Infosecurity News

  1. New LockBit Ransomware Variant Emerges as Most Dangerous Yet

    Trend Micro highlighted the new LockBit version’s improved technical improvements and cross-platform functionality compared to previous iterations

  2. Critical Vulnerability in Salesforce AgentForce Exposed

    Critical flaw ForcedLeak in Salesforce's AgentForce allows CRM data theft via prompt injection

  3. Malicious AI Agent Server Reportedly Steals Emails

    The security researchers who discovered the malicious npm package called it the “first malicious MCP in the wild”

  4. Phishing Campaign Evolves into PureRAT Deployment, Linked to Vietnamese Threat Actors

    Vietnamese phishing campaign evolves from Python infostealer to PureRAT trojan

  5. Chinese Hackers Use 'BRICKSTORM' Backdoor to Breach US Firms

    The hackers are likely trying to collect data to feed the development of zero-day exploits, said Google researchers

  6. Co-op Records £206m Revenue Loss Following Cyber-Attack

    The UK retailer estimated the losses from temporarily shutting down some of its systems to contain the threat

  7. Experts Warn of Global Breach Risk from Indian Suppliers

    SecurityScorecard report finds 53% of Indian vendors suffered third-party breaches in the past year

  8. NCA Arrest Man as HardBit Ransomware Blamed for Airport Outages

    The UK’s National Crime Agency has arrested a suspect in connection with a ransomware attack on Collins Aerospace

  9. npm Package Uses QR Code Steganography to Steal Credentials

    Malicious npm package Fezbox uses QR codes to steal credentials from browser cookies

  10. ShadowV2 Botnet Exposes Rise of DDoS-as-a-service Platforms

    New campaign merges traditional malware with DevOps tools, using GitHub CodeSpaces for DDoS attacks

  11. Vegas Gambling Giant Hit by Cyber Incident, Employee Data Exposed

    Boyd Gaming Corporation has disclosed that an unauthorized actor removed data from its systems, including information about employees and other individuals

  12. Cell Tower Hacking Gear Seized Ahead of UN General Assembly

    The equipment could be used to disable cell phone towers and conduct denial-of-services attacks across New York City

  13. Federal Agency Compromised Via GeoServer Exploit, CISA Reveals

    An unnamed federal agency was hacked last year after threat actors exploited a critical GeoServer vulnerability

  14. European Police Bust €100m Crypto-Fraud Ring

    Police have arrested five suspects linked to a €100m cryptocurrency fraud ring

  15. Iranian Hacking Group Nimbus Manticore Expands European Targeting

    Nimbus Manticore intensified European cyber-espionage, targeting aerospace, telecom, defense sectors

  16. Deepfake Attacks Hit Two-Thirds of Businesses

    Gartner research found that 62% of organizations have experienced a deepfake attack in the past 12 months

  17. Critical Security Flaws Grow with AI Use, New Report Shows

    Rising hardware, API, and network flaws expose organizations to new risks in an AI-driven landscape

  18. Attacker Breakout Time Falls to 18 Minutes

    ReliaQuest report claims time from initial access to lateral movement has shrunk to just 18 minutes

  19. Car Giant Stellantis Confims Third-Party Breach

    Stellantis confirmed that customers’ personal information was potentially exposed

  20. Jaguar Land Rover Extends Production Pause Again

    UK carmaker Jaguar Land Rover has said production will remain shuttered until October 1

Why Not Watch?

  1. How to Harness Advanced Intelligence Capabilities to Strengthen Cyber Defence

  2. Behind the Curtain of Microsoft 365 Cybersecurity: Lessons from Overlooked Resilience Gaps

  3. How to Recover From a Cyber-Attack: A Step-by-Step Playbook

  4. How To Enhance Security Operations with AI-Powered Defenses

What’s Hot on Infosecurity Magazine?