Infosecurity News
Chainlit Security Flaws Highlight Infrastructure Risks in AI Apps
2 security vulnerabilities in the Chainlit framework expose risks from web flaws in AI applications
Prompt Injection Bugs Found in Official Anthropic Git MCP Server
Three vulnerabilities in Anthropic's Git server for the MCP can be exploited via prompt injection
Cyber Risks Among CEOs’ Top Worries Amid Weak Short Term Growth Outlook
PwC’s 29th Global CEO Survey shows cyber risk rising to the top of CEO concerns as confidence in short term business growth weakens
Linkedin Phishing Campaign Exploits Open-Source Pen Testing Tool to Compromise Business Execs
Cybersecurity Researchers at ReliaQuest warn of an ongoing campaign delivered to “high-value individuals” via LinkedIn messages
AI Supercharges Attacks in Cybercrime's New 'Fifth Wave'
Weaponized AI is fueling a new wave of cybercrime, said Group-IB in its latest report
Scam Marketplace Tudou Guarantee Shutters Telegram Ops
A notorious marketplace for fraud, Tudou Guarantee, appears to have closed its public Telegram groups
Researchers Uncover PDFSIDER Malware Built for Long-Term, Covert System Access
New malware PDFSIDER enables covert, long-term access to compromised systems via advanced techniques
Russian Hacktivists Intensify Disruptive Cyber Pressure on UK Orgs
UK NCSC warned of disruptive cyber attacks by Russian hacktivists targeting critical infrastructure
Malicious Google Chrome Extensions Hijack Workday and Netsuite
Users of widely used HR and ERP platforms targeted with malicious extensions which were available in the Chrome Web Store
Suspects Linked to Black Basta Ransomware Group Raided in Ukraine
Oleg Evgenievich Nefedov, allegedly one of the founders of Black Basta, was also placed on Europol’s and Interpol’s Most Wanted lists
Cyber Breaches, Compliance and Reputation Top UK Corporate Concerns
UK firms face confluence of cyber-related risks in 2026, says Nardello & Co
Researchers Exploit Bug in StealC Infostealer to Collect Evidence
CyberArk says it exploited a vulnerability in the StealC infostealer to gather intelligence
TamperedChef Malvertising Campaign Drops Malware via Fake PDF Manuals
TamperedChef creates backdoors and steals user credentials – particularly in organizations reliant on technical equipment
Account Compromise Surged 389% in 2025, Says eSentire
An eSentire report showed credential theft accounted for 74% of all observed cyber threats in 2025
RondoDox Botnet Targets HPE OneView Vulnerability in Exploitation Wave
Check Point Research has reported a surge in attacks on a vulnerability in HPE OneView, driven by the Linux-based RondoDox botnet
Global Agencies Release New Guidance to Secure Industrial Networks
CISA, NCSC and the FBI have released a new security guide to enhance protection for OT environments
Hackers Increasingly Shun Encryption in Favour of Pure Data Theft and Extortion
While ‘traditional’ ransomware attacks remain stable, some gangs are shifting towards exploiting zero-days and supply chains to go straight to stealing data
CodeBuild Flaw Put AWS Console Supply Chain At Risk
A critical AWS CodeBuild misconfiguration has exposed core repositories to potential attack
Cyber Threat Actors Ramp Up Attacks on Industrial Environments
Hacktivists and cybercriminals have intensified their efforts to exploit vulnerabilities in industrial systems, according to a Cyble report
CISO Role Reaches “Inflexion Point” With Executive-Level Titles
IANS Research reveals a growth in executive-level CISO titles, amid resource challenges
