Infosecurity News
New AI-Developed Malware Campaign Targets Iranian Protests
The RedKitten campaign distributes lures designed to target people seeking information about missing persons or political dissidents in Iran
National Crime Agency and NatWest Issue Joint Warning Over Invoice Fraud Threat
Cyber fraudsters targeting corporate finance departments costs businesses millions a year
Google Disrupts Extensive Residential Proxy Networks
Google has taken coordinated action against the massive IPIDEA residential proxy network, enhancing customer protections and disrupting cybercrime operations
Operation Winter SHIELD: FBI Issues Call to Arms for Organizations to Improve Cybersecurity
The FBI outlines ten actions which organizations can take to defend networks against cybercriminal and nation-state threats
France Fines National Employment Agency €5m Over 2024 Data Breach
The French data protection regulator said that France Travail’s response to a 2024 data breach violated GDPR
New CISA Guidance Targets Insider Threat Risks
CISA urges action against insider threats with publication of a new infographic offering strategies to manage risks
FBI Takes Down RAMP Ransomware Forum
The dark web forum administrator confirmed the takedown and said they had “no plans to rebuild”
Ransomware Victim Numbers Rise, Despite Drop in Active Extortion Groups
Ransomware victims surged in Q4 2025 despite fewer active extortion groups, with data leaks rising 50%, ReliaQuest researchers report
US Data Breaches Hit Record High but Victim Numbers Decline
Non-profit ITRC says the number of data breaches increased 5% annually to reach a record total in 2025
Number of Cybersecurity Pros Surges 194% in Four Years
Cybersecurity is now the fifth fastest-growing occupation in the UK, says Socura
Cybersecurity Teams Embrace AI, Just Not at the Scale Marketing Suggests
Despite the seemingly widespread adoption of AI for security operations, security leaders primarily use it for “relatively basic use cases,” said a Sumo Logic study
Autonomous System Uncovers Long-Standing OpenSSL Flaws
A recent update has fixed 12 vulnerabilities in OpenSSL, some existing in the codebase for years
Critical and High Severity n8n Sandbox Flaws Allow RCE
Two critical security flaws in n8n have exposed sandboxing vulnerabilities, enabling remote code execution for attackers
Emojis in PureRAT’s Code Point to AI-Generated Malware Campaign
Researchers discover that PureRAT’s code now contains emojis – indicating it has been written by AI based-on comments ripped from social media.
AI Security Threats Loom as Enterprise Usage Jumps 91%
Zscaler analysts found critical vulnerabilities in 100% of enterprise AI systems, with 90% compromised in under 90 minutes
Researchers Uncover 454,000+ Malicious Open Source Packages
Sonatype warns that open source threats became industrialized with a surge in malicious packages in 2025
Chinese Money Launderers Drive Global Ecosystem Worth $82bn
Chainalysis claims Chinese money launderers now account for 20% of global activity
Pyodide Sandbox Escape Enables Remote Code Execution in Grist-Core
Critical sandbox escape vulnerability in Grist-Core enables remote code execution via a malicious formula
PeckBirdy Framework Tied to China-Aligned Cyber Campaigns
PeckBirdy command-and-control framework targeting gambling, government sectors in Asia since 2023 has been linked to China-aligned APTs
Over 80% of Ethical Hackers Now Use AI
Bugcrowd study reveals 82% of security researchers now use AI, a big increase from 2023 figures
