https://www.infosecurity-magazine.com/news/ Copyright © 2026 Reed Exhibitions Ltd. All Rights Reserved. https://www.infosecurity-magazine.com/news/github-confirms-breach-vs-code/ The prolific threat group TeamPCP has claimed a hack into GitHub’s internal repositories Wed, 20 May 2026 10:45:00 GMT https://www.infosecurity-magazine.com/news/github-confirms-breach-vs-code/ https://www.infosecurity-magazine.com/news/researchers-cypherloc-scareware/ Barracuda reveals new CypherLoc scareware has featured in nearly three million attacks Wed, 20 May 2026 10:00:00 GMT https://www.infosecurity-magazine.com/news/researchers-cypherloc-scareware/ https://www.infosecurity-magazine.com/news/verizon-dbir-exploits-top-access/ Verizon DBIR finds 31% of data breaches began with software flaws last year Wed, 20 May 2026 08:40:00 GMT https://www.infosecurity-magazine.com/news/verizon-dbir-exploits-top-access/ https://www.infosecurity-magazine.com/news/microsoft-takes-down-fox-tempest/ Microsoft’s Digital Crimes Unit has taken down the infrastructure of Fox Tempest, a prolific cybercrime-enabling threat group Tue, 19 May 2026 15:00:00 GMT https://www.infosecurity-magazine.com/news/microsoft-takes-down-fox-tempest/ https://www.infosecurity-magazine.com/news/ai-raises-vulnerability-awareness/ AI-powered vulnerability scanning leaves no excuse for unpatched bugs as the EU Cyber Resilience Act pushes firms toward secure-by-design software Tue, 19 May 2026 12:30:00 GMT https://www.infosecurity-magazine.com/news/ai-raises-vulnerability-awareness/ https://www.infosecurity-magazine.com/news/agentic-ai-accelerates-software/ Digital.ai data reveals 87% of apps were attacked over the past year Tue, 19 May 2026 12:00:00 GMT https://www.infosecurity-magazine.com/news/agentic-ai-accelerates-software/ https://www.infosecurity-magazine.com/news/grafana-labs-confirms-hackers/ Open source tool maker Grafana says hackers stole codebase via GitHub breach Tue, 19 May 2026 09:15:00 GMT https://www.infosecurity-magazine.com/news/grafana-labs-confirms-hackers/ https://www.infosecurity-magazine.com/news/hackers-bypass-security-tools/ Bridewell report calls out emergence of “fix-style” attacks Tue, 19 May 2026 08:20:00 GMT https://www.infosecurity-magazine.com/news/hackers-bypass-security-tools/ https://www.infosecurity-magazine.com/news/interpol-cybercrime-crackdown-mena/ Over 200 people were arrested in an anti-cybercrime operation that spanned 13 countries across the Middle East and North Africa Mon, 18 May 2026 14:00:00 GMT https://www.infosecurity-magazine.com/news/interpol-cybercrime-crackdown-mena/ https://www.infosecurity-magazine.com/news/infosec-europe-cyber-startup/ New for 2026, the Infosecurity Europe Startup competition will see five finalists pitch their ideas in front of a live audience, including senior industry leaders, investors and buyers Mon, 18 May 2026 13:30:00 GMT https://www.infosecurity-magazine.com/news/infosec-europe-cyber-startup/ https://www.infosecurity-magazine.com/news/ncsc-publishes-guidance-securing/ The UK’s National Cyber Security Centre is helping organizations to understand agentic AI security risks Mon, 18 May 2026 10:30:00 GMT https://www.infosecurity-magazine.com/news/ncsc-publishes-guidance-securing/ https://www.infosecurity-magazine.com/news/security-researchers-47-zerodays/ The research community was awarded $1.3m as it found dozens of novel vulnerabilities at Pwn2Own Berlin Mon, 18 May 2026 09:45:00 GMT https://www.infosecurity-magazine.com/news/security-researchers-47-zerodays/ https://www.infosecurity-magazine.com/news/bank-england-fca-treasury-alarm/ The UK’s financial authorities have set expectations for the sector on cybersecurity and operational resilience Mon, 18 May 2026 09:00:00 GMT https://www.infosecurity-magazine.com/news/bank-england-fca-treasury-alarm/ https://www.infosecurity-magazine.com/news/gremlin-stealer-evolves-into/ A new Gremlin stealer variant has evolved into a modular toolkit with advanced evasion and data theft capabilities, according to new Unit 42 research Fri, 15 May 2026 14:19:00 GMT https://www.infosecurity-magazine.com/news/gremlin-stealer-evolves-into/ https://www.infosecurity-magazine.com/news/microsoft-zeroday-exchange-servers/ The zero-day vulnerability affects on-premises installations for all versions of Exchange Server 2016, 2019 and Subscription Edition Fri, 15 May 2026 12:35:00 GMT https://www.infosecurity-magazine.com/news/microsoft-zeroday-exchange-servers/ https://www.infosecurity-magazine.com/news/china-hackers-tencshell-malware/ A suspected China-linked threat actor targeted the Indian branch of a global manufacturer leveraging an open source offensive toolkit Fri, 15 May 2026 08:00:00 GMT https://www.infosecurity-magazine.com/news/china-hackers-tencshell-malware/ https://www.infosecurity-magazine.com/news/mustang-panda-fdmtp-backdoor-apj/ Mustang Panda campaign deploys updated FDMTP backdoor against Asia-Pacific and Japan networks Thu, 14 May 2026 15:00:00 GMT https://www.infosecurity-magazine.com/news/mustang-panda-fdmtp-backdoor-apj/ https://www.infosecurity-magazine.com/news/google-launches-android-spyware/ Google’s Android Advanced Protection Mode is getting a new feature allowing trusted security experts to investigate potential spyware infections Thu, 14 May 2026 13:30:00 GMT https://www.infosecurity-magazine.com/news/google-launches-android-spyware/ https://www.infosecurity-magazine.com/news/fragnesia-linux-kernel-lpe-root/ New Fragnesia kernel flaw lets unprivileged local users escalate to root on Linux systems Thu, 14 May 2026 13:00:00 GMT https://www.infosecurity-magazine.com/news/fragnesia-linux-kernel-lpe-root/ https://www.infosecurity-magazine.com/news/most-organizations-ai-agents/ Semperis study finds 74% of organizations believe AI will increase attacks on identity infrastructure Thu, 14 May 2026 09:20:00 GMT https://www.infosecurity-magazine.com/news/most-organizations-ai-agents/ https://www.infosecurity-magazine.com/news/ico-steps-in-advice-handling-ai/ The Information Commissioner’s Office has released new guidance on how to mitigate the risk of AI-powered attacks Thu, 14 May 2026 09:00:00 GMT https://www.infosecurity-magazine.com/news/ico-steps-in-advice-handling-ai/ https://www.infosecurity-magazine.com/news/canvas-cybercriminals-agreement/ Instructure says it reached an agreement with ShinyHunters over the Canvas breach data Wed, 13 May 2026 14:30:00 GMT https://www.infosecurity-magazine.com/news/canvas-cybercriminals-agreement/ https://www.infosecurity-magazine.com/news/avada-builder-flaws-one-million/ Avada Builder flaws allowed file read and SQL injection on one million WordPress sites Wed, 13 May 2026 14:00:00 GMT https://www.infosecurity-magazine.com/news/avada-builder-flaws-one-million/ https://www.infosecurity-magazine.com/news/ransomware-over-half-cisos-would/ Survey of cybersecurity leaders suggests that majority would strongly consider paying cybercriminals, if that’s what it took to help restore encrypted systems Wed, 13 May 2026 12:30:00 GMT https://www.infosecurity-magazine.com/news/ransomware-over-half-cisos-would/ https://www.infosecurity-magazine.com/news/new-sboms-for-ai-guidance-2026/ The G7 Cybersecurity Working Group releases new SBOM for AI guidance, outlining seven key data clusters to boost transparency and security across AI supply chains Wed, 13 May 2026 11:00:00 GMT https://www.infosecurity-magazine.com/news/new-sboms-for-ai-guidance-2026/ https://www.infosecurity-magazine.com/news/uks-cyber-sector-grows-revenue-11/ UK cybersecurity sector reaches £14.7bn in revenue, driven by rapid growth in AI security firms, increased investment and rising employment across the industry Wed, 13 May 2026 09:05:00 GMT https://www.infosecurity-magazine.com/news/uks-cyber-sector-grows-revenue-11/ https://www.infosecurity-magazine.com/news/microsoft-17-critical-flaws-may/ Microsoft has patched 120 vulnerabilities in this month’s security update round Wed, 13 May 2026 08:15:00 GMT https://www.infosecurity-magazine.com/news/microsoft-17-critical-flaws-may/ https://www.infosecurity-magazine.com/news/openai-daybreak-secure-by-design/ With Daybreak, OpenAI wants its frontier AI models to be used to deploy secure by design software from the ground up Tue, 12 May 2026 15:15:00 GMT https://www.infosecurity-magazine.com/news/openai-daybreak-secure-by-design/ https://www.infosecurity-magazine.com/news/mini-shai-hulud-tanstack-npm/ Mini Shai-Hulud compromises TanStack npm packages and spreads across PyPI Tue, 12 May 2026 14:45:00 GMT https://www.infosecurity-magazine.com/news/mini-shai-hulud-tanstack-npm/ https://www.infosecurity-magazine.com/news/apple-google-rcs-end-to-end/ Apple begins rolling out end-to-end encrypted RCS messaging between iPhone and Android in iOS 26.5 Tue, 12 May 2026 13:00:00 GMT https://www.infosecurity-magazine.com/news/apple-google-rcs-end-to-end/ https://www.infosecurity-magazine.com/news/clickfix-combined-pysoxy-proxying/ Exploitation of open-source tools allows attackers to maintain persistent access after initial social engineering, warn ReliaQuest researchers Tue, 12 