Infosecurity News
DragonForce Ransomware Exploited Microsoft Teams to Hide in Attack Against Major Company
Command and control traffic exploited a Teams visitor token to make malicious activity look legitimate to defenders
Chainguard, JPMorgan, BNY Team Up to Secure Open Source from AI Threats
Athena is a new an industry coalition to fix the vulnerabilities frontier AI models find before attackers can exploit them
FBI Warns Courier Cash Pickups Are Driving Crypto Scams
The FBI claims couriers are being used to circumvent bank transfers in crypto investment schemes
Attackers Hijack Popular WordPress Plugins to Deploy Backdoors
Tampered OptinMonster and sister plugins plant hidden backdoors on 1.2 million WordPress sites
Adriatic Port Cyber-Attack by Anubis Sparks Warning Over Maritime Security Risks
How the Anubis ransomware group stole and leaked an Italian Adriatic port authority's data
Cybersecurity Experts Urge US to Lift Ban on Anthropic's Frontier AI Models
Access to two Anthropic large language models, Mythos 5 and Fable 5, has effectively been banned to any non-US nationals by the Trump administration
UK Government Finds 400+ Vulnerabilities in AI Hackathons
Government departments find hundreds of vulnerabilities after testing frontier models
Maine Takes Breach Reporting Portal Offline After Fake Entries
The Office of the Maine Attorney General has suspended its breach reporting portal
Ransomware Payment Crypto Laundering Platform Taken Out by FBI and Europol
Domain of dark web money laundering platform AudiA6 seized and suspects arrested in joint operation by the FBI, Europol and others
GitHub to Update npm to Thwart Software Supply Chain Attacks
NPM, part of GitHub, announced a new version of the npm package manager with several security improvements, including disabling install scripts
Over 80% of Sports Organizations Targeted by Hackers in the Last Year
As the FIFA World Cup 2026 kicks off, a new Darktrace report warns that sports teams and bodies are a major target for cyber criminals
CISA Orders Agencies to Patch by Risk, Not Severity
New CISA directive tells federal agencies to patch by real-world risk, not CVSS severity scores
Cybercriminals Use Fake AI Guides and Dev Tools to Spread AsyncRAT Malware
Fake AI guides hide a multi-stage chain that drops AsyncRAT, with signs of AI-assisted coding
Most Cybersecurity Teams Struggle to Find Time for Training on New Cyber Threats
Organizations are aware of the challenges that new technologies like AI bring: but cybersecurity staff struggle to make time for the required training during working hours
Interpol Dismantles SniperDz Phishing-as-a-Service Platform
New revelations by Group-IB expose the full scale of the decade-old SniperDz phishing operation
Extortion-Only Attacks Increase, With Data Theft Dominating Ransomware Claims
Extortion-only attacks are increasing as data theft drives most ransomware claims, with many organizations unable to stop stolen data from being exposed
New “Agentjacking” Attacks Could Hijack AI Coding Agents
Tenet Security researchers reveal how new “agentjacking” attacks could trick coding agents into executing arbitrary code
Fake Software Tutorials on TikTok Spread Vidar Stealer
Threat actors push fake free-software tutorials on TikTok and Instagram to spread Vidar stealer
New SilabRAT Trojan Hijacks Sessions to Steal Crypto
MaaS trojan SilabRAT uses HVNC and browser cloning to hijack sessions and steal crypto
Cybersecurity Software Fails to Detect Fifth of Brower-Based Phishing Attacks
Menlo Security research warns that as enterprise applications become increasingly browser based, traditional cybersecurity tools leave them vulnerable to cyber threats
