Infosecurity News

  1. Apple Expands iOS 18 Security Updates Amid DarkSword Threat

    iOS/iPadOS 18.7.7 updates expanded to protect older devices from DarkSword web exploit kit

  2. Researchers Observe Sub-One-Hour Ransomware Attacks

    Halcyon says Akira is now capable of carrying out an entire ransomware attack in less than an hour

  3. GitHub Used as Covert Channel in Multi-Stage Malware Campaign

    LNK files use GitHub C2, embedded decoders and PowerShell for persistence and data exfiltration

  4. Most CNI Firms Face Up to £5m in Downtime from OT Attacks

    E2e-assure says 80% of critical infrastructure providers could face millions in downtime from cyber-attacks

  5. Google Introduces Android Dev Verification Amid Openness Debate

    Android requires dev identity verification for sideloaded apps; phased global rollout from September

  6. New Venom Stealer MaaS Platform Automates Continuous Data Theft

    Venom Stealer malware-as-a-service automates ClickFix social engineering, credential and crypto exfiltration

  7. Chinese Hackers Target European Governments in Espionage Campaigns

    Chinese state-backed group TA416 had suspended its cyber espionage operations in Europe since 2023, noted Proofpoint

  8. Eight in 10 UK Manufacturers Hit by Cyber Incident in a Year

    Most UK manufacturers compromised last year suffered financial loss, says ESET

  9. Hackers Hijack Axios npm Package to Spread RATs

    Threat actors hijacked the popular npm package axios to spread RAT malware after compromising an open‑source maintainer’s account, researchers warn

  10. Maryland Man Charged Over $53m Uranium Finance Crypto Hack

    Maryland man accused of $53m Uranium Finance hack, exploited smart contract flaws, laundered funds

  11. Phantom Project Bundles Infostealer, Crypter and RAT For Sale

    Phantom Stealer .NET harvests browser credentials, cookies, cards, sessions, as stealer-as-a-service

  12. ChatGPT Security Issue Enabled Data Theft via Single Prompt

    OpenAI has patched vulnerability, which Check Point said was because of a DNS loophole

  13. TeamPCP Explores Ways to Exploit Stolen Supply Chain Secrets

    TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ and Vect ransomware gangs

  14. Employee Data Breaches Surge to Seven-Year High

    Analysis from law firm Nockolds suggests non-cyber incidents are driving up employee data breaches

  15. NCSC Urges Immediate Patching of F5 BIG-IP Bug

    The National Cyber Security Centre wants UK firms to patch CVE-2025-53521

  16. Cybercriminals Exploit Tax Season With New Phishing Tactics

    Tax-season phishing floods deliver RMM malware, credential theft, BEC and tax-form scams

  17. Lloyds IT Glitch Exposed Data of Nearly 500,000 Banking Customers

    Lloyds app glitch exposed up to 447,936 customers’ transactions and personal data during update

  18. DeepLoad Malware Combines ClickFix With AI-Generated Code to Avoid Detection

    Researchers at ReliaQuest warn of persistent malware campaign targeting enterprise credentials

  19. Critical Citrix NetScaler Vulnerability Exploited in the Wild

    Researchers from watchTowr and Defused have found evidence that attackers are actively exploiting CVE-2026-3055, a critical NetScaler vulnerability

  20. ICO Fines UK Nuisance Call Scammers £100,000

    The UK Information Commissioner’s Office has handed a £100,000 fine to Birmingham-based TMAC

Why Not Watch?

  1. Behind the Curtain of Microsoft 365 Cybersecurity: Lessons from Overlooked Resilience Gaps

  2. Securing M365 Data and Identity Systems Against Modern Adversaries

  3. The Cloud Risk Nobody Talks About: Why Resilience‑Focused Cloud Design Is Your Best Defense Against Modern Attacks

  4. How to Recover From a Cyber-Attack: A Step-by-Step Playbook

What’s Hot on Infosecurity Magazine?