May 2026 12:00:00 GMT https://www.infosecurity-magazine.com/news/clickfix-combined-pysoxy-proxying/ https://www.infosecurity-magazine.com/news/malicious-hugging-face-repo/ HiddenLayer reveals infostealer malware in a Hugging Face repository Tue, 12 May 2026 09:30:00 GMT https://www.infosecurity-magazine.com/news/malicious-hugging-face-repo/ https://www.infosecurity-magazine.com/news/south-staffordshire-water-fined-1m/ The ICO has fined South Staffordshire Water nearly £1m for a series of data protection failings Tue, 12 May 2026 08:30:00 GMT https://www.infosecurity-magazine.com/news/south-staffordshire-water-fined-1m/ https://www.infosecurity-magazine.com/news/trickmo-c-ton-network-android/ ThreatFabric finds new TrickMo Android banking trojan variant routing C2 through The Open Network Mon, 11 May 2026 15:15:00 GMT https://www.infosecurity-magazine.com/news/trickmo-c-ton-network-android/ https://www.infosecurity-magazine.com/news/dirty-frag-linux-kernel/ Two new high-severity vulnerabilities, dubbed ’Dirty Frag’ when chained, have been found in the Linux kernel, affecting most Linux distributions Mon, 11 May 2026 14:30:00 GMT https://www.infosecurity-magazine.com/news/dirty-frag-linux-kernel/ https://www.infosecurity-magazine.com/news/fake-claude-code-installer/ Ontinue uncovers fake Claude Code installer pushing PowerShell stealer abusing Chrome's IElevator2 Mon, 11 May 2026 14:00:00 GMT https://www.infosecurity-magazine.com/news/fake-claude-code-installer/ https://www.infosecurity-magazine.com/news/hackers-using-ai-zero-day-first/ Google Threat Intelligence Group details how cybercriminals attempted to launch a campaign based around an AI-developed Zero-Day targeting open-source software Mon, 11 May 2026 13:00:00 GMT https://www.infosecurity-magazine.com/news/hackers-using-ai-zero-day-first/ https://www.infosecurity-magazine.com/news/us-fcc-relaxes-foreign-router-ban/ The same extension applies to security updates shipped to US-based users of foreign-made drones Mon, 11 May 2026 11:00:00 GMT https://www.infosecurity-magazine.com/news/us-fcc-relaxes-foreign-router-ban/ https://www.infosecurity-magazine.com/news/shinyhunters-escalates-canvas/ ShinyHunters has escalated its Canvas extortion campaign, defacing hundreds of school login pages and threatening to leak stolen data unless institutions negotiate Mon, 11 May 2026 10:05:00 GMT https://www.infosecurity-magazine.com/news/shinyhunters-escalates-canvas/ https://www.infosecurity-magazine.com/news/zara-data-breach-impacts-200000/ ShinyHunters gets away with emails and other data on 200,000 Zara customers Mon, 11 May 2026 09:00:00 GMT https://www.infosecurity-magazine.com/news/zara-data-breach-impacts-200000/ https://www.infosecurity-magazine.com/news/police-shut-crimenetwork-may-2025/ Spanish police have arrested the suspected administrator of German dark web marketplace Crimenetwork Mon, 11 May 2026 08:15:00 GMT https://www.infosecurity-magazine.com/news/police-shut-crimenetwork-may-2025/ https://www.infosecurity-magazine.com/news/australian-cyber-security-centre/ ACSC warns over a campaign targeting organizations which uses ClickFix to deliver Vidar infostealer malware Fri, 08 May 2026 11:00:00 GMT https://www.infosecurity-magazine.com/news/australian-cyber-security-centre/ https://www.infosecurity-magazine.com/news/pcpjack-campaign-boots-teampcp-off/ SentinelOne believes the PCPJack campaign may be the brainchild of a former TeamPCP member Fri, 08 May 2026 09:00:00 GMT https://www.infosecurity-magazine.com/news/pcpjack-campaign-boots-teampcp-off/ https://www.infosecurity-magazine.com/news/legacy-security-tools-are-failing/ Traditional network security tools are undermining data protection, with Forrester and Capital One Software research warning AI adoption is impossible without rethinking data security Thu, 07 May 2026 14:50:00 GMT https://www.infosecurity-magazine.com/news/legacy-security-tools-are-failing/ https://www.infosecurity-magazine.com/news/cline-kanban-websocket-hijack-ai/ Oasis Security finds critical Cline kanban WebSocket flaw exposing AI coding agents to hijack Thu, 07 May 2026 14:30:00 GMT https://www.infosecurity-magazine.com/news/cline-kanban-websocket-hijack-ai/ https://www.infosecurity-magazine.com/news/llm-critical-infrastructure/ Commercial AI models were used to help plan and conduct cyber-attack against operational technology of a water and drainage facility, say researchers Thu, 07 May 2026 14:00:00 GMT https://www.infosecurity-magazine.com/news/llm-critical-infrastructure/ https://www.infosecurity-magazine.com/news/fake-claude-site-beagle-backdoor/ Sophos finds fake Claude site spreading DonutLoader and a new Beagle backdoor via DLL sideloading Thu, 07 May 2026 13:15:00 GMT https://www.infosecurity-magazine.com/news/fake-claude-site-beagle-backdoor/ https://www.infosecurity-magazine.com/news/daemon-tools-confirms-software/ A China-linked threat actor backdoored a version of Daemon Tools to infect thousands Thu, 07 May 2026 09:30:00 GMT https://www.infosecurity-magazine.com/news/daemon-tools-confirms-software/ https://www.infosecurity-magazine.com/news/researchers-spot-uptick-vercel/ Cofense has warned of a “significant” increase in phishing campaigns abusing Vercel platform Thu, 07 May 2026 08:30:00 GMT https://www.infosecurity-magazine.com/news/researchers-spot-uptick-vercel/ https://www.infosecurity-magazine.com/news/cloudz-rat-pheno-phone-link-otp/ Cisco Talos uncovers CloudZ RAT and Pheno plugin abusing Microsoft Phone Link to intercept SMS OTPs Wed, 06 May 2026 15:00:00 GMT https://www.infosecurity-magazine.com/news/cloudz-rat-pheno-phone-link-otp/ https://www.infosecurity-magazine.com/news/cisa-ci-fortify-isolation-recovery/ CISA’s CI Fortify initiative aim for critical infrastructure operators to build isolation & recovery Wed, 06 May 2026 13:15:00 GMT https://www.infosecurity-magazine.com/news/cisa-ci-fortify-isolation-recovery/ https://www.infosecurity-magazine.com/news/iran-linked-apt-chaos-ransomware/ Rapid7 reveals an Iranian false flag operation masquerading as a Chaos ransomware attack Wed, 06 May 2026 13:00:00 GMT https://www.infosecurity-magazine.com/news/iran-linked-apt-chaos-ransomware/ https://www.infosecurity-magazine.com/news/one-eight-workers-sold-corporate/ Cifas says that 13% of employees admit selling company credentials to a former colleague Wed, 06 May 2026 08:40:00 GMT https://www.infosecurity-magazine.com/news/one-eight-workers-sold-corporate/ https://www.infosecurity-magazine.com/news/microsoft-phishing-fake-compliance/ Microsoft researchers warn of a large-scale phishing campaign using fake compliance emails to steal credentials, targeting 35,000 users across 13,000 organizations worldwide Tue, 05 May 2026 16:00:00 GMT https://www.infosecurity-magazine.com/news/microsoft-phishing-fake-compliance/ https://www.infosecurity-magazine.com/news/scarcruft-birdcall-android-yanbian/ ESET warns that North Korean hackers compromised a Yanbian gaming site in a supply‑chain attack, trojanizing Windows and Android software to spy on users Tue, 05 May 2026 15:00:00 GMT https://www.infosecurity-magazine.com/news/scarcruft-birdcall-android-yanbian/ https://www.infosecurity-magazine.com/news/ssa-emails-venomous-helper-phishing/ Venomous#Helper attackers impersonate the US Social Security Administration to deploy signed RMM software and maintain persistent access across US networks Tue, 05 May 2026 14:00:00 GMT https://www.infosecurity-magazine.com/news/ssa-emails-venomous-helper-phishing/ https://www.infosecurity-magazine.com/news/ai-adoption-outpaces-safety-policy/ ISACA report warns that while AI has become the norm, many organizations are yet to formally apply safety or security policies around its use Tue, 05 May 2026 11:10:00 GMT https://www.infosecurity-magazine.com/news/ai-adoption-outpaces-safety-policy/ https://www.infosecurity-magazine.com/news/ncsc-warns-aifuelled-vulnerability/ The UK's National Cyber Security Centre is urging organizations to prepare for glut of new software updates Tue, 05 May 2026 09:40:00 GMT https://www.infosecurity-magazine.com/news/ncsc-warns-aifuelled-vulnerability/ https://www.infosecurity-magazine.com/news/trellix-reveals-unauthorized/ Security vendor Trellix has suffered a breach involving unauthorized access Tue, 05 May 2026 08:55:00 GMT https://www.infosecurity-magazine.com/news/trellix-reveals-unauthorized/ https://www.infosecurity-magazine.com/news/small-defense-firms-lack-network/ Team Cymru’s Stephen Campbell warned that small US defense contractors are not well prepared to face cyber intrusions through edge devices Mon, 04 May 2026 12:00:00 GMT https://www.infosecurity-magazine.com/news/small-defense-firms-lack-network/ https://www.infosecurity-magazine.com/news/openai-extend-cyber-program/ OpenAI announced its intention to expand the Trusted Access for Cyber program for cyber defenders at the federal, state and local government levels Mon, 04 May 2026 08:00:00 GMT https://www.infosecurity-magazine.com/news/openai-extend-cyber-program/ https://www.infosecurity-magazine.com/news/anthropic-claude-security-for-ai/ Claude