Infosecurity News

  1. Time to Exploit Plummets as N-Day Flaws Dominate

    Flashpoint warns of a dramatic drop in the average time between vulnerability disclosure and exploitation

  2. North Korean Hackers Use Deepfake Video Calls to Target Crypto Firms

    Campaign combines stolen Telegram accounts, fake Zoom calls and ClickFix attacks to deploy infostealer malware

  3. US Court Hands Crypto Scammer 20 Years in $73m Case

    A federal court has sentenced crypto-scammer Daren Li to 20 years in absentia

  4. FIRST Forecasts Record-Breaking 50,000+ CVEs in 2026

    This year should break all the records in terms of vulnerability disclosed, reaching or even surpassing 50,000 new CVEs disclosed

  5. Microsoft Fixes Six Zero Day Vulnerability in February Patch Tuesday

    Six actively exploited zero-day bug have been patched by Microsoft

  6. Phorpiex Phishing Delivers Low-Noise Global Group Ransomware

    High-volume phishing campaign delivers Phorpiex malware via malicious Windows Shortcut files

  7. “Digital Parasite” Warning as Attackers Favor Stealth for Extortion

    Picus Security warns of the increasingly sophisticated ways malicious activity is staying hidden

  8. New Mobile Spyware ZeroDayRAT Targets Android and iOS

    ZeroDayRAT is a new mobile spyware targeting Android and iOS, offering attackers persistent access

  9. Singapore Takes Down Chinese Hackers Targeting Telco Networks

    Operation Cyber Guardian was Singapore’s largest and longest running anti-cyber threat law enforcement operation

  10. NCSC Issues Warning Over “Severe” Cyber-Attacks Targeting Critical National Infrastructure

    NCSC call firms to ‘act now’ following disruptive malware attacks targeting Polish energy providers

  11. European Governments Breached in Zero-Day Attacks Targeting Ivanti

    The European Commission and government agencies in Finland and the Netherlands have suffered potentially related breaches

  12. New Zero-Click Flaw in Claude Desktop Extensions, Anthropic Declines Fix

    Security researchers from LayerX identified a new flaw in 50 Claude Desktop Extensions that could lead to unauthorized remote code execution

  13. Two Connecticut Men Charged In Alleged $3m Gambling Fraud Scheme

    Two Connecticut men face federal charges for a $3m scheme targeting online gambling platforms

  14. VoidLink Malware Exhibits Multi-Cloud Capabilities and AI Code

    VoidLink, a Linux-based C2 framework, facilitates credential theft, data exfiltration across clouds

  15. BridgePay Confirms Ransomware Attack, No Card Data Compromised

    The services of Florida-based payments platform BridgePay are offline due to a ransomware attack

  16. Social Media Platforms Earn Billions from Scam Ads

    Revolut claims social media sites make £3.8bn annually from scam ads targeting European users

  17. Researchers Find 40,000+ Exposed OpenClaw Instances

    SecurityScorecard has identified over 40,000 OpenClaw deployments exposed to potential attack

  18. US Agencies Told to Scrap End of Support Edge Devices

    CISA has issued a new directive requiring federal agencies to decommission all end of support edge devices within 12 months to reduce ongoing exploitation risks

  19. Chinese-Made Malware Kit Targets Chinese-Based Routers and Edge Devices

    DKnife is a Chinese made malware framework that targets Chinese-based users

  20. Substack Confirms Data Breach, "Limited User Data" Compromised

    Substack did not specify the number of users affected by the data breach

Why Not Watch?

  1. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  2. Securing M365 Data and Identity Systems Against Modern Adversaries

  3. Modernizing GRC: From Checkbox to Strategic Advantage

  4. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

What’s Hot on Infosecurity Magazine?