Infosecurity News

  1. European Governments Breached in Zero-Day Attacks Targeting Ivanti

    The European Commission and government agencies in Finland and the Netherlands have suffered potentially related breaches

  2. New Zero-Click Flaw in Claude Desktop Extensions, Anthropic Declines Fix

    Security researchers from LayerX identified a new flaw in 50 Claude Desktop Extensions that could lead to unauthorized remote code execution

  3. Two Connecticut Men Charged In Alleged $3m Gambling Fraud Scheme

    Two Connecticut men face federal charges for a $3m scheme targeting online gambling platforms

  4. VoidLink Malware Exhibits Multi-Cloud Capabilities and AI Code

    VoidLink, a Linux-based C2 framework, facilitates credential theft, data exfiltration across clouds

  5. BridgePay Confirms Ransomware Attack, No Card Data Compromised

    The services of Florida-based payments platform BridgePay are offline due to a ransomware attack

  6. Social Media Platforms Earn Billions from Scam Ads

    Revolut claims social media sites make £3.8bn annually from scam ads targeting European users

  7. Researchers Find 40,000+ Exposed OpenClaw Instances

    SecurityScorecard has identified over 40,000 OpenClaw deployments exposed to potential attack

  8. US Agencies Told to Scrap End of Support Edge Devices

    CISA has issued a new directive requiring federal agencies to decommission all end of support edge devices within 12 months to reduce ongoing exploitation risks

  9. Chinese-Made Malware Kit Targets Chinese-Based Routers and Edge Devices

    DKnife is a Chinese made malware framework that targets Chinese-based users

  10. Substack Confirms Data Breach, "Limited User Data" Compromised

    Substack did not specify the number of users affected by the data breach

  11. New Cyber Startup Programme to Debut at Infosecurity Europe 2026

    Infosecurity Europe 2026 will debut a new Cyber Startup Programme, featuring a dedicated show-floor zone for early-stage cybersecurity companies to showcase innovations, connect with investors and highlight emerging technologies

  12. Malicious Commands in GitHub Codespaces Enable RCE

    Flaws in GitHub Codespaces allow RCE via crafted repositories or pull requests

  13. Smartphones Now Involved in Nearly Every Police Investigation

    Cellebrite data confirms digital evidence is now central to almost all cases

  14. New Hacking Campaign Exploits Microsoft Windows WinRAR Vulnerability

    Researchers at Check Point link ‘Amarath-Dragon’ attacks to prolific Chinese cyber-espionage operation

  15. AI-Enabled Voice and Virtual Meeting Fraud Surges 1000%+

    Pindrop warns of 1210% increase in AI-powered fraud last year

  16. Global SystemBC Botnet Found Active Across 10,000 Infected Systems

    SystemBC malware linked to 10,000 infected IPs, posing risks to sensitive government infrastructure

  17. New Technical Markers Reveal Expanding ShadowSyndicate Cybercriminal Infrastructure

    ShadowSyndicate cluster expands with new SSH fingerprints connecting servers to other ransomware ops

  18. AI Drives Doubling of Phishing Attacks in a Year

    Cofense claims AI is making phishing emails more personalized and sophisticated

  19. Two Critical Flaws in n8n AI Workflow Automation Platform Allow Complete Takeover

    Pillar Security discovered two new critical vulnerabilities in n8n that could lead to supply chain compromise, credential harvesting and complete takeover attacks

  20. SolarWinds Web Help Desk Vulnerability Actively Exploited

    CISA has added a critical CVE in SolarWinds Web Help Desk to its KEV Catalog

Why Not Watch?

  1. Mastering AI Security With ISACA’s New AAISM Certification

  2. Audit & Compliance in the Era of AI and Emerging Technology

  3. Securing M365 Data and Identity Systems Against Modern Adversaries

  4. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

What’s Hot on Infosecurity Magazine?