Security enters public beta, giving enterprises AI driven code scanning with no API integration or custom agents required Fri, 01 May 2026 12:00:00 GMT https://www.infosecurity-magazine.com/news/anthropic-claude-security-for-ai/ https://www.infosecurity-magazine.com/news/cybersecurity-workers-jailed/ The cybersecurity workers used their knowledge and skills to conduct ransomware attacks for notorious gang, rather than protect victims against them Fri, 01 May 2026 11:30:00 GMT https://www.infosecurity-magazine.com/news/cybersecurity-workers-jailed/ https://www.infosecurity-magazine.com/news/zero-day-2017-linux-kernel/ A researcher from offensive security firm Theori has found a nine-year-old flaw in the Linux kernel with the help of AI Fri, 01 May 2026 10:45:00 GMT https://www.infosecurity-magazine.com/news/zero-day-2017-linux-kernel/ https://www.infosecurity-magazine.com/news/three-arrested-over-roblox-hacking/ Suspects accused of distributing malware and selling access to stolen Roblox accounts on Russian marketplaces Thu, 30 Apr 2026 16:00:00 GMT https://www.infosecurity-magazine.com/news/three-arrested-over-roblox-hacking/ https://www.infosecurity-magazine.com/news/deepdoor-python-backdoor-windows/ Deep#Door Python RAT uses tunneling and obfuscation to evade detection and steal credentials Thu, 30 Apr 2026 15:00:00 GMT https://www.infosecurity-magazine.com/news/deepdoor-python-backdoor-windows/ https://www.infosecurity-magazine.com/news/zero-trust-guidance-operational/ A new CISA‑led guide explains how zero‑trust security can be applied to operational technology, balancing cyber defence with safety and system availability Thu, 30 Apr 2026 14:00:00 GMT https://www.infosecurity-magazine.com/news/zero-trust-guidance-operational/ https://www.infosecurity-magazine.com/news/uk-education-sector-faces-surge-in/ The British public education sector has faced the nation’s most dramatic increase in cyber breach prevalence over the past year Thu, 30 Apr 2026 13:30:00 GMT https://www.infosecurity-magazine.com/news/uk-education-sector-faces-surge-in/ https://www.infosecurity-magazine.com/news/europol-albanian-scam-call-centers/ European police arrested 10 suspects after dismantling Albanian scam call centers linked to a €50m ($58m) online investment fraud operation Thu, 30 Apr 2026 10:00:00 GMT https://www.infosecurity-magazine.com/news/europol-albanian-scam-call-centers/ https://www.infosecurity-magazine.com/news/cyber-number-one-global-people/ Marsh’s 2026 People Risks survey finds cyber‑related challenges dominate, as cyber‑threat literacy tops risks and cyber and AI skills shortages rise Thu, 30 Apr 2026 09:10:00 GMT https://www.infosecurity-magazine.com/news/cyber-number-one-global-people/ https://www.infosecurity-magazine.com/news/cursor-extension-flaw-exposes-api/ Cursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerX Wed, 29 Apr 2026 15:00:00 GMT https://www.infosecurity-magazine.com/news/cursor-extension-flaw-exposes-api/ https://www.infosecurity-magazine.com/news/ai-npm-dependency-targets-crypto/ Researchers uncover a malicious npm dependency linked to an AI‑assisted code commit that steals sensitive data and exposes crypto wallets Wed, 29 Apr 2026 14:00:00 GMT https://www.infosecurity-magazine.com/news/ai-npm-dependency-targets-crypto/ https://www.infosecurity-magazine.com/news/29-billion-compromised-credentials/ KELA claims infostealers remained the primary access vector for attacks in 2025 Wed, 29 Apr 2026 13:00:00 GMT https://www.infosecurity-magazine.com/news/29-billion-compromised-credentials/ https://www.infosecurity-magazine.com/news/critical-flaw-vect-ransomware-data/ The Vect 2.0 ransomware wipes large files instead of merely encrypting them, making recovery impossible – even for the attackers Wed, 29 Apr 2026 10:45:00 GMT https://www.infosecurity-magazine.com/news/critical-flaw-vect-ransomware-data/ https://www.infosecurity-magazine.com/news/quarter-healthcare-medical-device/ RunSafe report reveals most attacks on medical devices disrupt patient care Wed, 29 Apr 2026 10:05:00 GMT https://www.infosecurity-magazine.com/news/quarter-healthcare-medical-device/ https://www.infosecurity-magazine.com/news/medtronic-data-breach-shinyhunters/ Medtronic confirms IT breach as ShinyHunters claims millions of records accesseda Tue, 28 Apr 2026 15:30:00 GMT https://www.infosecurity-magazine.com/news/medtronic-data-breach-shinyhunters/ https://www.infosecurity-magazine.com/news/ransomware-turf-war-0apt-krybit/ Ransomware groups 0APT and KryBit have doxxed each other online Tue, 28 Apr 2026 13:00:00 GMT https://www.infosecurity-magazine.com/news/ransomware-turf-war-0apt-krybit/ https://www.infosecurity-magazine.com/news/chinese-national-extradited-silk/ Extradition links alleged MSS-directed hacker to Silk Typhoon and COVID-19 espionage Tue, 28 Apr 2026 12:30:00 GMT https://www.infosecurity-magazine.com/news/chinese-national-extradited-silk/ https://www.infosecurity-magazine.com/news/no-metrics-better-bad-metrics-soc/ The National Cyber Security Centre has warned against measuring SOCs with ticket-based metrics Tue, 28 Apr 2026 08:30:00 GMT https://www.infosecurity-magazine.com/news/no-metrics-better-bad-metrics-soc/ https://www.infosecurity-magazine.com/news/bluenoroff-dprk-hackers-target/ Arctic Wolf attributed this large-scale spear-phishing campaign to BlueNoroff, a financially motivated subgroup of the Lazarus Group Tue, 28 Apr 2026 08:00:00 GMT https://www.infosecurity-magazine.com/news/bluenoroff-dprk-hackers-target/ https://www.infosecurity-magazine.com/news/us-sanctions-cambodian-scam-network/ US sanctions target Cambodian scam networks tied to crypto fraud and trafficking Mon, 27 Apr 2026 15:00:00 GMT https://www.infosecurity-magazine.com/news/us-sanctions-cambodian-scam-network/ https://www.infosecurity-magazine.com/news/utilities-tech-supplier-itron/ Itron confirmed a cyber incident but does not believe it is likely to have a material impact on the company Mon, 27 Apr 2026 14:00:00 GMT https://www.infosecurity-magazine.com/news/utilities-tech-supplier-itron/ https://www.infosecurity-magazine.com/news/browser-extensions-sell-user-data/ Dozens of browser extensions openly sell user data via privacy policy disclosures Mon, 27 Apr 2026 13:30:00 GMT https://www.infosecurity-magazine.com/news/browser-extensions-sell-user-data/ https://www.infosecurity-magazine.com/news/cybersecurity-pros-feel/ A new report by global technology recruitment firm, Harvey Nash, found that three quarters of cybersecurity staff are pessimistic on pay and half are looking for a new job Mon, 27 Apr 2026 11:40:00 GMT https://www.infosecurity-magazine.com/news/cybersecurity-pros-feel/ https://www.infosecurity-magazine.com/news/fast16-sabotage-malware-winds/ The “fast16” malware may have been used to target Iran’s nuclear program prior to Stuxnet Mon, 27 Apr 2026 09:10:00 GMT https://www.infosecurity-magazine.com/news/fast16-sabotage-malware-winds/ https://www.infosecurity-magazine.com/news/blackfile-group-targets-retail/ Researchers uncover a new data theft and extortion group dubbed “BlackFile” Mon, 27 Apr 2026 08:15:00 GMT https://www.infosecurity-magazine.com/news/blackfile-group-targets-retail/ https://www.infosecurity-magazine.com/news/uk-biobank-data-beach-health-data/ UK government Minister confirms that breached health records of UK Biobank volunteers were up for sale on Chinese ecommerce platforms before being removed Fri, 24 Apr 2026 13:25:00 GMT https://www.infosecurity-magazine.com/news/uk-biobank-data-beach-health-data/ https://www.infosecurity-magazine.com/news/ai-old-cybersecurity-mistakes/ AI tools are not just creating new vulnerabilities, they are reviving old security failures, warned Jurgen Kutscher, VP of Mandiant Consulting Fri, 24 Apr 2026 12:10:00 GMT https://www.infosecurity-magazine.com/news/ai-old-cybersecurity-mistakes/ https://www.infosecurity-magazine.com/news/npm-supply-chain-worm-canister/ Malicious npm packages spread via worm-like propagation and steal developer credentials Fri, 24 Apr 2026 08:10:00 GMT https://www.infosecurity-magazine.com/news/npm-supply-chain-worm-canister/ https://www.infosecurity-magazine.com/news/google-gemini-over-cyber-specific/ Google Cloud’s COO advocated for combining general-purpose frontier large language models with task-specific AI agents Thu, 23 Apr 2026 16:40:00 GMT https://www.infosecurity-magazine.com/news/google-gemini-over-cyber-specific/ https://www.infosecurity-magazine.com/news/apple-ios-notification-bug-deleted/ Apple patches iOS flaw that retained deleted notifications, exposing message data Thu, 23 Apr 2026 13:00:00 GMT https://www.infosecurity-magazine.com/news/apple-ios-notification-bug-deleted/ https://www.infosecurity-magazine.com/news/google-ai-agent-identities-gemini/ Google Cloud will attribute a unique cryptographic ID every AI agent that will be tied to “traceable and auditable” authorization policies Thu, 23 Apr 2026 12:00:00 GMT https://www.infosecurity-magazine.com/news/google-ai-agent-identities-gemini/ https://www.infosecurity-magazine.com/news/cyberattacks-surge-63-annually/ Quorum Cyber report