Infosecurity News
CISA and FBI Warn of Global Threat from Ghost Ransomware
CISA and the FBI have released a joint advisory detailing the activity of China’s Ghost ransomware
WordPress Plugin Vulnerability Exposes 90,000 Sites to Attack
A flaw in the Jupiter X Core plugin has been identified, allowing upload of malicious SVG files and remote code execution on vulnerable servers
Finastra Notifies Customers of Data Breach
Finastra notifies customers of data breach that took place more than three months ago, impacting sensitive financial information
Australian IVF Clinic Suffers Data Breach Following Cyber Incident
Australia-based Genea said it is investigating the cyber incident to determine whether any personal data was accessed by an unauthorized third party
Spies Eye AUKUS Nuclear Submarine Secrets, Australia’s Intelligence Chief Warns
The head of the Australian Security Intelligence Organisation gave his Annual Threat Assessment for the year ahead
Cyber Investor Insight Partners Suffers Security Breach
Venture capital firm Insight Partners, which counts Recorded Future, SentinelOne and Wiz in its portfolio, confirmed an intrusion into its systems via a social engineering attack
Russian State Hackers Target Signal to Spy on Ukrainians
Google has warned that Russian state-backed hackers are targeting Signal to eavesdrop on persons of interest in Ukraine
Hundreds of US Military and Defense Credentials Compromised
Hudson Rock has found evidence that infostealers have compromised hundreds of US military and defense contractor credentials
OpenSSH Flaws Expose Systems to Critical Attacks
Significant OpenSSH flaws are exposing systems to man-in-the-middle and denial-of service attacks
Mustang Panda Leverages Microsoft Tools to Bypass Anti-Virus Solutions
Trend Micro found that Chinese espionage group Mustang Panda is deploying malware via legitimate Microsoft tools, enabling it to bypass ESET antivirus applications
Evolving Snake Keylogger Variant Targets Windows Users
A new Snake Keylogger variant, responsible for over 280 million blocked infection attempts worldwide, has been identified targeting Windows users
BlackLock On Track to Be 2025’s Most Prolific Ransomware Group
The BlackLock or Eldorado ransomware gang could be the year’s fastest-growing ransomware-as-a-service group
Proofpoint Uncovers FrigidStealer, A New MacOS Infostealer
Proofpoint also identified two new threat actors operating components of web inject campaigns, TA2726 and TA2727
Zacks Investment Research Breach Hits 12 Million
A threat actor claims to have hacked and published data on 12 million Zacks Investment Research accounts
Pro-Russia Hackers NoName057(16) Hit Italian Banks and Airports
Pro-Russia hackers NoName057(16) has targeted Italian banks, airports and ports in a series of DDoS attacks
South Korea Suspends Downloads of AI Chatbot DeepSeek
South Korea’s Personal Information Protection Commission is blocking DeepSeek AI downloads over privacy concerns
Microsoft Detects New XCSSET MacOS Malware Variant
Microsoft has observed a new variant of XCSSET, a sophisticated macOS malware that infects Xcode projects
Telegram Used as C2 Channel for New Golang Malware
A Golang backdoor is using Telegram as its command and control (C2) channel, an approach that makes detection harder for defenders, according to Netskope researchers
Estonian Duo Plead Guilty to $577m Crypto Ponzi Scheme
Two Estonian nationals have pleaded guilty to running a cryptocurrency-related Ponzi scheme
Palo Alto Networks and SonicWall Firewalls Under Attack
Vulnerabilities in firewalls from Palo Alto Networks and SonicWall are currently under active exploitation
