Infosecurity News
One in Eight Workers Has Sold Their Corporate Logins
Cifas says that 13% of employees admit selling company credentials to a former colleague
Microsoft Flags Mass Phishing Campaign Using Fake Compliance Emails
Microsoft researchers warn of a large-scale phishing campaign using fake compliance emails to steal credentials, targeting 35,000 users across 13,000 organizations worldwide
North Korean APT Targets Yanbian Gamers via Trojanized Platform
ESET warns that North Korean hackers compromised a Yanbian gaming site in a supply‑chain attack, trojanizing Windows and Android software to spy on users
Fake SSA Emails Drive Venomous#Helper Phishing Campaign
Venomous#Helper attackers impersonate the US Social Security Administration to deploy signed RMM software and maintain persistent access across US networks
AI Adoption Outpaces Safety Policies, Leaving Organizations Exposed to Cyber Risk
ISACA report warns that while AI has become the norm, many organizations are yet to formally apply safety or security policies around its use
NCSC Warns of an AI-Fuelled “Vulnerability Patch Wave”
The UK's National Cyber Security Centre is urging organizations to prepare for glut of new software updates
Trellix Reveals Unauthorized Access to Source Code
Security vendor Trellix has suffered a breach involving unauthorized access
Small Defense Firms Lack Network Data to Stop Nation-State Hackers, Analyst Says
Team Cymru’s Stephen Campbell warned that small US defense contractors are not well prepared to face cyber intrusions through edge devices
OpenAI To Extend Cyber Program to Government Agencies
OpenAI announced its intention to expand the Trusted Access for Cyber program for cyber defenders at the federal, state and local government levels
Anthropic Rolls Out Claude Security for AI Vulnerability Scanning
Claude Security enters public beta, giving enterprises AI driven code scanning with no API integration or custom agents required
Two American Cybersecurity Workers Jailed for BlackCat Ransomware Attacks
The cybersecurity workers used their knowledge and skills to conduct ransomware attacks for notorious gang, rather than protect victims against them
Nine-Year-Old Zero-Day Flaw in Linux Kernel Discovered by AI-Equipped Security Researcher
A researcher from offensive security firm Theori has found a nine-year-old flaw in the Linux kernel with the help of AI
Three Arrested for Hacking Over 610,000 Roblox Accounts
Suspects accused of distributing malware and selling access to stolen Roblox accounts on Russian marketplaces
Deep#Door Python Backdoor Evades Detection On Windows
Deep#Door Python RAT uses tunneling and obfuscation to evade detection and steal credentials
CISA and Partners Publish Zero Trust Guidance For OT Security
A new CISA‑led guide explains how zero‑trust security can be applied to operational technology, balancing cyber defence with safety and system availability
UK: Education Sector Faces Surge in Cyber Breaches Despite Stable National Threat Levels
The British public education sector has faced the nation’s most dramatic increase in cyber breach prevalence over the past year
Europol Busts Albanian Scam Call Centers in Major Online Fraud Case
European police arrested 10 suspects after dismantling Albanian scam call centers linked to a €50m ($58m) online investment fraud operation
Cyber is the Number One Global “People Risk,” Says Marsh
Marsh’s 2026 People Risks survey finds cyber‑related challenges dominate, as cyber‑threat literacy tops risks and cyber and AI skills shortages rise
Cursor Extension Flaw Exposes Developer API Keys
Cursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerX
Malicious npm Dependency Linked to AI Assisted Commit Targets Crypto Wallets
Researchers uncover a malicious npm dependency linked to an AI‑assisted code commit that steals sensitive data and exposes crypto wallets