finds higher and further education institutions experienced 63% increase in attacks over a year Thu, 23 Apr 2026 10:30:00 GMT https://www.infosecurity-magazine.com/news/cyberattacks-surge-63-annually/ https://www.infosecurity-magazine.com/news/researchers-10-wild-indirect/ Forcepoint has found 10 new indirect prompt injection attacks targeting AI agents Thu, 23 Apr 2026 09:30:00 GMT https://www.infosecurity-magazine.com/news/researchers-10-wild-indirect/ https://www.infosecurity-magazine.com/news/ncsc-backs-passkeys-new-era-of/ The UK’s NCSC has fully backed passkeys as consumers’ first choice for login, citing progress with FIDO and successful use across the NHS Thu, 23 Apr 2026 08:45:00 GMT https://www.infosecurity-magazine.com/news/ncsc-backs-passkeys-new-era-of/ https://www.infosecurity-magazine.com/news/macos-lotl-techniques-enterprise/ macOS LOTL techniques bypass detection using native tools and metadata abuse Wed, 22 Apr 2026 16:30:00 GMT https://www.infosecurity-magazine.com/news/macos-lotl-techniques-enterprise/ https://www.infosecurity-magazine.com/news/ncsc-silentglass-a-plugin-stop/ The UK’s cybersecurity agency said the devices will be available for purchase by organizations around the world Wed, 22 Apr 2026 15:00:00 GMT https://www.infosecurity-magazine.com/news/ncsc-silentglass-a-plugin-stop/ https://www.infosecurity-magazine.com/news/uk-pledges-90m-for-cybersecurity/ UK unveils £90m cybersecurity funding at CYBERUK to boost SME resilience, promote Cyber Essentials and a new Cyber Resilience Pledge, sparking industry debate Wed, 22 Apr 2026 14:10:00 GMT https://www.infosecurity-magazine.com/news/uk-pledges-90m-for-cybersecurity/ https://www.infosecurity-magazine.com/news/silent-subject-phishing-campaigns/ Null subject phishing campaigns bypass filters and target VIPs with QR code and RMM abuse Wed, 22 Apr 2026 13:00:00 GMT https://www.infosecurity-magazine.com/news/silent-subject-phishing-campaigns/ https://www.infosecurity-magazine.com/news/former-ransomware-negotiator/ A former ransomware negotiator has pleaded guilty to abusing his position by working with noted cybercrime group BlackCat Wed, 22 Apr 2026 11:00:00 GMT https://www.infosecurity-magazine.com/news/former-ransomware-negotiator/ https://www.infosecurity-magazine.com/news/researchers-proxysmart-software-90/ Infrawatch says ProxySmart platform enables SIM farm activity at “industrial scale” Wed, 22 Apr 2026 10:00:00 GMT https://www.infosecurity-magazine.com/news/researchers-proxysmart-software-90/ https://www.infosecurity-magazine.com/news/uk-faces-a-cyber-perfect-storm-ncsc/ The convergence of global tensions and rapid technological change is driving a new era of cyber risk, the NCSC warns Wed, 22 Apr 2026 08:07:00 GMT https://www.infosecurity-magazine.com/news/uk-faces-a-cyber-perfect-storm-ncsc/ https://www.infosecurity-magazine.com/news/trojanized-android-handle-nfc/ NGate malware abuses HandyPay app to steal NFC card data and PINs in Brazil Tue, 21 Apr 2026 16:00:00 GMT https://www.infosecurity-magazine.com/news/trojanized-android-handle-nfc/ https://www.infosecurity-magazine.com/news/gentlemen-ransomware-rapid/ Gentlemen RaaS expands quickly with multi-platform attacks and SystemBC-linked infections Tue, 21 Apr 2026 14:00:00 GMT https://www.infosecurity-magazine.com/news/gentlemen-ransomware-rapid/ https://www.infosecurity-magazine.com/news/unchecked-ai-agents-cause/ Data exposure, operational disruption and financial losses among issues faced by businesses struggling with the rapid rise of AI agents, warns Cloud Security Alliance report Tue, 21 Apr 2026 13:00:00 GMT https://www.infosecurity-magazine.com/news/unchecked-ai-agents-cause/ https://www.infosecurity-magazine.com/news/vercel-cyber-incident-threat-actor/ Cloud app developer Vercel appears to have suffered a security breach Tue, 21 Apr 2026 09:10:00 GMT https://www.infosecurity-magazine.com/news/vercel-cyber-incident-threat-actor/ https://www.infosecurity-magazine.com/news/north-korean-blamed-290m-kelpdao/ North Korea’s Lazarus Group is pegged for a $290m crypto theft at KelpDAO Tue, 21 Apr 2026 08:30:00 GMT https://www.infosecurity-magazine.com/news/north-korean-blamed-290m-kelpdao/ https://www.infosecurity-magazine.com/news/zionsiphon-malware-water/ ZionSiphon malware targets OT water systems with sabotage and ICS scanning capabilities Mon, 20 Apr 2026 16:00:00 GMT https://www.infosecurity-magazine.com/news/zionsiphon-malware-water/ https://www.infosecurity-magazine.com/news/formbook-malware-multiple/ Formbook attacks use combination of DLL Side-Loading and Obfuscated JavaScript to stay hidden, researchers at WatchGuard have uncovered Mon, 20 Apr 2026 15:01:00 GMT https://www.infosecurity-magazine.com/news/formbook-malware-multiple/ https://www.infosecurity-magazine.com/news/mirai-variant-dvr-flaw-iot-botnet/ FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices Mon, 20 Apr 2026 13:01:00 GMT https://www.infosecurity-magazine.com/news/mirai-variant-dvr-flaw-iot-botnet/ https://www.infosecurity-magazine.com/news/ncsc-plan-boost-nhs-cyber/ The National Cyber Security Centre has shared an update of its resilience-building efforts for the NHS Mon, 20 Apr 2026 09:30:00 GMT https://www.infosecurity-magazine.com/news/ncsc-plan-boost-nhs-cyber/ https://www.infosecurity-magazine.com/news/crypto-exchange-grinex-western/ Russian crypto-exchange Grinex claims Western intelligence agencies were behind a $13m heist Mon, 20 Apr 2026 09:00:00 GMT https://www.infosecurity-magazine.com/news/crypto-exchange-grinex-western/ https://www.infosecurity-magazine.com/news/ai-models-rapid-gains/ AI models are making rapid gains in vulnerability research and exploit development, raising new cybersecurity risks, a Forescout study finds Fri, 17 Apr 2026 13:20:00 GMT https://www.infosecurity-magazine.com/news/ai-models-rapid-gains/ https://www.infosecurity-magazine.com/news/ddos-services-hit-by-police/ Coordinated action by FBI, Europol and others seizes infrastructure, makes arrests – and sends warning letters to known DDoS service users Fri, 17 Apr 2026 11:30:00 GMT https://www.infosecurity-magazine.com/news/ddos-services-hit-by-police/ https://www.infosecurity-magazine.com/news/us-nationals-jailed-north-korea/ US authorities jail two Americans for aiding North Korean laptop farm scams that infiltrated over 100 firms Thu, 16 Apr 2026 16:00:00 GMT https://www.infosecurity-magazine.com/news/us-nationals-jailed-north-korea/ https://www.infosecurity-magazine.com/news/apk-malformation-android-malware/ APK malformation tactic now appears in over 3000 Android malware samples evading static analysis Thu, 16 Apr 2026 15:45:00 GMT https://www.infosecurity-magazine.com/news/apk-malformation-android-malware/ https://www.infosecurity-magazine.com/news/cookeville-medical-center-data/ Tennessee's CRMC notifies over 337,000 patients of Rhysida ransomware breach exposing sensitive data Thu, 16 Apr 2026 15:01:00 GMT https://www.infosecurity-magazine.com/news/cookeville-medical-center-data/ https://www.infosecurity-magazine.com/news/nvd-enrichment-premarch-2026/ NIST’s National Vulnerability Database will now prioritize enriching new and exploited flaws to address the record growth of reported CVEs Thu, 16 Apr 2026 12:43:00 GMT https://www.infosecurity-magazine.com/news/nvd-enrichment-premarch-2026/ https://www.infosecurity-magazine.com/news/systemic-flaw-mcp-expose-150/ Ox Security claims as many as 200,000 servers are exposed by newly discovered MCP vulnerability Thu, 16 Apr 2026 09:40:00 GMT https://www.infosecurity-magazine.com/news/systemic-flaw-mcp-expose-150/ https://www.infosecurity-magazine.com/news/automotive-ransomware-attacks/ Halcyon says ransomware now accounts for more than two-fifths of cyber-attacks targeting carmakers Thu, 16 Apr 2026 08:35:00 GMT https://www.infosecurity-magazine.com/news/automotive-ransomware-attacks/ https://www.infosecurity-magazine.com/news/openai-unveils-gpt-54-cyber-defense/ OpenAI’s new frontier model focused on cybersecurity comes following Anthropic’s launch of Claude Mythos Preview and Project Glasswing Wed, 15 Apr 2026 16:00:00 GMT https://www.infosecurity-magazine.com/news/openai-unveils-gpt-54-cyber-defense/ https://www.infosecurity-magazine.com/news/enisa-europe-seeks-top-level-root/ The EU cybersecurity agency looks to become the third Top-Level Root CVE Numbering Authority, alongside CISA and MITRE Wed, 15 Apr 2026 15:31:00 GMT https://www.infosecurity-magazine.com/news/enisa-europe-seeks-top-level-root/ https://www.infosecurity-magazine.com/news/dragon-boss-adware-disables/ Huntress uncovers adware deploying AV-killing payloads via signed updates across 23,000 endpoints Wed, 15 Apr 2026 14:40:00 GMT https://www.infosecurity-magazine.com/news/dragon-boss-adware-disables/ https://www.infosecurity-magazine.com/news/nginx-ui-mcp-flaw-actively/ Critical nginx-ui MCP authentication bypass CVE-2026-33032 actively exploited with CVSS 9.8 Wed, 15 Apr 2026 13:00:00 GMT https://www.infosecurity-magazine.com/news/nginx-ui-mcp-flaw-actively/ https://www.infosecurity-magazine.com/news/ai-companies-to-play-bigger-role/ At