Infosecurity News
Chinese Hackers Use Trusted ArcGIS App For Year-Long Persistence
ReliaQuest report reveals Flax Typhoon attackers maintained year-long access to an ArcGIS system
UK Firms Lose Average of £2.9m to AI Risk
A new EY report claims unmanaged AI risk is causing millions of pounds’ worth of losses for UK organizations
UK: NCSC Reports 130% Spike in "Nationally Significant" Cyber Incidents
The UK cybersecurity agency reported 204 cyber incidents of “national significance” between September 2024 and August 2025 – an all-time high
Hackers Target ScreenConnect Features For Network Intrusions
A rise in attacks exploiting RMM tools like ScreenConnect enables system control via phishing tactics
Spain Arrests Alleged Leader of GXC Team Cybercrime Network
Spanish authorities have arrested a 25-year-old Brazilian accused of leading the GXC Team and selling malware and AI tools to cybercriminals
New Stealit Malware Campaign Spreads via VPN and Game Installer Apps
A new campaign distributing the Stealit infostealer employs previously unknown malware delivery techniques and infrastructure
Apple Bug Bounty Payouts Can Now Top $5m
Apple has doubled its top bug bounty reward to $2m but with bonuses it could reach $5m
FBI and French Police Shutter BreachForums Domain Again
The infamous BreachForums site has been taken offline again to disrupt Scattered Lapsus$ Hunters
Google Launches AI Bug Bounty with $30,000 Top Reward
Google has introduced a new AI Vulnerability Reward Program offering up to $30,000 for bug discoveries in its AI products
Google: Clop Accessed “Significant Amount” of Data in Oracle EBS Exploit
GTIG highlighted indicators that Clop is behind the extortion campaign targeting Oracle EBS instances, with its activity likely beginning as early as August 9
Pro-Russia Hacktivists “Claim” Attack on Water Utility Honeypot
Forescout said that the TwoNet actor was lured into attacking a honeypot disguised as a water treatment utility, providing insights into the group’s tactics
Researchers Warn of Security Gaps in AI Browsers
A new report from SquareX Labs highlights security weaknesses in AI browsers like Comet, revealing new cyber-risks
ClayRat Spyware Campaign Targets Android Users in Russia
A new ClayRat spyware campaign has been observed targeting Russian users via fake apps on Telegram and exfiltrating data
All SonicWall Cloud Backup Users Have Firewall Configuration Files Stolen
SonicWall said that a threat actor has accessed files containing encrypted credentials and configuration data for all customers who have used its cloud backup service
ICO’s £7.5m Clearview AI Fine a Step Closer After Legal Victory
The ICO has won an Upper Tribunal appeal against Clearview AI over its ability to fine the company
NCSC: Observability and Threat Hunting Must Improve
The UK’s National Cyber Security Centre has released new guidance to help firms improve observability and threat hunting
High Number of Windows 10 Users Remain as End-of-Life Looms
A new report from TeamViewer found that 40% of global endpoints still run Windows 10, just days before security updates and support ends for the operating system
Nezha Tool Used in New Cyber Campaign Targeting Web Applications
A cyber campaign using Nezha has been identified, targeting vulnerable web apps with PHP web shells and Ghost RAT
Digital Fraud Costs Companies Worldwide 7.7% of Annual Revenue
According to TransUnion, digital fraud has cost companies $534bn in losses globally with US business hit hardest
Cyber-Attack Contributes to Huge Sales Drop at JLR
Jaguar Land Rover has reported a 25% drop in volume sales in the three months up to September 30, largely due to the impact of the ongoing cyber incident
