Infosecurity News

  1. Researchers Find 40,000+ Exposed OpenClaw Instances

    SecurityScorecard has identified over 40,000 OpenClaw deployments exposed to potential attack

  2. US Agencies Told to Scrap End of Support Edge Devices

    CISA has issued a new directive requiring federal agencies to decommission all end of support edge devices within 12 months to reduce ongoing exploitation risks

  3. Chinese-Made Malware Kit Targets Chinese-Based Routers and Edge Devices

    DKnife is a Chinese made malware framework that targets Chinese-based users

  4. Substack Confirms Data Breach, "Limited User Data" Compromised

    Substack did not specify the number of users affected by the data breach

  5. New Cyber Startup Programme to Debut at Infosecurity Europe 2026

    Infosecurity Europe 2026 will debut a new Cyber Startup Programme, featuring a dedicated show-floor zone for early-stage cybersecurity companies to showcase innovations, connect with investors and highlight emerging technologies

  6. Malicious Commands in GitHub Codespaces Enable RCE

    Flaws in GitHub Codespaces allow RCE via crafted repositories or pull requests

  7. Smartphones Now Involved in Nearly Every Police Investigation

    Cellebrite data confirms digital evidence is now central to almost all cases

  8. New Hacking Campaign Exploits Microsoft Windows WinRAR Vulnerability

    Researchers at Check Point link ‘Amarath-Dragon’ attacks to prolific Chinese cyber-espionage operation

  9. AI-Enabled Voice and Virtual Meeting Fraud Surges 1000%+

    Pindrop warns of 1210% increase in AI-powered fraud last year

  10. Global SystemBC Botnet Found Active Across 10,000 Infected Systems

    SystemBC malware linked to 10,000 infected IPs, posing risks to sensitive government infrastructure

  11. New Technical Markers Reveal Expanding ShadowSyndicate Cybercriminal Infrastructure

    ShadowSyndicate cluster expands with new SSH fingerprints connecting servers to other ransomware ops

  12. AI Drives Doubling of Phishing Attacks in a Year

    Cofense claims AI is making phishing emails more personalized and sophisticated

  13. Two Critical Flaws in n8n AI Workflow Automation Platform Allow Complete Takeover

    Pillar Security discovered two new critical vulnerabilities in n8n that could lead to supply chain compromise, credential harvesting and complete takeover attacks

  14. SolarWinds Web Help Desk Vulnerability Actively Exploited

    CISA has added a critical CVE in SolarWinds Web Help Desk to its KEV Catalog

  15. Hundreds of Malicious Crypto Trading Add-Ons Found in Moltbot/OpenClaw

    A security researcher found 386 malicious ‘skills’ published on ClawHub, a skill repository for the popular OpenClaw AI assistant project

  16. SQL Injection Flaw Affects 40,000 WordPress Sites

    40,000 WordPress sites are vulnerable to SQL injection in Quiz and Survey Master plugin

  17. DockerDash Exposes AI Supply Chain Weakness In Docker's Ask Gordon

    DockerDash vulnerability allows RCE and data exfiltration via unverified metadata in Ask Gordon

  18. UK ICO Launches Investigation into X Over AI Generated Non-Consensual Sexual Imagery

    UK Data Protection Watchdog has “serious concerns” over data privacy on Elon Musk’s social platform

  19. Researchers Warn of New “Vect” RaaS Variant

    A new ransomware-as-a-service operation dubbed “Vect” features custom malware

  20. Cybercrime Unit of Paris Prosecutors Raid Elon Musk’s X Offices in France

    Elon Musk and X’s former CEO were summoned for voluntary interviews in Paris on April 20, 2026

Why Not Watch?

  1. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

  2. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  3. How To Enhance Security Operations with AI-Powered Defenses

  4. Mastering AI Security With ISACA’s New AAISM Certification

What’s Hot on Infosecurity Magazine?