VulnCon, Lindsey Cerkovnik, head of vulnerability management at CISA, said AI companies should play a bigger role in vulnerability disclosures in the future Wed, 15 Apr 2026 10:30:00 GMT https://www.infosecurity-magazine.com/news/ai-companies-to-play-bigger-role/ https://www.infosecurity-magazine.com/news/researchers-surge-bruteforce/ Barracuda says 88% of brute-force attempts in Q1 were from the region Wed, 15 Apr 2026 09:45:00 GMT https://www.infosecurity-magazine.com/news/researchers-surge-bruteforce/ https://www.infosecurity-magazine.com/news/microsoft-two-zerodays-april-patch/ Microsoft has patched two zero-day flaws and over 160 others Wed, 15 Apr 2026 09:10:00 GMT https://www.infosecurity-magazine.com/news/microsoft-two-zerodays-april-patch/ https://www.infosecurity-magazine.com/news/cisos-innovate-talent-retention/ A new IANS report claims just 34% of cybersecurity professionals plan to stay put in the next 12 months Tue, 14 Apr 2026 13:00:00 GMT https://www.infosecurity-magazine.com/news/cisos-innovate-talent-retention/ https://www.infosecurity-magazine.com/news/triad-nexus-expands-fraud/ Triad Nexus scales $200m scams, uses infrastructure laundering, localized fraud and US-access blocks Tue, 14 Apr 2026 12:00:00 GMT https://www.infosecurity-magazine.com/news/triad-nexus-expands-fraud/ https://www.infosecurity-magazine.com/news/chrome-extensions-expose-user-data/ 108 malicious Chrome extensions steal sessions, Google data, inject ads via single C2 infrastructure Tue, 14 Apr 2026 11:30:00 GMT https://www.infosecurity-magazine.com/news/chrome-extensions-expose-user-data/ https://www.infosecurity-magazine.com/news/ai-security-institute-best/ The AISI has issued its judgement on Anthropic’s Mythos Preview model Tue, 14 Apr 2026 09:30:00 GMT https://www.infosecurity-magazine.com/news/ai-security-institute-best/ https://www.infosecurity-magazine.com/news/mailbox-rule-abuse-stealthy-post/ Attackers are abusing Microsoft 365 mailbox rules to hide activity, exfiltrate data and retain access after account compromise, researchers warn Mon, 13 Apr 2026 15:00:00 GMT https://www.infosecurity-magazine.com/news/mailbox-rule-abuse-stealthy-post/ https://www.infosecurity-magazine.com/news/mirax-trojan-devices-proxy-nodes/ Security researchers warn of Mirax, an emerging Android banking trojan using MaaS, remote access and residential proxies to target European users Mon, 13 Apr 2026 14:30:00 GMT https://www.infosecurity-magazine.com/news/mirax-trojan-devices-proxy-nodes/ https://www.infosecurity-magazine.com/news/fbi-dismantles-phishing-operation/ The W3LL phishing kit has been associated with fraud attempts totaling $20m Mon, 13 Apr 2026 10:35:00 GMT https://www.infosecurity-magazine.com/news/fbi-dismantles-phishing-operation/ https://www.infosecurity-magazine.com/news/associate-cyber-professional-title/ The UK Cyber Security Council has unveiled a new Associate Cyber Security Professional title aimed at supporting early‑career cybersecurity professionals Mon, 13 Apr 2026 09:15:00 GMT https://www.infosecurity-magazine.com/news/associate-cyber-professional-title/ https://www.infosecurity-magazine.com/news/operation-atlantic-seizes-12m/ UK, US and Canadian authorities have identified over 20,000 victims of approval phishing scams that trick users into handing over full crypto wallet access Mon, 13 Apr 2026 08:00:00 GMT https://www.infosecurity-magazine.com/news/operation-atlantic-seizes-12m/ https://www.infosecurity-magazine.com/news/three-ransomware-gangs-40-percent/ Qilin, Akira and Dragonforce were responsible for 40% of 672 ransomware incidents reported in March, says Check Point Fri, 10 Apr 2026 12:00:00 GMT https://www.infosecurity-magazine.com/news/three-ransomware-gangs-40-percent/ https://www.infosecurity-magazine.com/news/google-chrome-protection/ Chrome’s Device Bound Session Credentials is designed to block infostealers from harvesting session cookie Fri, 10 Apr 2026 11:25:00 GMT https://www.infosecurity-magazine.com/news/google-chrome-protection/ https://www.infosecurity-magazine.com/news/stx-rat-targets-finance-sector/ STX RAT, a newly identified remote access trojan, attempted deployment in finance, showing advanced C2 and stealthy delivery methods Thu, 09 Apr 2026 15:00:00 GMT https://www.infosecurity-magazine.com/news/stx-rat-targets-finance-sector/ https://www.infosecurity-magazine.com/news/bitcoin-depot-dollar36m-crypto/ Bitcoin Depot has disclosed a cyber-attack that led to the theft of more than 50 Bitcoin, worth $3.66m, after hackers accessed its internal systems Thu, 09 Apr 2026 14:01:00 GMT https://www.infosecurity-magazine.com/news/bitcoin-depot-dollar36m-crypto/ https://www.infosecurity-magazine.com/news/atomic-stealer-macos-clickfix/ macOS 26.4 update introduced security warnings into Terminal to prevent ClickFix attacks, so attackers have shifted to Script Editor instead Thu, 09 Apr 2026 11:20:00 GMT https://www.infosecurity-magazine.com/news/atomic-stealer-macos-clickfix/ https://www.infosecurity-magazine.com/news/middle-east-hack-operation-bitter/ A spear-phishing campaign which spread across the Middle East between 2023 and 2024 has now been linked to Bitter APT group Thu, 09 Apr 2026 10:45:00 GMT https://www.infosecurity-magazine.com/news/middle-east-hack-operation-bitter/ https://www.infosecurity-magazine.com/news/governance-gaps-agents-76-increase/ SANS Institute reveals that AI agents are behind a 76% surge in non-human identities Thu, 09 Apr 2026 10:00:00 GMT https://www.infosecurity-magazine.com/news/governance-gaps-agents-76-increase/ https://www.infosecurity-magazine.com/news/google-warns-group-targeting-bpos/ Google’s threat intel team warns UNC6783, a new extortion group possibly linked to the “Raccoon” persona, is targeting BPOs and enterprises Thu, 09 Apr 2026 08:35:00 GMT https://www.infosecurity-magazine.com/news/google-warns-group-targeting-bpos/ https://www.infosecurity-magazine.com/news/google-api-keys-access-gemini/ Google API key flaw exposes mobile apps to Gemini AI access, private files and billing risks Wed, 08 Apr 2026 16:00:00 GMT https://www.infosecurity-magazine.com/news/google-api-keys-access-gemini/ https://www.infosecurity-magazine.com/news/flaw-ninja-forms-wordpress/ Ninja Forms File Upload RCE via unauthenticated arbitrary file upload; update to 3.3.27 immediately Wed, 08 Apr 2026 15:10:00 GMT https://www.infosecurity-magazine.com/news/flaw-ninja-forms-wordpress/ https://www.infosecurity-magazine.com/news/anthropic-launch-project-glasswing/ Anthropic launches Project Glasswing, using its Claude Mythos Preview AI to autonomously identify and fix undiscovered vulnerabilities in critical software Wed, 08 Apr 2026 11:30:00 GMT https://www.infosecurity-magazine.com/news/anthropic-launch-project-glasswing/ https://www.infosecurity-magazine.com/news/us-thwarts-dns-hijacking-network/ The FBI deployed a method to unplug US-based routers compromised by APT28 from the threat actor’s malicious network Wed, 08 Apr 2026 10:03:00 GMT https://www.infosecurity-magazine.com/news/us-thwarts-dns-hijacking-network/ https://www.infosecurity-magazine.com/news/claude-apache-activemq-bug-hidden/ Anthropic’s Claude AI has helped researchers find a vulnerability in Apache ActiveMQ Classic Wed, 08 Apr 2026 09:15:00 GMT https://www.infosecurity-magazine.com/news/claude-apache-activemq-bug-hidden/ https://www.infosecurity-magazine.com/news/iranbacked-hackers-cni-ot-assets/ CISA has revealed Iranian attacks causing disruption and financial loss at US critical infrastructure firms Wed, 08 Apr 2026 08:15:00 GMT https://www.infosecurity-magazine.com/news/iranbacked-hackers-cni-ot-assets/ https://www.infosecurity-magazine.com/news/russia-apt28-hijack-routers-uk-ncsc/ Newly identified malicious campaigns are linked to virtual private servers modified by APT28 to operate as malicious DNS servers Tue, 07 Apr 2026 15:30:00 GMT https://www.infosecurity-magazine.com/news/russia-apt28-hijack-routers-uk-ncsc/ https://www.infosecurity-magazine.com/news/gpu-based-rowhammer-attack/ GPUBreach uses GPU Rowhammer on GDDR6 to flip bits, corrupt page tables and escalate to system root Tue, 07 Apr 2026 15:05:00 GMT https://www.infosecurity-magazine.com/news/gpu-based-rowhammer-attack/ https://www.infosecurity-magazine.com/news/grafanaghost-silent-data/ GrafanaGhost chains AI prompt injection and URL flaws to exfiltrate sensitive Grafana data Tue, 07 Apr 2026 14:00:00 GMT https://www.infosecurity-magazine.com/news/grafanaghost-silent-data/ https://www.infosecurity-magazine.com/news/17bn-lost-to-cyber-fraud-warns-fbi/ Cryptocurrency scams alone cost victims over $7 billion, while AI-enabled fraud threats are on the rise, says FBI Tue, 07 Apr 2026 12:00:00 GMT https://www.infosecurity-magazine.com/news/17bn-lost-to-cyber-fraud-warns-fbi/ https://www.infosecurity-magazine.com/news/storm1175-medusa-attacks/ Microsoft has released a new report about the Storm-1175 group and its connection to Medusa ransomware Tue, 07 Apr 2026 10:02:00 GMT https://www.infosecurity-magazine.com/news/storm1175-medusa-attacks/ https://www.infosecurity-magazine.com/news/fortinet-emergency-patch-ems-bug/ Fortinet has updated its FortiClient EMS product after zero-day attacks surfaced Tue, 07 Apr 2026 09:26:00 GMT https://www.infosecurity-magazine.com/news/fortinet-emergency-patch-ems-bug/ https://www.infosecurity-magazine.com/news/new-phishing-platform-credential/ A large-scale credential theft campaign targeting senior executives has been linked to a previously unknown automated phishing platform called Venom Fri, 03 Apr 2026 08:00:00 GMT https://www.infosecurity-magazine.com/news/new-phishing-platform-credential/ https://www.infosecurity-magazine.com/news/storm-infostealer-remotely/ This modern infostealer adopted server-side decryption of stolen credentials to bypass security controls Thu, 02 Apr 2026 15:00:00 GMT https://www.infosecurity-magazine.com/news/storm-infostealer-remotely/ https://www.infosecurity-magazine.com/news/ncsc-alert-hackers-whatsapp-signal/ The UK’s cybersecurity agency offered advice to “high-risk’ individuals” on how to protect against social engineering and cyber-attacks Thu, 02 Apr 2026 14:15:00 GMT https://www.infosecurity-magazine.com/news/ncsc-alert-hackers-whatsapp-signal/ https://www.infosecurity-magazine.com/news/apple-ios-18-updates-darksword/ iOS/iPadOS 18.7.7 updates expanded to protect older devices from DarkSword web exploit kit Thu, 02 Apr 2026 13:30:00 GMT https://www.infosecurity-magazine.com/news/apple-ios-18-updates-darksword/ https://www.infosecurity-magazine.com/news/researchers-subonehour-ransomware/ Halcyon says Akira is now capable of carrying out an entire ransomware attack in less than an hour Thu, 02 Apr 2026 13:00:00 GMT https://www.infosecurity-magazine.com/news/researchers-subonehour-ransomware/ https://www.infosecurity-magazine.com/news/github-covert-multi-stage-malware/ LNK files use GitHub C2, embedded decoders and PowerShell for persistence and data exfiltration Thu, 02 Apr 2026 13:00:00 GMT https://www.infosecurity-magazine.com/news/github-covert-multi-stage-malware/ https://www.infosecurity-magazine.com/news/most-cni-firms-5m-downtime-ot/ E2e-assure says 80% of critical infrastructure providers could face millions in downtime from cyber-attacks Thu, 02 Apr 2026 08:30:00 GMT https://www.infosecurity-magazine.com/news/most-cni-firms-5m-downtime-ot/ https://www.infosecurity-magazine.com/news/google-android-dev-verification/ Android requires dev identity verification for sideloaded apps; phased global rollout from September Wed, 01 Apr 2026 15:00:00 GMT https://www.infosecurity-magazine.com/news/google-android-dev-verification/ https://www.infosecurity-magazine.com/news/venom-stealer-maas-automates-data/ Venom Stealer malware-as-a-service automates ClickFix social engineering, credential and crypto exfiltration Wed, 01 Apr 2026 13:30:00 GMT https://www.infosecurity-magazine.com/news/venom-stealer-maas-automates-data/ https://www.infosecurity-magazine.com/news/china-hackers-ta416-europe/ Chinese state-backed group TA416 had suspended its cyber espionage operations in Europe since 2023, noted Proofpoint Wed, 01 Apr 2026 12:05:00 GMT https://www.infosecurity-magazine.com/news/china-hackers-ta416-europe/ https://www.infosecurity-magazine.com/news/eight-10-uk-manufacturers-hit/ Most UK manufacturers compromised last year suffered financial loss, says ESET Wed, 01 Apr 2026 09:30:00 GMT https://www.infosecurity-magazine.com/news/eight-10-uk-manufacturers-hit/ https://www.infosecurity-magazine.com/news/hackers-hijack-axios-npm-package/ Threat actors hijacked the popular npm package axios to spread RAT malware after compromising an open‑source maintainer’s account, researchers warn Wed, 01 Apr 2026 09:00:00 GMT https://www.infosecurity-magazine.com/news/hackers-hijack-axios-npm-package/ https://www.infosecurity-magazine.com/news/man-charged-uranium-crypto-hack/ Maryland man accused of $53m Uranium Finance hack, exploited smart contract flaws, laundered funds Tue, 31 Mar 2026 15:30:00 GMT https://www.infosecurity-magazine.com/news/man-charged-uranium-crypto-hack/ https://www.infosecurity-magazine.com/news/phantom-project-infostealer-nov-25/ Phantom Stealer .NET harvests browser credentials, cookies, cards, sessions, as stealer-as-a-service Tue, 31 Mar 2026 14:00:00 GMT https://www.infosecurity-magazine.com/news/phantom-project-infostealer-nov-25/ https://www.infosecurity-magazine.com/news/chatgpt-security-issue-steal-data/ OpenAI has patched vulnerability, which Check Point said was because of a DNS loophole Tue, 31 Mar 2026 13:01:00 GMT https://www.infosecurity-magazine.com/news/chatgpt-security-issue-steal-data/ https://www.infosecurity-magazine.com/news/teampcp-exploit-stolen-supply/ TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ and Vect ransomware gangs Tue, 31 Mar 2026 12:15:00 GMT https://www.infosecurity-magazine.com/news/teampcp-exploit-stolen-supply/ https://www.infosecurity-magazine.com/news/employee-data-breaches-surge/ Analysis from law firm Nockolds suggests non-cyber incidents are driving up employee data breaches Tue, 31 Mar 2026 10:01:00 GMT https://www.infosecurity-magazine.com/news/employee-data-breaches-surge/ https://www.infosecurity-magazine.com/news/ncsc-urges-immediate-patching-f5/ The National Cyber Security Centre wants UK firms to patch CVE-2025-53521 Tue, 31 Mar 2026 08:45:00 GMT https://www.infosecurity-magazine.com/news/ncsc-urges-immediate-patching-f5/ https://www.infosecurity-magazine.com/news/tax-season-new-phishing-tactics/ Tax-season phishing floods deliver RMM malware, credential theft, BEC and tax-form scams Mon, 30 Mar 2026 15:00:00 GMT https://www.infosecurity-magazine.com/news/tax-season-new-phishing-tactics/ https://www.infosecurity-magazine.com/news/lloyds-glitch-exposed-500000/ Lloyds app glitch exposed up to 447,936 customers’ transactions and personal data during update Mon, 30 Mar 2026 14:00:00 GMT https://www.infosecurity-magazine.com/news/lloyds-glitch-exposed-500000/ https://www.infosecurity-magazine.com/news/deepload-malware-clickfix-ai-code/ Researchers at ReliaQuest warn of persistent malware campaign targeting enterprise credentials Mon, 30 Mar 2026 12:00:00 GMT https://www.infosecurity-magazine.com/news/deepload-malware-clickfix-ai-code/ https://www.infosecurity-magazine.com/news/critical-citrix-netscaler/ Researchers from watchTowr and Defused have found evidence that attackers are actively exploiting CVE-2026-3055, a critical NetScaler vulnerability Mon, 30 Mar 2026 10:45:00 GMT https://www.infosecurity-magazine.com/news/critical-citrix-netscaler/ https://www.infosecurity-magazine.com/news/ico-fines-uk-nuisance-call/ The UK Information Commissioner’s Office has handed a £100,000 fine to Birmingham-based TMAC Mon, 30 Mar 2026 09:30:00 GMT https://www.infosecurity-magazine.com/news/ico-fines-uk-nuisance-call/ https://www.infosecurity-magazine.com/news/european-commission-cloud-data/ The European Commission has revealed details of a data breach impacting its AWS infrastructure Mon, 30 Mar 2026 08:15:00 GMT https://www.infosecurity-magazine.com/news/european-commission-cloud-data/ https://www.infosecurity-magazine.com/news/phishing-targets-tiktok-for/ Push Security has uncovered a new AiTM phishing campaign targeting TikTok for Business accounts using Google and TikTok themed login pages Fri, 27 Mar 2026 16:01:00 GMT https://www.infosecurity-magazine.com/news/phishing-targets-tiktok-for/ https://www.infosecurity-magazine.com/news/teampcp-targets-telnyx-pypi-package/ Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware Fri, 27 Mar 2026 15:06:00 GMT https://www.infosecurity-magazine.com/news/teampcp-targets-telnyx-pypi-package/ https://www.infosecurity-magazine.com/news/quantum-encryption-q-day-closer/ ‘Q-Day’ and the cybersecurity problems it brings could come as early as 2029 as Google accelerates its post-quantum cryptography migration Fri, 27 Mar 2026 12:30:00 GMT https://www.infosecurity-magazine.com/news/quantum-encryption-q-day-closer/ https://www.infosecurity-magazine.com/news/uk-sanction-chinese-crypto/ The UK government has sanctioned Xinbi, described as “the second-largest illicit online marketplace ever” Fri, 27 Mar 2026 12:00:00 GMT https://www.infosecurity-magazine.com/news/uk-sanction-chinese-crypto/ https://www.infosecurity-magazine.com/news/ai-generated-code-vulnerabilities/ Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by AI-generated code Thu, 26 Mar 2026 16:40:00 GMT https://www.infosecurity-magazine.com/news/ai-generated-code-vulnerabilities/ https://www.infosecurity-magazine.com/news/critical-oracle-weblogic-rce/ Attackers rapidly exploited a critical Oracle WebLogic RCE flaw the same day exploit code was released, according to a CloudSEK honeypot study Thu, 26 Mar 2026 16:00:00 GMT https://www.infosecurity-magazine.com/news/critical-oracle-weblogic-rce/ https://www.infosecurity-magazine.com/news/etherrat-bypass-security-ethereum/ EtherRAT hides C2 in Ethereum smart contracts via EtherHiding, steals wallets and credentials Thu, 26 Mar 2026 15:00:00 GMT https://www.infosecurity-magazine.com/news/etherrat-bypass-security-ethereum/ https://www.infosecurity-magazine.com/news/ai-top-cyber-priority-defenders-pwc/ PwC