Infosecurity News

  1. ICO Launches TikTok Investigation Over Use of Children’s Data

    The Information Commissioner’s Office is now investigating how TikTok uses 13–17-year-olds’ personal information

  2. BYOVD Attacks Exploit Zero-Day in Paragon Partition Manager

    Threat actors are exploiting a zero-day bug in Paragon Partition Manager's BioNTdrv.sys driver during ransomware attacks

  3. Third-Party Attacks Drive Major Financial Losses in 2024

    Data from Resilience found that third-party attacks made up 23% of material cyber insurance claims in 2024, with ransomware attacks targeting vendors a major driver

  4. Cybersecurity M&A Roundup: SolarWinds Acquired for $4.4bn

    In February 2025, Sophos completed the Secureworks deal and SolarWinds went private

  5. Old Vulnerabilities Among the Most Widely Exploited

    Four in ten flaws exploited by threat actors in 2024 were from 2020 or earlier, with some dating back to the 1990s, according to a GreyNoise report

  6. Prolific Data Extortion Actor Arrested in Thailand

    A joint operation between the Thai and Singapore police has resulted in the arrest of a man allegedly responsible for over 90 data extortion attacks worldwide

  7. DragonForce Ransomware Hits Saudi Firm, 6TB Data Stolen

    DragonForce ransomware attacks Saudi firms stealing 6TB data, escalating cyber threats in real estate

  8. Winos 4.0 Malware Targets Taiwan With Email Impersonation

    Winos 4.0 malware uses phishing emails to target organizations in Taiwan, Fortinet experts warn

  9. Software Vulnerabilities Take Almost Nine Months to Patch

    Veracode found a 47% increase in the average time taken to patch software vulnerabilities, driven by growing reliance on third-party code

  10. Chinese Cyber Espionage Jumps 150%, CrowdStrike Finds

    In its 2025 Global Threat Report, CrowdStrike observed a significant escalation in Chinese cyber espionage activities

  11. OpenSSF Publishes Security Framework for Open Source Software

    OpenSSF has released new baseline security best practices to improve open source software quality

  12. FBI Confirms North Korea’s Lazarus Group as Bybit Crypto Hackers

    FBI confirms North Korea’s Lazarus Group responsible for Bybit crypto heist

  13. 99% of Organizations Report API-Related Security Issues

    99% of organizations report API-related security issues, highlighting risks from API growth

  14. DISA Global Solutions Confirms Data Breach Affecting 3.3M People

    DISA Global Solutions confirms data breach affecting 3.3M people, exposing sensitive personal info

  15. Signal May Exit Sweden If Government Imposes Encryption Backdoor

    Meredith Whittaker, Signal's CEO, has threatened to pull the company out of Sweden if a proposed government bill requiring encryption backdoors becomes law

  16. HaveIBeenPwned Adds 244 Million Passwords Stolen By Infostealers

    HaveIBeenPwned has added over 500 million new passwords and email addresses lifted via infostealers

  17. Ransomware Gang Publishes Stolen Genea IVF Patient Data

    IVF clinic Genea has confirmed that stolen patient data has been published online, with the Termite ransomware group appearing to be the perpetrators

  18. Geopolitical Tension Fuels APT and Hacktivism Surge

    Europe is hit hard as geopolitics drives increase in state-backed APT and hacktivist activity

  19. 61% of Hackers Use New Exploit Code Within 48 Hours of Attack

    61% of hackers use new exploit code within 48 hours, ransomware remains top threat in 2024

  20. Ghostwriter Cyber-Attack Targets Ukrainian, Belarusian Opposition

    Ghostwriter cyber-attack targets Ukrainian, Belarusian opposition using weaponized Excel documents

Why Not Watch?

  1. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

  2. Securing M365 Data and Identity Systems Against Modern Adversaries

  3. How To Enhance Security Operations with AI-Powered Defenses

  4. Time Is a New Attack Surface: Securing Networks with Trusted Time Synchronization

What’s Hot on Infosecurity Magazine?