Infosecurity News

  1. French Telco Orange Hit by Cyber-Attack

    Some of Orange’s professional and consumer services may be disrupted for a few days because of the cyber incident

  2. Critical Authentication Flaw Identified in Base44 Vibe Coding Platform

    Flaw in Base44 allowed unauthorized access to private apps, bypassing authentication systems

  3. Auto-Color Backdoor Malware Exploits SAP Vulnerability

    Backdoor malware Auto-Color targets Linux systems, exploiting SAP NetWeaver flaw CVE-2025-31324

  4. CISA Warns of Exploited Critical Vulnerabilities in Cisco Identity Services Engine

    Hackers are actively exploiting two critical flaws in Cisco Identity Services Engine, said the US Cybersecurity and Infrastructure Security Agency

  5. FBI Seizes $2.4m in Crypto from Chaos Ransomware Gang

    The federal government has applied for forfeiture of the funds, which were seized by FBI Dallas in April 2025

  6. Charity Fined After Destroying “Irreplaceable” Records

    A Scottish charity has been fined £18,000 for systematic data protection failings

  7. Pro-Ukraine Hacktivists Ground Dozens of Aeroflot Flights

    Two pro-Ukraine hacktivists have claimed responsibility for a destructive attack on Aeroflot

  8. Critical Flaws in WordPress Plugin Leave 10,000 Sites Vulnerable

    10,000 WordPress sites vulnerable to takeover due to critical flaws in HT Contact Form Widget plugin

  9. New Scattered Spider Tactics Target VMware vSphere Environments

    Scattered Spider has targeted VMware vSphere environments, exploiting retail, airline and insurance sectors

  10. Third-Party Breach Impacts Majority of Allianz Life US Customers

    Insurance firm Allianz Life said that a threat actor accessed personally identifiable information of the majority of its 1.4 million US customers

  11. Naval Group Denies Hack Claims, Alleges "Reputational Attack"

    Despite claims by a hacker, French defense company Naval Group has detected no intrusions into its IT environments at the time of writing

  12. US Woman Gets Eight Years for Part in $17m North Korean Scheme

    Arizonan woman sentenced to 102 months for operating laptop farm for North Korean IT workers

  13. Dating App Breach Exposes Images of 13,000 Women

    Dating app Tea has been compromised by a hacker, resulting in the exposure of 13,000 selfies

  14. BlackSuit Ransomware Group’s Dark Web Sites Seized in Operation Checkmate

    The US and partners from nine countries have taken down part of the ransomware group’s infrastructure

  15. Prolonged Chinese Cyber Espionage Campaign Targets VMware Appliances

    Sygnia observed Chinese cyber campaign dubbed Fire Ant deploying sophisticated techniques to gain full compromise of victim environments, discovering isolated assets

  16. New Chaos Ransomware Emerges, Launches Wave of Attacks

    Cisco Talos warned that the Chaos group, thought to be formed of former BlackSuit members, has launched a wave of attacks targeted a variety of sectors

  17. Malware Campaign Masquerades as Dating Apps to Steal Data

    A large-scale malware campaign known as SarangTrap has been observed using fake dating apps to steal personal data, targeting South Korean users

  18. FBI Exposes The Com’s Criminal Activities and Involvement of Minors

    The US FBI has issued public announcements warning families of The Com, an online criminal network involving minors in various illicit activities

  19. Ransomware Deployed in Compromised SharePoint Servers

    Microsoft said Chinese actor Storm-2603 is deploying Warlock ransomware following the exploitation of vulnerabilities in on-prem SharePoint systems

  20. UK and Romania Crack Down on ATM Fraudster Network

    Investigators assessed that the criminal group’s stolen funds amount to €580,000

What’s hot on Infosecurity Magazine?