Infosecurity News
Malicious Google Chrome Extensions Hijack Workday and Netsuite
Users of widely used HR and ERP platforms targeted with malicious extensions which were available in the Chrome Web Store
Suspects Linked to Black Basta Ransomware Group Raided in Ukraine
Oleg Evgenievich Nefedov, allegedly one of the founders of Black Basta, was also placed on Europol’s and Interpol’s Most Wanted lists
Cyber Breaches, Compliance and Reputation Top UK Corporate Concerns
UK firms face confluence of cyber-related risks in 2026, says Nardello & Co
Researchers Exploit Bug in StealC Infostealer to Collect Evidence
CyberArk says it exploited a vulnerability in the StealC infostealer to gather intelligence
TamperedChef Malvertising Campaign Drops Malware via Fake PDF Manuals
TamperedChef creates backdoors and steals user credentials – particularly in organizations reliant on technical equipment
Account Compromise Surged 389% in 2025, Says eSentire
An eSentire report showed credential theft accounted for 74% of all observed cyber threats in 2025
RondoDox Botnet Targets HPE OneView Vulnerability in Exploitation Wave
Check Point Research has reported a surge in attacks on a vulnerability in HPE OneView, driven by the Linux-based RondoDox botnet
Global Agencies Release New Guidance to Secure Industrial Networks
CISA, NCSC and the FBI have released a new security guide to enhance protection for OT environments
Hackers Increasingly Shun Encryption in Favour of Pure Data Theft and Extortion
While ‘traditional’ ransomware attacks remain stable, some gangs are shifting towards exploiting zero-days and supply chains to go straight to stealing data
CodeBuild Flaw Put AWS Console Supply Chain At Risk
A critical AWS CodeBuild misconfiguration has exposed core repositories to potential attack
Cyber Threat Actors Ramp Up Attacks on Industrial Environments
Hacktivists and cybercriminals have intensified their efforts to exploit vulnerabilities in industrial systems, according to a Cyble report
CISO Role Reaches “Inflexion Point” With Executive-Level Titles
IANS Research reveals a growth in executive-level CISO titles, amid resource challenges
Data Privacy Teams Face Staffing Shortages and Budget Constraints, ISACA Warns
ISACA’s State of Privacy 2026 report reveals that data privacy teams remain understaffed and underfunded, despite growing regulatory demands and rising technical privacy challenges
ICE Agent Doxxing Site DDoS-ed Via Russian Servers
DDoS-ers are striking a website linked to a data breach at the Department of Homeland Security
Criminal Subscription Service Behind AI-Powered Cyber-Attacks Taken Out By Microsoft
RedVDS cyber-crime-as-a-service platform powering phishing, BEC attacks and other fraud has cost victims millions
Hackers Use Fake PayPal Notices to Steal Credentials, Deploy RMMs
Phishing attacks have been identified using fake PayPal alerts to exploit remote monitoring and management tools
DeadLock Ransomware Uses Polygon Smart Contracts For Proxy Rotation
A new DeadLock ransomware operation uses Polygon blockchain smart contracts to manage proxy server addresses
G7 Sets 2034 Deadline for Finance to Adopt Quantum-Safe Systems
The financial sector should finalize its post-quantum cryptography transition circa 2034, G7 cyber experts said
Microsoft Fixes Three Zero-Days on Busy Patch Tuesday
Microsoft has patched three zero-day vulnerabilities in the first patch Tuesday of 2026, including one under active exploitation
Impersonation Fraud Drives Record $17bn in Crypto Losses
Chainalysis estimates $17bn will be lost to crypto scams in 2025 as AI takes hold
