Infosecurity News

  1. Eight in 10 UK Manufacturers Hit by Cyber Incident in a Year

    Most UK manufacturers compromised last year suffered financial loss, says ESET

  2. Hackers Hijack Axios npm Package to Spread RATs

    Threat actors hijacked the popular npm package axios to spread RAT malware after compromising an open‑source maintainer’s account, researchers warn

  3. Maryland Man Charged Over $53m Uranium Finance Crypto Hack

    Maryland man accused of $53m Uranium Finance hack, exploited smart contract flaws, laundered funds

  4. Phantom Project Bundles Infostealer, Crypter and RAT For Sale

    Phantom Stealer .NET harvests browser credentials, cookies, cards, sessions, as stealer-as-a-service

  5. ChatGPT Security Issue Enabled Data Theft via Single Prompt

    OpenAI has patched vulnerability, which Check Point said was because of a DNS loophole

  6. TeamPCP Explores Ways to Exploit Stolen Supply Chain Secrets

    TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ and Vect ransomware gangs

  7. Employee Data Breaches Surge to Seven-Year High

    Analysis from law firm Nockolds suggests non-cyber incidents are driving up employee data breaches

  8. NCSC Urges Immediate Patching of F5 BIG-IP Bug

    The National Cyber Security Centre wants UK firms to patch CVE-2025-53521

  9. Cybercriminals Exploit Tax Season With New Phishing Tactics

    Tax-season phishing floods deliver RMM malware, credential theft, BEC and tax-form scams

  10. Lloyds IT Glitch Exposed Data of Nearly 500,000 Banking Customers

    Lloyds app glitch exposed up to 447,936 customers’ transactions and personal data during update

  11. DeepLoad Malware Combines ClickFix With AI-Generated Code to Avoid Detection

    Researchers at ReliaQuest warn of persistent malware campaign targeting enterprise credentials

  12. Critical Citrix NetScaler Vulnerability Exploited in the Wild

    Researchers from watchTowr and Defused have found evidence that attackers are actively exploiting CVE-2026-3055, a critical NetScaler vulnerability

  13. ICO Fines UK Nuisance Call Scammers £100,000

    The UK Information Commissioner’s Office has handed a £100,000 fine to Birmingham-based TMAC

  14. European Commission Confirms Cloud Data Breach

    The European Commission has revealed details of a data breach impacting its AWS infrastructure

  15. New Wave of AiTM Phishing Targets TikTok for Business

    Push Security has uncovered a new AiTM phishing campaign targeting TikTok for Business accounts using Google and TikTok themed login pages

  16. TeamPCP Targets Telnyx Package in Latest PyPI Software Supply Chain Attack

    Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware

  17. Quantum Computing Threat to Encryption Is Closer Than Expected, Warns Google

    ‘Q-Day’ and the cybersecurity problems it brings could come as early as 2029 as Google accelerates its post-quantum cryptography migration

  18. UK Cracks Down on Chinese Crypto Marketplace for Funding Southeast Asia Scam Hubs

    The UK government has sanctioned Xinbi, described as “the second-largest illicit online marketplace ever”

  19. Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code

    Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by AI-generated code

  20. Attackers Rapidly Weaponize Critical Oracle WebLogic RCE, Honeypot Study Finds

    Attackers rapidly exploited a critical Oracle WebLogic RCE flaw the same day exploit code was released, according to a CloudSEK honeypot study

Why Not Watch?

  1. Securing M365 Data and Identity Systems Against Modern Adversaries

  2. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

  3. How to Recover From a Cyber-Attack: A Step-by-Step Playbook

  4. How to Maintain the Intelligence Edge in a Disrupted Threat Landscape

What’s Hot on Infosecurity Magazine?