Infosecurity News
Linkedin Phishing Campaign Exploits Open-Source Pen Testing Tool to Compromise Business Execs
Cybersecurity Researchers at ReliaQuest warn of an ongoing campaign delivered to “high-value individuals” via LinkedIn messages
AI Supercharges Attacks in Cybercrime's New 'Fifth Wave'
Weaponized AI is fueling a new wave of cybercrime, said Group-IB in its latest report
Scam Marketplace Tudou Guarantee Shutters Telegram Ops
A notorious marketplace for fraud, Tudou Guarantee, appears to have closed its public Telegram groups
Researchers Uncover PDFSIDER Malware Built for Long-Term, Covert System Access
New malware PDFSIDER enables covert, long-term access to compromised systems via advanced techniques
Russian Hacktivists Intensify Disruptive Cyber Pressure on UK Orgs
UK NCSC warned of disruptive cyber attacks by Russian hacktivists targeting critical infrastructure
Malicious Google Chrome Extensions Hijack Workday and Netsuite
Users of widely used HR and ERP platforms targeted with malicious extensions which were available in the Chrome Web Store
Suspects Linked to Black Basta Ransomware Group Raided in Ukraine
Oleg Evgenievich Nefedov, allegedly one of the founders of Black Basta, was also placed on Europol’s and Interpol’s Most Wanted lists
Cyber Breaches, Compliance and Reputation Top UK Corporate Concerns
UK firms face confluence of cyber-related risks in 2026, says Nardello & Co
Researchers Exploit Bug in StealC Infostealer to Collect Evidence
CyberArk says it exploited a vulnerability in the StealC infostealer to gather intelligence
TamperedChef Malvertising Campaign Drops Malware via Fake PDF Manuals
TamperedChef creates backdoors and steals user credentials – particularly in organizations reliant on technical equipment
Account Compromise Surged 389% in 2025, Says eSentire
An eSentire report showed credential theft accounted for 74% of all observed cyber threats in 2025
RondoDox Botnet Targets HPE OneView Vulnerability in Exploitation Wave
Check Point Research has reported a surge in attacks on a vulnerability in HPE OneView, driven by the Linux-based RondoDox botnet
Global Agencies Release New Guidance to Secure Industrial Networks
CISA, NCSC and the FBI have released a new security guide to enhance protection for OT environments
Hackers Increasingly Shun Encryption in Favour of Pure Data Theft and Extortion
While ‘traditional’ ransomware attacks remain stable, some gangs are shifting towards exploiting zero-days and supply chains to go straight to stealing data
CodeBuild Flaw Put AWS Console Supply Chain At Risk
A critical AWS CodeBuild misconfiguration has exposed core repositories to potential attack
Cyber Threat Actors Ramp Up Attacks on Industrial Environments
Hacktivists and cybercriminals have intensified their efforts to exploit vulnerabilities in industrial systems, according to a Cyble report
CISO Role Reaches “Inflexion Point” With Executive-Level Titles
IANS Research reveals a growth in executive-level CISO titles, amid resource challenges
Data Privacy Teams Face Staffing Shortages and Budget Constraints, ISACA Warns
ISACA’s State of Privacy 2026 report reveals that data privacy teams remain understaffed and underfunded, despite growing regulatory demands and rising technical privacy challenges
ICE Agent Doxxing Site DDoS-ed Via Russian Servers
DDoS-ers are striking a website linked to a data breach at the Department of Homeland Security
Criminal Subscription Service Behind AI-Powered Cyber-Attacks Taken Out By Microsoft
RedVDS cyber-crime-as-a-service platform powering phishing, BEC attacks and other fraud has cost victims millions