Annual Threat Dynamics report says AI-threats are the biggest concern of clients Thu, 26 Mar 2026 13:15:00 GMT https://www.infosecurity-magazine.com/news/ai-top-cyber-priority-defenders-pwc/ https://www.infosecurity-magazine.com/news/openai-bug-bounty-ai-abuse-safety/ OpenAI’s Safety Bug Bounty program seeks to address AI safety vulnerabilities beyond traditional security flaws Thu, 26 Mar 2026 12:20:00 GMT https://www.infosecurity-magazine.com/news/openai-bug-bounty-ai-abuse-safety/ https://www.infosecurity-magazine.com/news/iranlinked-pay2key-ransomware/ Halcyon and Beazley Security track the return of Iranian ransomware group Pay2Key Thu, 26 Mar 2026 10:45:00 GMT https://www.infosecurity-magazine.com/news/iranlinked-pay2key-ransomware/ https://www.infosecurity-magazine.com/news/invoice-fraud-uk-construction/ The National Crime Agency has warned construction firms about surging invoice fraud Thu, 26 Mar 2026 10:07:00 GMT https://www.infosecurity-magazine.com/news/invoice-fraud-uk-construction/ https://www.infosecurity-magazine.com/news/cloud-phones-financial-fraud/ Cloud Android phones fuel financial fraud, evading detection and enabling dropper accounts Wed, 25 Mar 2026 16:05:00 GMT https://www.infosecurity-magazine.com/news/cloud-phones-financial-fraud/ https://www.infosecurity-magazine.com/news/hackers-exploit-id-industrial-scale/ Cybersecurity company’s annual report issues warning over a “mass-marketed impersonation crisis” over attackers abusing legitimate credentials Wed, 25 Mar 2026 15:30:00 GMT https://www.infosecurity-magazine.com/news/hackers-exploit-id-industrial-scale/ https://www.infosecurity-magazine.com/news/us-fcc-bans-foreign-made-routers/ The US Federal Communications Commission has placed all “consumer-grade” internet routers produced outside the US on its “covered list” Wed, 25 Mar 2026 12:30:00 GMT https://www.infosecurity-magazine.com/news/us-fcc-bans-foreign-made-routers/ https://www.infosecurity-magazine.com/news/teampcp-litellm-pypi-supply-chain/ Python package LiteLLM compromised with credential-stealing malware linked to TeamPCP threat group Wed, 25 Mar 2026 12:00:00 GMT https://www.infosecurity-magazine.com/news/teampcp-litellm-pypi-supply-chain/ https://www.infosecurity-magazine.com/news/experts-prompt-poaching-browser/ Expel has warned of malicious Chrome extensions stealing users’ AI conversations Wed, 25 Mar 2026 11:00:00 GMT https://www.infosecurity-magazine.com/news/experts-prompt-poaching-browser/ https://www.infosecurity-magazine.com/news/police-fraud-crackdown-leads-to/ UK police trumpet success of Operation Henhouse as they seize and freeze over £27m in suspected fraud proceeds Wed, 25 Mar 2026 09:35:00 GMT https://www.infosecurity-magazine.com/news/police-fraud-crackdown-leads-to/ https://www.infosecurity-magazine.com/news/rsac-uk-ncsc-urges-vibe-coding/ The head of the UK’s NCSC is calling the cybersecurity industry to “seize the disruptive vibe coding opportunity” to make software more secure Tue, 24 Mar 2026 21:00:00 GMT https://www.infosecurity-magazine.com/news/rsac-uk-ncsc-urges-vibe-coding/ https://www.infosecurity-magazine.com/news/silver-fox-cyber-dual-espionage/ Silver Fox pivots from ValleyRAT tax lures to WhatsApp‑style stealers, blending espionage & phishing Tue, 24 Mar 2026 16:00:00 GMT https://www.infosecurity-magazine.com/news/silver-fox-cyber-dual-espionage/ https://www.infosecurity-magazine.com/news/citrix-patch-netscaler/ A critical vulnerability in Citrix’s NetScaler products allows unauthenticated remote attackers to leak information from the appliance's memory Tue, 24 Mar 2026 15:15:00 GMT https://www.infosecurity-magazine.com/news/citrix-patch-netscaler/ https://www.infosecurity-magazine.com/news/npm-ghost-campaign-fake-install/ Ghost npm campaign fakes install logs to steal sudo passwords and drop RATs that loot crypto and data Tue, 24 Mar 2026 14:30:00 GMT https://www.infosecurity-magazine.com/news/npm-ghost-campaign-fake-install/ https://www.infosecurity-magazine.com/news/foreign-minister-kuleba/ Geopolitics and cyber warfare take center stage at Infosecurity Europe as Dmytro Kuleba discusses Ukraine’s hybrid war experience Tue, 24 Mar 2026 14:00:00 GMT https://www.infosecurity-magazine.com/news/foreign-minister-kuleba/ https://www.infosecurity-magazine.com/news/cybersecurity-software-failure-20/ Poor patch management, increasingly complex IT environments and continued use of obsolete software puts organizations at risk from cyber threats, says the Absolute Security 2026 Resilience Risk Index Tue, 24 Mar 2026 13:15:00 GMT https://www.infosecurity-magazine.com/news/cybersecurity-software-failure-20/ https://www.infosecurity-magazine.com/news/russian-initial-access-broker/ Russian cybercriminal Aleksei Volkov has received close to seven years behind bars for role in Yanluowang ransomware Tue, 24 Mar 2026 10:32:00 GMT https://www.infosecurity-magazine.com/news/russian-initial-access-broker/ https://www.infosecurity-magazine.com/news/handala-group-iranian-hack-and/ The FBI has warned that Iranian hacking group Handala has been targeting opponents of the regime since 2023 Tue, 24 Mar 2026 09:30:00 GMT https://www.infosecurity-magazine.com/news/handala-group-iranian-hack-and/ https://www.infosecurity-magazine.com/news/cyber-staff-unsure-on-preventing/ ISACA survey found that confusion over responsibility and lack of understanding around AI cyber-attacks makes containing them difficult Mon, 23 Mar 2026 16:30:00 GMT https://www.infosecurity-magazine.com/news/cyber-staff-unsure-on-preventing/ https://www.infosecurity-magazine.com/news/tycoon2fa-phishing-service-resumes/ Tycoon2FA phishing platform resumes activity post-takedown, leveraging AITM techniques to bypass MFA Mon, 23 Mar 2026 16:05:00 GMT https://www.infosecurity-magazine.com/news/tycoon2fa-phishing-service-resumes/ https://www.infosecurity-magazine.com/news/high-tech-top-target-cyberattacks/ High tech was the most frequently targeted industry in Mandiant investigations in 2025, overtaking financial services which led in 2023 and 2024 Mon, 23 Mar 2026 15:35:00 GMT https://www.infosecurity-magazine.com/news/high-tech-top-target-cyberattacks/ https://www.infosecurity-magazine.com/news/trivy-supply-chain-attack-expands/ New Trivy Docker images 0.69.5 and 0.69.6 compromised with TeamPCP infostealer, impacting CI/CD scans Mon, 23 Mar 2026 15:05:00 GMT https://www.infosecurity-magazine.com/news/trivy-supply-chain-attack-expands/ https://www.infosecurity-magazine.com/news/cisa-orders-us-government-patch/ CISA added CVE-2026-20131 to its KEV catalog as it is being used in ransomware campaigns Mon, 23 Mar 2026 10:30:00 GMT https://www.infosecurity-magazine.com/news/cisa-orders-us-government-patch/ https://www.infosecurity-magazine.com/news/operation-alice-370000-dark-web/ German-led policing effort against fraud operation disrupts countless CSAM and cybercrime sites Mon, 23 Mar 2026 09:10:00 GMT https://www.infosecurity-magazine.com/news/operation-alice-370000-dark-web/ https://www.infosecurity-magazine.com/news/hackers-exploit-critical-langflow/ Sysdig details how threat actors exploited a critical CVE in Langflow in less than a day Fri, 20 Mar 2026 10:20:00 GMT https://www.infosecurity-magazine.com/news/hackers-exploit-critical-langflow/ https://www.infosecurity-magazine.com/news/nca-boss-warns-teens-radicalized/ The National Crime Agency’s director general warns that technology is rapidly reshaping crime Fri, 20 Mar 2026 09:40:00 GMT https://www.infosecurity-magazine.com/news/nca-boss-warns-teens-radicalized/ https://www.infosecurity-magazine.com/news/ransomware-affiliate-gentlemen/ Hastalamuerte leaks The Gentlemen RaaS ops: FortiGate exploits, BYOVD evasion, Qilin split tactics Thu, 19 Mar 2026 16:00:00 GMT https://www.infosecurity-magazine.com/news/ransomware-affiliate-gentlemen/ https://www.infosecurity-magazine.com/news/financial-brands-mobile-banking/ Mobile banking malware targets over 1200 financial apps globally, shifting fraud to user devices Thu, 19 Mar 2026 14:30:00 GMT https://www.infosecurity-magazine.com/news/financial-brands-mobile-banking/ https://www.infosecurity-magazine.com/news/fca-updates-incident-thirdparty/ The UK’s financial regulator has issued new rules to make incident and third-party reporting clearer Thu, 19 Mar 2026 10:30:00 GMT https://www.infosecurity-magazine.com/news/fca-updates-incident-thirdparty/ https://www.infosecurity-magazine.com/news/interlock-ransomware-exploit-cisco/ Notorious ransomware group Interlock has been exploiting a Cisco zero-day bug since January, AWS says Thu, 19 Mar 2026 09:50:00 GMT https://www.infosecurity-magazine.com/news/interlock-ransomware-exploit-cisco/ https://www.infosecurity-magazine.com/news/uk-regulation-drives-cyber/ 35% of security leaders working in the UK’s critical infrastructure said regulatory requirements are the primary influence on their security programs Thu, 19 Mar 2026 09:00:00 GMT https://www.infosecurity-magazine.com/news/uk-regulation-drives-cyber/ https://www.infosecurity-magazine.com/news/ubuntu-flaw-enables-root-access/ CVE-2026-3888 Ubuntu snap flaw lets local