Infosecurity News

  1. TaskUs Employees Behind Coinbase Breach, US Court Filing Alleges

    An employee of outsourcing firm TaskUs allegedly sold data stolen during the Coinbase data breach to hackers for $200 per record before her arrest in January 2025

  2. Microsoft Disrupts RaccoonO365 Phishing Kit, Seizes 338 Malicious Sites

    Microsoft revealed it has seized 338 websites associated with RaccoonO365, a phishing kit which has stolen at least 5000 Microsoft credentials worldwide

  3. A Quarter of UK and US Firms Suffer Data Poisoning Attacks

    New IO research reveals a surge in AI attacks attempting to corrupt underlying training data

  4. Shai-Hulud Worm Prowls npm to Steal Hundreds of Secrets

    A secret-stealing worm is spreading fast across the npm ecosystem, experts have warned

  5. Fifteen Ransomware Gangs “Retire,” Future Unclear

    Fifteen ransomware groups have claimed shutdown on BreachForums; experts warn of rebrands and copycats

  6. Gucci and Alexander McQueen Hit by Customer Data Breach

    The attack, which is linked to ShinyHunters, has reportedly compromised data relating to 7.4 million unique email addresses

  7. Chinese AI Villager Pen Testing Tool Hits 11,000 PyPI Downloads

    AI-native Villager, which automates Kali and DeepSeek penetration tests, has reached 11,000 PyPI downloads fueling dual-use threat

  8. UK: Tax Refund-Themed Phishing Slows in 2025

    Reports of email phishing attempts impersonating the UK’s HM Revenue & Customs plummeted in the first half of 2025

  9. JLR Extends Production Halt After Cyber-Attack

    Jaguar Land Rover (JLR) has confirmed that its pause in production will last until at least Wednesday, September 24

  10. API Threats Surge to 40,000 Incidents in 1H 2025

    Thales claims there were over 40,000 API incidents in the first half of 2025

  11. FinWise Bank Warns of Insider Data Breach

    An insider data breach at FinWise may have impacted 689,000 customers

  12. HybridPetya Mimics NotPetya, Adds UEFI Compromise

    HybridPetya ransomware mimics Petya/NotPetya, with an added UEFI bootkit and Secure Boot bypass

  13. SEO Poisoning Targets Chinese Users with Fake Software Sites

    SEO poisoning attack has been observed targeting Chinese Windows users via lookalike domains, installing Hiddengh0st and Winos

  14. AI-Forged Military IDs Used in North Korean Phishing Attack

    Genians observed the Kimsuky group impersonate a defense institution in a spear-phishing attack, leveraging ChatGPT to create fake military ID cards

  15. CISA at Risk After OIG Accuses it of Wasting Federal Funds

    US Department of Homeland Security OIG claims CISA mismanaged a key cyber retention incentive program

  16. Phishing Campaigns Drop RMM Tools for Remote Access

    Threat actors are using multiple lures to trick users into installing RMM tools

  17. Attackers Adopt Novel LOTL Techniques to Evade Detection

    HP Wolf has reported the use of multiple, uncommon binaries and novel uses of legitimate image files in recent malicious campaigns

  18. France Warns Apple Users of New Spyware Campaign

    Apple has sent at least four notifications in 2025, according to the French national cybersecurity agency

  19. ICO Warns of Student-Led Data Breaches in UK Schools

    ICO warned that growing hacks by children into school computer systems is setting them up for “a life of cybercrime”

  20. CISA Launches Roadmap for the CVE Program

    The US cybersecurity agency called for the CVE program to remain publicly maintained and vendor-neutral while emphasizing the need for broader engagement

Why not watch?

  1. Strategic AI in Cyber Defense: How to Stay Ahead Without Increasing Risk

  2. Modernise Application Delivery for the New Era

  3. Discover the Best Strategies to Scale & Optimize AI Applications

  4. The Invisible Frontline: Proactive Approaches to Browser Defense

What’s hot on Infosecurity Magazine?