Infosecurity News

  1. UK Vulnerability Monitoring Service Cuts Unresolved Security Flaws by 75%

    The UK government says its new Vulnerability Monitoring Service has cut unresolved security flaws by 75% and reduced cyber-attack fix times from nearly two months to just over a week

  2. ‘Project Compass’ Cracks Down on ‘The Com’: 30 Members of Notorious Cybercrime Gang Arrested

    International law enforcement operation led by Europol targets network of teenagers and young adults involved in ransomware attacks, extortion and other crimes

  3. Aeternum Botnet Shifts Command Control to Polygon Blockchain

    New botnet Aeternum shifted C2 operations to Polygon blockchain, complicating takedown efforts

  4. Darktrace Flags 32 Million Phishing Emails in 2025 as Identity Attacks Intensify

    2025 saw 32M phishing emails, with identity threats surpassing vulnerabilities

  5. Exploitable Vulnerabilities Present in 87% of Organizations

    Datadog report reveals two-fifths of services are affected by exploitable bugs

  6. UK's Data Watchdog Gets a Makeover to Match Growing Demands

    The UK’s Information Commissioner's Office is about to ditch single-leader model for CEO and board in a major shake-up

  7. Google Disrupts ‘Prolific’ and ‘Elusive’ China-Linked Global Hacking Campaign

    UNC2814 hit 53 victims in 42 countries with novel backdoor in decade long cyber espionage operation

  8. Global Cyber Agencies Urge Immediate Patching of Cisco SD-WAN Zero Day

    The US and allies are urging Cisco Catalyst SD-WAN customers to hunt for signs of exploitation

  9. 44% Surge in App Exploits as AI Speeds Up Cyber-Attacks, IBM Finds

    IBM's 2026 X-Force report reveals 44% rise in cyber-attacks on public apps, driven by AI and flaws

  10. Malicious NuGet Package Targets Stripe Developers

    Malicious NuGet package mimicking Stripe's library targeted developers

  11. Former Defense Contractor Boss Gets 7+ Years for Selling Zero Days

    A former general manager of a US defense contractor has been sentenced after selling zero days to Russia

  12. ICO’s £14m Reddit Fine Highlights Age Check Privacy Concerns

    The UK’s ICO has fined Reddit over £14m for failing to use children’s personal information lawfully

  13. Cost of Insider Incidents Surges 20% to Nearly $20m

    DTEX claims insider incidents cost $19.5m in 2025, with employee negligence most expensive

  14. Multifaceted Phishing Scheme Deceives Bitpanda Customers

    Phishing attack mimicking Bitpanda targets users, harvesting credentials and personal information

  15. North Korean Lazarus Group Expands Ransomware Activity With Medusa

    Ransomware Medusa linked to North Korean hackers targets US healthcare amid ongoing attacks

  16. AI Accelerates Attacker Breakout Time to Just Four Minutes

    ReliaQuest claims AI has reduced breakout and exfiltration time to under 10 minutes

  17. Chinese AI Firms Hit Claude with Distillation Attacks, Anthropic Warns

    Anthropic accused DeepSeek, Moonshot and MiniMax of illicitly using Claude to steal some of the AI model’s capabilities

  18. AI-powered Cyber-Attacks Up Significantly in the Last Year, Warns CrowdStrike

    CrowdStrike Global Threat Report warns how adversaries are leveraging AI to make campaigns more efficient and more effective

  19. Shai-Hulud-Like Worm Targets Developers via npm and AI Tools

    Supply chain worm mimicking Shai-Hulud malware spread via malicious npm packages, targeting AI tools has been identified by security researchers

  20. Fraud Investigation Reveals Sophisticated Python Malware

    Sophisticated Python malware uncovered in fraud probe shows obfuscation, disposable infrastructure

Why Not Watch?

  1. Modernizing GRC: From Checkbox to Strategic Advantage

  2. Securing M365 Data and Identity Systems Against Modern Adversaries

  3. How To Enhance Security Operations with AI-Powered Defenses

  4. Why Your Organisation Needs Trusted Time Synchronisation

What’s Hot on Infosecurity Magazine?