Infosecurity News
Hawaiian Airlines Hit by Cybersecurity Incident
The US airline said that incident was affecting some of its IT systems, but flights are continuing to operate safely and as scheduled
CitrixBleed 2 Vulnerability Exploited, Recalling Earlier CitrixBleed Fallout
This new CitrixBleed lookalike flaw is being exploited in the wild to gain initial access, according to ReliaQuest
MOVEit Transfer Systems Face Fresh Attack Risk Following Scanning Activity Surge
GreyNoise observed a surge in scanning activity targeting MOVEit Transfer systems since May 27, indicating the software could face renewed attacks
Hundreds of MCP Servers at Risk of RCE and Data Leaks
Misconfigured AI-linked MCP servers are exposing users to data breaches and remote code execution threats
Patient Death Linked to NHS Cyber-Attack
A patient’s death was linked to the 2024 ransomware attack on Synnovis, which disrupted NHS facilities
ClickFix Attacks Surge 517% in 2025
The ClickFix social engineering technique has become the second most common attack vector, behind only phishing, according to ESET research
French Authorities Arrest Four with Suspected Ties to Notorious BreachForums
The hackers are also suspected of being behind several cyber-attacks, including against the French Football Federation
Interpol Warns of Rapid Rise in Cybercrime on African Continent
Interpol claims cybercrime has risen sharply in Africa with cyber-offences accounting for a "medium-to-high" share of all crime
Supply Chain Incident Imperils Glasgow Council Services and Data
Glasgow City Council has warned of service disruption and potential data loss after a security incident
Hackers Use Open-Source Offensive Cyber Tools to Attack Financial Businesses in Africa
The threat actor used a combination of open-source and publicly available tools to establish their attack framework
NSA and CISA Urge Adoption of Memory Safe Languages for Safety
NSA and CISA are urging developers to adopt memory safe languages (MSLs) to combat vulnerabilities in software
Microsoft nOAuth Flaw Still Exposes SaaS Apps Two Years After Discovery
Semperis estimates that at least 15,000 enterprise SaaS applications are still vulnerable to a flaw discovered in 2023
SAP GUI Input History Found Vulnerable to Weak Encryption
Two SAP GUI vulnerabilities have been identified exposing sensitive data due to weak encryption in input history features
Ransomware Attacks Dip in May Despite Persistent Retail Targeting
NCC Group found that ransomware attacks fell for the third consecutive month in May 2025, despite a surge in incidents impacting retailers
UK Ransom Payments Double as Victims Fall Behind Global Peers
UK ransomware victims are paying extortionists twice as much as a year ago
Common Good Cyber Fund Launched to Support Non-Profit Security Efforts
The Common Good Cyber Fund will receive funding from the UK and Canadian governments, with further pledges from G7 nations
Half of Customer Signups Are Now Fraudulent
Okta says over 46% of new customer registrations are bot-driven fraud attempts
Lessons from Helsinki: NCSC-FI's Role in Mitigating a Major Data Breach
A representative of NCSC-FI shared some lessons learned from a 2024 data breach affecting the Finnish capital
Malware Campaign Uses Rogue WordPress Plugin to Skim Credit Cards
A long-running malware campaign targeting WordPress via a rogue plugin has been observed skimming data, stealing credentials and user profiling
Mclaren Health Care Data Breach Impacts Over 743,000 Patients
Data breach at McLaren Health Care affecting over 743,000 individuals has been linked to a ransomware attack