Infosecurity News

  1. Indirect Prompt Injection in Web Content Targets AI Agents

    Zscaler found sites hiding prompt-injection text to manipulate AI agents into crypto payments

  2. Opera GX Flaw Let Sites Auto-Install Mods to Steal Data

    Opera GX flaw let sites automatically install mods to steal data from other pages, now patched

  3. NCA Issues Warning to Parents As Shared Child Photos Exploited by AI Tools

    IWF and NCA warn that growing numbers of images and videos are being manipulated into sexual abuse material

  4. Researchers Claim First Fully Agentic Ransomware: JadePuffer

    Researchers have revealed JadePuffer, the first agentic AI-powered ransomware campaign, highlighting how autonomous agents can automate cyber-attacks

  5. Qilin Dominates Ransomware Market Amid Growing Cybercrime Consolidation

    The ransomware landscape is reconsolidating around major players, with Qilin emerging as the leading RaaS operation, researchers say

  6. Warning Over “Industrialized” Cyber-Attacks After Ransomware Gang Partners With TeamPCP

    Researchers warn that collaboration could lead to “unprecedented” ransomware attacks, as FBI also issues warning

  7. FBI, Google Take Down NetNut Proxy Network Used by Cyber Threat Actors

    The NetNut proxy network and the ‘Popa’ botnet are known to have infected devices with variants of Mirai DDoS botnets

  8. Researcher Behind 'Exploitarium' Explains Release of Undisclosed Zero-Day Exploits

    Infosecurity spoke with the researcher who dumped over 30 proof-of-concept exploits without disclosing the vulnerabilities first

  9. Cybercriminals Pose as Interpol in Phishing Emails to Infect Victims With Ransomware

    Bitdefender researchers warned of curious ransomware campaign which has targeted businesses around the world

  10. NCSC Shares Tips on How to Make a Pen Tester’s Job Harder

    The NCSC has shared best practice advice from pen testers which could help improve system resilience

  11. Alleged Scattered Spider Member Extradited to US

    A teenager accused of hacking as part of Scattered Spider has been arrested

  12. Fileless Malware Abuses Google Blogspot to Deploy Infostealer in Memory

    Securonix said the Veil#Drop campaign abuses Google Blogspot to deliver PureLog Stealer in memory

  13. Brazilian Banking Trojan Ousaban Targets Spain and Portugal

    FortiGuard says the Brazilian banking trojan Ousaban is targeting Spain and Portugal via phishing

  14. Anthropic's Fable 5 and Mythos 5 Are Back with New Security Guardrails

    The new classifier in Fable 5 blocks the jailbreak technique that prompted the US export controls “in over 99% of cases”

  15. Microsoft Accelerates Quantum-Safe Push with New Timeline

    Microsoft has brought forward its timelines for transitioning to post-quantum cryptography (PQC)

  16. Insurance Giant Aflac Discloses Data Breach Impacting Millions

    Aflac Japan has notified regulators that policy details and personal and banking information have been compromised

  17. Nissan Discloses Employee Data Breach Linked to Oracle Zero-Day

    Nissan says employees' data was stolen via the Oracle PeopleSoft zero-day campaign

  18. Critical SimpleHelp Vulnerability Exploited For Malware Delivery

    Attackers exploited a critical SimpleHelp RMM bug to deploy TaskWeaver and Djinn Stealer malware

  19. ClickFix Now Cybercriminals' Favorite Malware Delivery Technique

    ReliaQuest report warns of a surge in ClickFix social engineering attacks against Windows and macOS users

  20. Hackers Leverage Blockchain to Hit Japan's Hotels Through Booking.com Phishing

    A wave of phishing emails sent to Booking.com partner accommodations in Japan in May led to blockchain-hosted malware

What’s Hot on Infosecurity Magazine?