Infosecurity News

  1. New Rootkit Campaign Exploits Cisco SNMP Flaw to Gain Persistence

    Trend Micro have reported a campaign exploiting a flaw in Cisco SNMP to install Linux rootkits on devices

  2. AI Attacks Surge as Microsoft Process 100 Trillion Signals Daily

    Microsoft systems analyze over 100 trillion daily signals, suggesting dramatically increasing AI-driven cyber-threats

  3. LastPass Warns Customers It Has Not Been Hacked Amid Phishing Email Scam

    LastPass warns customers it has not been breached, after phishing emails falsely claim a hack and urge users to update their desktop app

  4. Over 23 Million Victims Hit by Data Breaches in Q3

    Data from the Identity Theft Resource Center reveals 23 million individuals victimized by breaches in Q3 2025

  5. F5 Reveals Nation State Breach and Urges Immediate Patching

    F5 has admitted a nation state actor has stolen source code and information on undisclosed vulnerabilities

  6. Flaw in Slider Revolution Plugin Exposed 4m WordPress Sites

    A flaw in the Slider Revolution plugin has exposed millions of WordPress sites to unauthorized file access

  7. Whisper 2FA Behind One Million Phishing Attempts Since July

    Whisper 2FA is now one of the most active PhaaS tools alongside Tycoon and EvilProxy, responsible for one million attacks since July 2025

  8. Last Windows 10 Patch Tuesday Features Six Zero-Days

    Microsoft has fixed over 170 CVEs in October’s Patch Tuesday, including six zero-day vulnerabilities

  9. Capita Fined £14m After 2023 Breach that Hit 6.6 Million People

    Outsourcing giant Capita has been fined £14m by the ICO after a major data breach in 2023

  10. UK, US Sanction Southeast Asia-Based Online Scam Network

    Investigations found that the network operates scam centers in Cambodia, Myanmar and across Southeast Asia

  11. Legacy Windows Protocols Still Expose Networks to Credential Theft

    Legacy Windows protocols are still exposing organizations to credential theft, Resecurity found

  12. Hacker Group TA585 Emerges With Advanced Attack Infrastructure

    A newly identified cybercrime group TA585 is running an advanced cyber operation distributing MonsterV2 malware

  13. Senior Execs Falling Short on Cyber-Attack Preparedness, NCSC Warns

    In a joint warning letter, UK ministers urged FTSE 350 CEOs to bolster cyber defenses

  14. Chinese Hackers Use Trusted ArcGIS App For Year-Long Persistence

    ReliaQuest report reveals Flax Typhoon attackers maintained year-long access to an ArcGIS system

  15. UK Firms Lose Average of £2.9m to AI Risk

    A new EY report claims unmanaged AI risk is causing millions of pounds’ worth of losses for UK organizations

  16. UK: NCSC Reports 130% Spike in "Nationally Significant" Cyber Incidents

    The UK cybersecurity agency reported 204 cyber incidents of “national significance” between September 2024 and August 2025 – an all-time high

  17. Hackers Target ScreenConnect Features For Network Intrusions

    A rise in attacks exploiting RMM tools like ScreenConnect enables system control via phishing tactics

  18. Spain Arrests Alleged Leader of GXC Team Cybercrime Network

    Spanish authorities have arrested a 25-year-old Brazilian accused of leading the GXC Team and selling malware and AI tools to cybercriminals

  19. New Stealit Malware Campaign Spreads via VPN and Game Installer Apps

    A new campaign distributing the Stealit infostealer employs previously unknown malware delivery techniques and infrastructure

  20. Apple Bug Bounty Payouts Can Now Top $5m

    Apple has doubled its top bug bounty reward to $2m but with bonuses it could reach $5m

Why Not Watch?

  1. Mastering Identity and Access for Non-Human Cloud Entities

  2. Mastering AI Security With ISACA’s New AAISM Certification

  3. From Chaos to Confidence: Establishing Trust in Every Cloud Interaction

  4. OT Security Ecosystem for Targeted Risk Reduction and Reporting

What’s Hot on Infosecurity Magazine?