Infosecurity News

  1. CISA Issues Advisories on Critical ICS Vulnerabilities Across Multiple Sectors

    The US CISA has issued advisories for Industrial Control Systems vulnerabilities affecting multiple vendors including Johnson Controls, ABB, Hitachi Energy, and Schneider Electric

  2. Russia Linked to New Malware Targeting Email Accounts for Espionage

    Russian military intelligence-linked hackers are using a new malware called “Authentic Antics” to secretly access Microsoft cloud email accounts, the UK's NCSC reports

  3. New “LameHug” Malware Deploys AI-Generated Commands

    Ukraine’s CERT-UA has identified a new AI-powered malware, dubbed “LameHug,” which executes commands on compromised Windows systems in cyber-attacks, targeting the nation’s security and defense sector

  4. AI-Generated Lcryx Ransomware Discovered in Cryptomining Botnet

    A cryptomining botnet active since 2019 has incorporated likely AI-generated Lcryx ransomware into its operations

  5. Retail Becomes New Target as Healthcare Ransomware Attacks Slow

    Comparitech found that healthcare ransomware attacks rose 4% in H1 2025, a significantly lower rate than the cross-sector average of 50%

  6. Malware-as-a-Service Campaign Exploits GitHub to Deliver Payloads

    A new malware campaign uses GitHub to deliver payloads via Amadey botnet, bypassing email distribution

  7. AI Cloaking Tools Enable Harder-to-Detect Cyber-Attacks

    Cybercriminals are using AI cloaking tools to evade detection, disguising phishing and malware sites

  8. One in 12 US/UK Employees Uses Chinese GenAI Tools

    Harmonic Security raises the alarm as one in 12 British and American employees uses Chinese GenAI tools

  9. Microsoft Exposes Scattered Spider’s Latest Tactics

    Microsoft has reported Scattered Spider continues to evolve tactics to compromise both on-premises infrastructure and cloud environments

  10. US Data Breaches Head for Another Record Year After 11% Surge

    There were 1732 publicly reported US data breaches in the first half of 2025, according to the latest ITRC report

  11. Most European Financial Firms Still Lagging on DORA Compliance

    A Veeam survey found that 96% of financial services organizations believe their current levels of data resilience falls short of DORA compliance, citing major challenges

  12. SquidLoader Malware Campaign Targets Hong Kong Financial Sector

    A new malware campaign targeting Hong Kong finance has been identified, featuring SquidLoader to deploy Cobalt Strike Beacon

  13. Pro-Russian Cybercrime Network Demolished in Operation Eastwood

    A Europol coordinated operation has taken down key infrastructure used by pro-Russian hacktivist group NoName057(16), as well as a number of arrests

  14. Over 5.4 Million Affected in Healthcare Data Breach at Episource

    A data breach at Episource has exposed the personal information of 5.4 million individuals after attackers accessed systems for 10 days

  15. Retail Ransomware Attacks Jump 58% Globally in Q2 2025

    BlackFog found that publicly disclosed ransomware attacks on retail grew significantly in Q2 compared to Q1, with UK firms heavily targeted

  16. Cloudflare Blocks Record-Breaking 7.3 Tbps DDoS Attack

    Cloudflare highlighted a huge rise in hyper-volumetric DDoS attacks in Q2 2025, with attackers seeking to overwhelm defenses

  17. Education Sector is Most Exposed to Remote Attacks

    CyCognito research finds that a third of education sector APIs, web apps and cloud assets are exposed to attack

  18. Co-op Aims to Divert More Young Hackers into Cyber Careers

    The Co-op is teaming up with The Hacking Games to inspire pathways into ethical cybersecurity careers

  19. MITRE Launches New Framework to Tackle Crypto Risks

    MITRE has introduced AADAPT framework, a new cybersecurity framework aimed at mitigating risks in digital financial systems like cryptocurrency

  20. Threat Actors Exploit SVG Files in Stealthy JavaScript Redirects

    A new phishing campaign uses SVG files for JavaScript redirects, bypassing traditional detection methods

What’s hot on Infosecurity Magazine?