Infosecurity News

  1. Threat Actors Uses Agentic AI to Rapidly Compromise Cloud Target

    Sygnia report details how agentic AI accelerated weeks-long attack to just 72 hours

  2. New Malicious Campaign Delivers Vidar Infostealer and Monero Crypto Miner

    Cyber threat actors are infecting victims with the Vidar stealer and the XMRig cryptocurrency miner in a new malicious campaign

  3. NCSC Touts National Scale, AI-Powered “Cyber Shield” for Defense

    The National Cyber Security Centre wants to work with AI partners to build a new “Cyber Shield” to defend the UK

  4. Suspected Chinese Threat Group Targets Universities via Vulnerable Roundcube Servers

    A suspected Chinese threat cluster is exploiting Roundcube vulnerabilities to compromise university networks in the US and Canada and harvest user credentials

  5. Scattered Spider’s Structure More Like a Cybercrime Collective Than a Unified Gang

    Group-IB analysis argued Scattered Spider is a decentralized collective of independent clusters

  6. UK Government Launches Cyber Resilience Pledge, Claiming 60+ Signatories

    More than 60 organizations, including M&S, Microsoft UK and Vodafone, have signed the UK government's Cyber Resilience Pledge, a new initiative aimed at boosting cyber security and resilience across British businesses

  7. Hackers Exploit Maximum Severity Adobe ColdFusion Flaw

    Threat actors are exploiting an Adobe ColdFusion vulnerability which has a CVSS score of 10.0

  8. Phishing Attacks Targeted Facebook Users With Fake Verification Offer

    Attacks also used a compromised chatbot in campaign to steal sensitive information from Business Users

  9. New Iran-Nexus Hacking Group Targets Israel Government and IT Sectors

    Check Point researchers have identified a new cyber adversary targeting Israeli government and IT businesses, tracked as ‘Cavern Manticore’

  10. Indirect Prompt Injection in Web Content Targets AI Agents

    Zscaler found sites hiding prompt-injection text to manipulate AI agents into crypto payments

  11. Opera GX Flaw Let Sites Auto-Install Mods to Steal Data

    Opera GX flaw let sites automatically install mods to steal data from other pages, now patched

  12. NCA Issues Warning to Parents As Shared Child Photos Exploited by AI Tools

    IWF and NCA warn that growing numbers of images and videos are being manipulated into sexual abuse material

  13. Researchers Claim First Fully Agentic Ransomware: JadePuffer

    Researchers have revealed JadePuffer, the first agentic AI-powered ransomware campaign, highlighting how autonomous agents can automate cyber-attacks

  14. Qilin Dominates Ransomware Market Amid Growing Cybercrime Consolidation

    The ransomware landscape is reconsolidating around major players, with Qilin emerging as the leading RaaS operation, researchers say

  15. Warning Over “Industrialized” Cyber-Attacks After Ransomware Gang Partners With TeamPCP

    Researchers warn that collaboration could lead to “unprecedented” ransomware attacks, as FBI also issues warning

  16. FBI, Google Take Down NetNut Proxy Network Used by Cyber Threat Actors

    The NetNut proxy network and the ‘Popa’ botnet are known to have infected devices with variants of Mirai DDoS botnets

  17. Researcher Behind 'Exploitarium' Explains Release of Undisclosed Zero-Day Exploits

    Infosecurity spoke with the researcher who dumped over 30 proof-of-concept exploits without disclosing the vulnerabilities first

  18. Cybercriminals Pose as Interpol in Phishing Emails to Infect Victims With Ransomware

    Bitdefender researchers warned of curious ransomware campaign which has targeted businesses around the world

  19. NCSC Shares Tips on How to Make a Pen Tester’s Job Harder

    The NCSC has shared best practice advice from pen testers which could help improve system resilience

  20. Alleged Scattered Spider Member Extradited to US

    A teenager accused of hacking as part of Scattered Spider has been arrested

What’s Hot on Infosecurity Magazine?