Infosecurity News

  1. BlackSanta EDR-Killer Targets HR Teams in CV-Themed Campaign

    BlackSanta malware targets HR staff with fake resumes, kills EDR and steals system data

  2. Researchers Discover Major Security Gaps in LLM Guardrails

    Palo Alto Networks’ Unit 42 has developed a successful attack to bypass safety guardrails in popular generative AI tools

  3. Cyber-Attacks on UK Firms Increase at Four Times Global Rate

    Check Point data shows attack volumes are growing much faster in the UK than worldwide

  4. Microsoft Fixes Two Publicly Disclosed Zero-Days

    March Patch Tuesday sees Microsoft release updates for 79 flaws

  5. OpenAI's Promptfoo Deal Plugs Agentic AI Testing Gap

    OpenAI’s latest acquisition addresses a security need Jamieson O’Reilly, security advisor at OpenClaw, raised during an exclusive interview with Infosecurity

  6. Only 24% Of organizations Test Identity Recovery Every Six Months

    Only 24% of organizations test identity disaster recovery plans every 6 months, Quest Software said

  7. Cloud Attackers Now Prefer Vulnerability Exploits Over Credentials, Google Cloud Finds

    Google Cloud report details a sharp rise in attackers exploiting software vulnerabilities, including React2Shell

  8. Ericsson Breach Exposes Data of 15k Employees and Customers

    Ericsson data breach affects 15k employees/customers after third-party service provider compromise

  9. Russian Hackers Target WhatsApp and Signal Accounts of Global Military and Government Officials

    Dutch intelligence reveals Russian state hackers are trying to hijack the Signal and WhatsApp accounts of key targets

  10. ShinyHunters Targets Hundreds of Websites in New Salesforce Campaign

    Prolific ShinyHunters group claims to have stolen data from nearly 400 websites in Experience Cloud attacks

  11. Threat Actor Exploits Flaws and Uses Elastic Cloud SIEM to Manage Stolen Data

    Huntress researchers uncover campaign exploiting vulnerabilities to steal data using Elastic Cloud as a data hub

  12. Trump Administration Unveils New Cyber Strategy for America

    US national cyber strategy focuses on stronger defenses, countering threats, fostering innovation

  13. UK Launches New Crackdown Unit to Tackle Cyber-Fraud at the Source

    New UK Online Crime Centre will combine expertise from a range of sources to takedown online channels cyber-scammers rely on

  14. AI Security Startups Dominate New Cyber Innovation Awards

    Over one in five winners of IT-Harvest’s 2026 Cyber 150 are AI security companies

  15. TriZetto Provider Solutions Breach Hits 3.4 Million Patients

    Billing services provider TriZetto Provider Solutions has begun notifying millions of patients about a data breach

  16. Ghanaian Pleads Guilty to Role in $100m Romance Scam

    Derrick Van Yeboah admitted he stole over $10m in romance scams as part of crime gang

  17. Iran's MuddyWater Hackers Hit US Firms with New 'Dindoor' Backdoor

    A bank, an airport, a non-profit and the Israeli branch of a US software company were among the targets of this new MuddyWater campaign

  18. Zero‑Day Attacks on Enterprise Software Reach Record High, Google Warns

    Almost a quarter of the zero days detected by Google in 2025 targeted security and networking appliances

  19. AI-Driven Insider Risk Now a “Critical Business Threat,” Report Warns

    Malicious insiders are using misusing AI for nefarious gain, while employees cutting corners also creates risk, warns Mimecast

  20. ContextCrush Flaw Exposes AI Development Tools to Attacks

    Critical flaw "ContextCrush" in Context7 MCP Server could allow malicious instructions into AI tools

Why Not Watch?

  1. Modernizing GRC: From Checkbox to Strategic Advantage

  2. Why Your Organisation Needs Trusted Time Synchronisation

  3. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

  4. Securing M365 Data and Identity Systems Against Modern Adversaries

What’s Hot on Infosecurity Magazine?