Infosecurity News
Connex Credit Union Breach Exposes 172,000 Members’ Data
A cyber-attack at Connex Credit Union has compromised data of 172,000 individuals, including sensitive information
New WinRAR Zero-Day Exploited by RomCom Hackers
A flaw in WinRAR, tracked as CVE-2025-8088, has been exploited by the RomCom group to deploy malware
Ghanaian Nationals Extradited for Roles in $100M Romance and Wire Fraud Ring
Four senior members of a Ghana-based criminal network have been indicted for stealing over $100 million through romance scams and BEC frau
Embargo Ransomware Gang Amasses $34.2m in Attack Proceeds
TRM Labs observed crypto payments worth $34.2m moved from victims addresses to a range of destinations likely associated with the group
Eight Countries Face EU Action Over NIS2 Deadline Failings
Eight European countries have yet to transpose NIS2 into law, exposing them to regulatory action
UK Red Teamers “Deeply Skeptical” of AI
Commercial red team experts believe AI’s current impact on cyber is overstated
#DEFCON: AI Cyber Challenge Winners Revealed in DARPA’s $4M Cybersecurity Showdown
The winners of the AI Cybersecurity Challenge (AIxCC), Team Atlanta, won a $4m prize
#BHUSA: CISA Execs ‘Hopeful’ for Extension of Cybersecurity Information Sharing Act
Leaders of the US Cybersecurity and Infrastructure Agency (CISA) pushed back on layoff concerns and highlighted new initiatives
Australian Regulator Sues Optus Over 2022 Data Breach
The Information Commissioner has applied for a civil penalty against Optus following the 2022 data breach that exposed the personal details of 9.5 million Australians
US Federal Judiciary Tightens Security Following Escalated Cyber-Attacks
The judiciary announced stronger protections for its case management system following reports of a major breach of sensitive court documents in multiple states
Bouygues Telecom Data Breach Exposes 6.4 Million Customer Records
Bouygues Telecom revealed the attackers stole personal data of 6.4 million customers, including contact details, contractual data and international bank account numbers
#BHUSA: 1000 DoD Contractors Now Covered by NSA’s Free Cyber Services Program
The NSA’s CAPT program, launched in 2024 with Horizon3.ai, now benefits 1000 of the 300,000 US Defense Industrial Base companies
#BHUSA: Microsoft Debuts AI Agent Able to Reverse Engineer Malware
A new Microsoft AI agent, named Project Ire, is able to autonomously classify malware at a global scale with a high level of precision
New Microsoft Exchange Vulnerability Puts Hybrid Cloud Environments at Risk
Microsoft Exchange customers have been urged to apply fixes set out in a hybrid deployment security update published in April
Google Among Victims in Ongoing Salesforce Data Theft Campaign
Google confirms it was among the victims of an ongoing data theft campaign targeting Salesforce instances, where publicly available business names and contact details were retrieved by the threat actor
Experts Alarmed by UK Government’s Companies House ID Checks
A UK government initiative to tackle Companies House fraud has raised security concerns
SonicWall: Attacks Linked to Legacy Bug and Password Use
SonicWall has claimed an uptick in Akira ransomware intrusions is due to legacy password use
#BHUSA: Security Researchers Uncover Critical Flaws in Axis CCTV Software
Claroty researchers have uncovered four vulnerabilities in a proprietary protocol used by surveillance equipment manufacturer Axis Communications
#BHUSA: Researchers Expose Infrastructure Behind Cybercrime Network VexTrio
According to Infoblox’s new report, the VexTrio cybercrime-enabling network originates from Italy and Eastern Europe
Clinical Data Stolen in Cyber-Attack on Kidney Dialysis Provider DaVita
The incident, reported to be ransomware-related, has resulted in attackers stealing sensitive personal and clinical data, including lab test results
