Infosecurity News

  1. JLR Extends Production Halt After Cyber-Attack

    Jaguar Land Rover (JLR) has confirmed that its pause in production will last until at least Wednesday, September 24

  2. API Threats Surge to 40,000 Incidents in 1H 2025

    Thales claims there were over 40,000 API incidents in the first half of 2025

  3. FinWise Bank Warns of Insider Data Breach

    An insider data breach at FinWise may have impacted 689,000 customers

  4. HybridPetya Mimics NotPetya, Adds UEFI Compromise

    HybridPetya ransomware mimics Petya/NotPetya, with an added UEFI bootkit and Secure Boot bypass

  5. SEO Poisoning Targets Chinese Users with Fake Software Sites

    SEO poisoning attack has been observed targeting Chinese Windows users via lookalike domains, installing Hiddengh0st and Winos

  6. AI-Forged Military IDs Used in North Korean Phishing Attack

    Genians observed the Kimsuky group impersonate a defense institution in a spear-phishing attack, leveraging ChatGPT to create fake military ID cards

  7. CISA at Risk After OIG Accuses it of Wasting Federal Funds

    US Department of Homeland Security OIG claims CISA mismanaged a key cyber retention incentive program

  8. Phishing Campaigns Drop RMM Tools for Remote Access

    Threat actors are using multiple lures to trick users into installing RMM tools

  9. Attackers Adopt Novel LOTL Techniques to Evade Detection

    HP Wolf has reported the use of multiple, uncommon binaries and novel uses of legitimate image files in recent malicious campaigns

  10. France Warns Apple Users of New Spyware Campaign

    Apple has sent at least four notifications in 2025, according to the French national cybersecurity agency

  11. ICO Warns of Student-Led Data Breaches in UK Schools

    ICO warned that growing hacks by children into school computer systems is setting them up for “a life of cybercrime”

  12. CISA Launches Roadmap for the CVE Program

    The US cybersecurity agency called for the CVE program to remain publicly maintained and vendor-neutral while emphasizing the need for broader engagement

  13. Fileless Malware Deploys Advanced RAT via Legitimate Tools

    A sophisticated fileless malware campaign has been observed using legitimate tools to deliver AsyncRAT executed in memory

  14. Wyden Urges FTC Investigation Over Ascension Ransomware Hack

    Senator Ron Wyden of Oregon has urged the FTC to investigate Microsoft for cybersecurity lapses linked to ransomware attacks on US critical infrastructure

  15. Chinese APT Actor Compromises Military Firm with Novel Fileless Malware Toolset

    Bitdefender said the sophisticated multi-stage operation allowed attackers to maintain persistent access and steal sensitive data from a Philippines military company

  16. France: Three Regional Healthcare Agencies Targeted by Cyber-Attacks

    Compromised data includes personal data such as patients’ full names, ages, phone numbers and email addresses

  17. Ukrainian Ransomware Fugitive Added to Europe’s Most Wanted

    US offers $11m as LockerGoga ransomware suspect becomes one of Europe’s most wanted men

  18. LNER Reveals Supply Chain Attack Compromised Customer Information

    Government-run train operator LNER has revealed details of a supplier data breach

  19. KillSec Ransomware Hits Brazilian Healthcare IT Vendor

    A ransomware attack by KillSec on Brazil software provider MedicSolution threatens healthcare, impacting providers and patients

  20. Cursor Autorun Flaw Lets Repositories Execute Code Without Consent

    A flaw in the Cursor extension allows unauthorized code execution when opening repositories in Visual Studio

Why not watch?

  1. Discover the Best Strategies to Scale & Optimize AI Applications

  2. How to Tame API Risks and Secure Your Digital Domain

  3. Modernise Application Delivery for the New Era

  4. Strategic AI in Cyber Defense: How to Stay Ahead Without Increasing Risk

What’s hot on Infosecurity Magazine?