infosecurity Magazine?