Infosecurity News

  1. Chinese AI Villager Pen Testing Tool Hits 11,000 PyPI Downloads

    AI-native Villager, which automates Kali and DeepSeek penetration tests, has reached 11,000 PyPI downloads fueling dual-use threat

  2. UK: Tax Refund-Themed Phishing Slows in 2025

    Reports of email phishing attempts impersonating the UK’s HM Revenue & Customs plummeted in the first half of 2025

  3. JLR Extends Production Halt After Cyber-Attack

    Jaguar Land Rover (JLR) has confirmed that its pause in production will last until at least Wednesday, September 24

  4. API Threats Surge to 40,000 Incidents in 1H 2025

    Thales claims there were over 40,000 API incidents in the first half of 2025

  5. FinWise Bank Warns of Insider Data Breach

    An insider data breach at FinWise may have impacted 689,000 customers

  6. HybridPetya Mimics NotPetya, Adds UEFI Compromise

    HybridPetya ransomware mimics Petya/NotPetya, with an added UEFI bootkit and Secure Boot bypass

  7. SEO Poisoning Targets Chinese Users with Fake Software Sites

    SEO poisoning attack has been observed targeting Chinese Windows users via lookalike domains, installing Hiddengh0st and Winos

  8. AI-Forged Military IDs Used in North Korean Phishing Attack

    Genians observed the Kimsuky group impersonate a defense institution in a spear-phishing attack, leveraging ChatGPT to create fake military ID cards

  9. CISA at Risk After OIG Accuses it of Wasting Federal Funds

    US Department of Homeland Security OIG claims CISA mismanaged a key cyber retention incentive program

  10. Phishing Campaigns Drop RMM Tools for Remote Access

    Threat actors are using multiple lures to trick users into installing RMM tools

  11. Attackers Adopt Novel LOTL Techniques to Evade Detection

    HP Wolf has reported the use of multiple, uncommon binaries and novel uses of legitimate image files in recent malicious campaigns

  12. France Warns Apple Users of New Spyware Campaign

    Apple has sent at least four notifications in 2025, according to the French national cybersecurity agency

  13. ICO Warns of Student-Led Data Breaches in UK Schools

    ICO warned that growing hacks by children into school computer systems is setting them up for “a life of cybercrime”

  14. CISA Launches Roadmap for the CVE Program

    The US cybersecurity agency called for the CVE program to remain publicly maintained and vendor-neutral while emphasizing the need for broader engagement

  15. Fileless Malware Deploys Advanced RAT via Legitimate Tools

    A sophisticated fileless malware campaign has been observed using legitimate tools to deliver AsyncRAT executed in memory

  16. Wyden Urges FTC Investigation Over Ascension Ransomware Hack

    Senator Ron Wyden of Oregon has urged the FTC to investigate Microsoft for cybersecurity lapses linked to ransomware attacks on US critical infrastructure

  17. Chinese APT Actor Compromises Military Firm with Novel Fileless Malware Toolset

    Bitdefender said the sophisticated multi-stage operation allowed attackers to maintain persistent access and steal sensitive data from a Philippines military company

  18. France: Three Regional Healthcare Agencies Targeted by Cyber-Attacks

    Compromised data includes personal data such as patients’ full names, ages, phone numbers and email addresses

  19. Ukrainian Ransomware Fugitive Added to Europe’s Most Wanted

    US offers $11m as LockerGoga ransomware suspect becomes one of Europe’s most wanted men

  20. LNER Reveals Supply Chain Attack Compromised Customer Information

    Government-run train operator LNER has revealed details of a supplier data breach

Why not watch?

  1. Mastering Emerging Regulations: DORA, NIS2 and AI Act Compliance

  2. OT Security Ecosystem for Targeted Risk Reduction and Reporting

  3. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

  4. Strategic AI in Cyber Defense: How to Stay Ahead Without Increasing Risk

What’s hot on Infosecurity Magazine?