users escalate to root via timing-based exploit Wed, 18 Mar 2026 15:45:00 GMT https://www.infosecurity-magazine.com/news/ubuntu-flaw-enables-root-access/ https://www.infosecurity-magazine.com/news/crypto-scam-shieldguard-dismantled/ ShieldGuard Chrome extension posed as a crypto security tool but stole wallets and drained user data Wed, 18 Mar 2026 14:15:00 GMT https://www.infosecurity-magazine.com/news/crypto-scam-shieldguard-dismantled/ https://www.infosecurity-magazine.com/news/exploitation-accelerates-in-2025/ Rapid7 says median time from publication to CISA KEV inclusion dropped to five days Wed, 18 Mar 2026 13:00:00 GMT https://www.infosecurity-magazine.com/news/exploitation-accelerates-in-2025/ https://www.infosecurity-magazine.com/news/vidar-stealer-exploits-github/ The Vidar 2.0 infostealers is deployed through fake free game cheats on GitHub and Reddit Wed, 18 Mar 2026 11:15:00 GMT https://www.infosecurity-magazine.com/news/vidar-stealer-exploits-github/ https://www.infosecurity-magazine.com/news/ai-issues-half-incident-response/ Gartner has urged security teams to get involved in AI projects from the start to avoid costly incident response Wed, 18 Mar 2026 09:40:00 GMT https://www.infosecurity-magazine.com/news/ai-issues-half-incident-response/ https://www.infosecurity-magazine.com/news/android-attack-bypasses-payment/ Android’s LSPosed-based attack hijacks payment apps via runtime manipulation and SIM-binding bypass Tue, 17 Mar 2026 16:30:00 GMT https://www.infosecurity-magazine.com/news/android-attack-bypasses-payment/ https://www.infosecurity-magazine.com/news/cursor-jack-attack-path-ai/ CursorJack shows how malicious MCP deeplinks in Cursor IDE can trigger user-approved code execution Tue, 17 Mar 2026 15:00:00 GMT https://www.infosecurity-magazine.com/news/cursor-jack-attack-path-ai/ https://www.infosecurity-magazine.com/news/nation-state-attacks-uk-firms/ Armis reveals that “mutually assured disruption” is no longer preventing state-backed attacks Tue, 17 Mar 2026 12:00:00 GMT https://www.infosecurity-magazine.com/news/nation-state-attacks-uk-firms/ https://www.infosecurity-magazine.com/news/average-number-daily-api-attacks/ Akamai says 87% of organizations suffered an API-related security incident last year Tue, 17 Mar 2026 10:30:00 GMT https://www.infosecurity-magazine.com/news/average-number-daily-api-attacks/ https://www.infosecurity-magazine.com/news/uk-cyber-monitoring-centre-us/ The US Cyber Monitoring Center should be operational in 2027, said the UK CMC leadership Tue, 17 Mar 2026 10:15:00 GMT https://www.infosecurity-magazine.com/news/uk-cyber-monitoring-centre-us/ https://www.infosecurity-magazine.com/news/global-surge-fake-shipment/ Some of these campaigns are linked to Darcula, a Chinese-language phishing-as-a-service platform Mon, 16 Mar 2026 14:45:00 GMT https://www.infosecurity-magazine.com/news/global-surge-fake-shipment/ https://www.infosecurity-magazine.com/news/crackarmor-linux-privilege/ CrackArmor AppArmor flaws let local Linux users gain root, break containers and enable DoS attacks Mon, 16 Mar 2026 14:00:00 GMT https://www.infosecurity-magazine.com/news/crackarmor-linux-privilege/ https://www.infosecurity-magazine.com/news/security-flaw-aws-bedrock/ DNS-based attack in AWS Bedrock AgentCore lets AI sandboxes exfiltrate cloud data Mon, 16 Mar 2026 13:00:00 GMT https://www.infosecurity-magazine.com/news/security-flaw-aws-bedrock/ https://www.infosecurity-magazine.com/news/fbi-calls-help-track-steam-malware/ The FBI wants to hear from gamers who have downloaded Steam titles containing malware Mon, 16 Mar 2026 11:15:00 GMT https://www.infosecurity-magazine.com/news/fbi-calls-help-track-steam-malware/ https://www.infosecurity-magazine.com/news/companies-house-glitch-exposes/ An issue with the Companies House website has put the personal and corporate information of millions at risk Mon, 16 Mar 2026 10:30:00 GMT https://www.infosecurity-magazine.com/news/companies-house-glitch-exposes/ https://www.infosecurity-magazine.com/news/interpol-operation-synergia3-94/ A new law enforcement operation against phishing and ransomware operators led to the takedown of 45,000 malicious IP addresses Fri, 13 Mar 2026 16:15:00 GMT https://www.infosecurity-magazine.com/news/interpol-operation-synergia3-94/ https://www.infosecurity-magazine.com/news/socksescort-proxy-network-op/ Operation Lightning sees international law enforcement partners shut down ‘SocksEscort,’ a major malicious proxy service used by cybercriminals worldwide Fri, 13 Mar 2026 10:00:00 GMT https://www.infosecurity-magazine.com/news/socksescort-proxy-network-op/ https://www.infosecurity-magazine.com/news/pixrevolution-malware-brazils-pix/ PixRevolution Android trojan hijacks Brazil’s PIX payments in real time using accessibility abuse Thu, 12 Mar 2026 16:00:00 GMT https://www.infosecurity-magazine.com/news/pixrevolution-malware-brazils-pix/ https://www.infosecurity-magazine.com/news/critical-zeroclick-flaw-n8n-pillar/ The critical vulnerability affecting both cloud and self-hosted n8n instances requires no authentication or even n8n account to be exploited Thu, 12 Mar 2026 15:28:00 GMT https://www.infosecurity-magazine.com/news/critical-zeroclick-flaw-n8n-pillar/ https://www.infosecurity-magazine.com/news/cisa-cisco-sd-wan-flaws-directive/ CISA issued urgent directive as attackers exploit Cisco SD-WAN flaw granting admin access to networks Thu, 12 Mar 2026 12:45:00 GMT https://www.infosecurity-magazine.com/news/cisa-cisco-sd-wan-flaws-directive/ https://www.infosecurity-magazine.com/news/police-scotland-fined-sharing/ The ICO has fined Police Scotland after it shared the entire contents of a victim’s phone with her alleged attacker Thu, 12 Mar 2026 10:30:00 GMT https://www.infosecurity-magazine.com/news/police-scotland-fined-sharing/ https://www.infosecurity-magazine.com/news/iran-massive-wiper-attack-medtech/ The pro-Iran Handala group claims to have wiped 200,000 systems in destructive wiper malware attack on US firm Stryker Thu, 12 Mar 2026 09:30:00 GMT https://www.infosecurity-magazine.com/news/iran-massive-wiper-attack-medtech/ https://www.infosecurity-magazine.com/news/france-anssi-ransomware-attack/ French small and medium businesses remained the organizations most targeted by ransomware in 2025 Wed, 11 Mar 2026 16:50:00 GMT https://www.infosecurity-magazine.com/news/france-anssi-ransomware-attack/ https://www.infosecurity-magazine.com/news/infosecurity-europe-2026-keynote/ Infosecurity Europe 2026 reveals its keynote line-up, featuring Jason Fox, Shlomo Kramer, Cynthia Kaiser and more, with sessions on AI, cloud security and post quantum threats Wed, 11 Mar 2026 16:20:00 GMT https://www.infosecurity-magazine.com/news/infosecurity-europe-2026-keynote/ https://www.infosecurity-magazine.com/news/google-looker-studios-security-gaps/ LeakyLooker flaws in Google Looker Studio let attackers run cross-tenant SQL attacks on cloud data Wed, 11 Mar 2026 16:00:00 GMT https://www.infosecurity-magazine.com/news/google-looker-studios-security-gaps/ https://www.infosecurity-magazine.com/news/wordpress-clickfix-infostealer/ Over 250 legitimate websites, including news outlets and a US Senate candidate’s official webpage, been compromised to infect visitors with infostealers, warn Rapid7 researchers Wed, 11 Mar 2026 14:45:00 GMT https://www.infosecurity-magazine.com/news/wordpress-clickfix-infostealer/ https://www.infosecurity-magazine.com/news/blacksanta-edr-killer-targets-hr/ BlackSanta malware targets HR staff with fake resumes, kills EDR and steals system data Wed, 11 Mar 2026 14:30:00 GMT https://www.infosecurity-magazine.com/news/blacksanta-edr-killer-targets-hr/ https://www.infosecurity-magazine.com/news/major-security-gaps-llm-guardrails/ Palo Alto Networks’ Unit 42 has developed a successful attack to bypass safety guardrails in popular generative AI tools Wed, 11 Mar 2026 13:35:00 GMT https://www.infosecurity-magazine.com/news/major-security-gaps-llm-guardrails/ https://www.infosecurity-magazine.com/news/cyberattacks-uk-firms-increase/ Check Point data shows attack volumes are growing much faster in the UK than worldwide Wed, 11 Mar 2026 10:30:00 GMT https://www.infosecurity-magazine.com/news/cyberattacks-uk-firms-increase/ https://www.infosecurity-magazine.com/news/microsoft-fixes-two-publicly/ March Patch Tuesday sees Microsoft release updates for 79 flaws Wed, 11 Mar 2026 09:20:00 GMT https://www.infosecurity-magazine.com/news/microsoft-fixes-two-publicly/ https://www.infosecurity-magazine.com/news/openai-promptfoo-deal-agentic-ai/ OpenAI’s latest acquisition addresses a security need Jamieson O’Reilly, security advisor at OpenClaw, raised during an exclusive interview with Infosecurity Tue, 10 Mar 2026 17:15:00 GMT https://www.infosecurity-magazine.com/news/openai-promptfoo-deal-agentic-ai/ https://www.infosecurity-magazine.com/news/organizations-test-identity-sec-6/ Only 24% of organizations test identity disaster recovery plans every 6 months, Quest Software said Tue, 10 Mar 2026 16:00:00 GMT https://www.infosecurity-magazine.com/news/organizations-test-identity-sec-6/