Infosecurity News

  1. Cyber Readiness Stalls Despite Confidence in Incident Response

    New Immersive report finds cyber resilience and decision making are flatlining

  2. US: Five Plead Guilty in North Korean IT Worker Fraud Scheme

    The five defendants allegedly assisted North Korean hackers with obtaining remote IT employment with US companies

  3. Cyber-Attack Costs Carmaker JLR $258m in Q2

    Carmaker JLR has posted $639m Q2 losses and a one-off $258m hit after a major ransomware attack

  4. Chinese Hackers Automate Cyber-Attacks With AI-Powered Claude Code

    Anthropic’s Claude Code AI assistant performed 80% to 90% of the tasks involved in a recent cyber-attack campaign, said Anthropic researchers

  5. Akira Ransomware Haul Surpasses $244M in Illicit Proceeds

    Akira ransomware has extorted $244M since September 2025, with some attacks exfiltrating data in just two hours, a joint cybersecurity advisory warns

  6. Google Files Lawsuit to Dismantle 'Lighthouse' Smishing Kit

    Google filed a civil lawsuit against 25 individuals accused of ties to a Chinese cyber collective known as the ‘Smishing Triad’

  7. “IndonesianFoods” npm Worm Publishes 44,000 Malicious Packages

    A new npm worm dubbed “IndonesianFoods” has doubled the number of known malicious packages

  8. CISO Pay Increases 7% As Budget Growth Slows

    An IANS study finds CISO compensation rose 6.7% on average in 2025 while budget growth halved compared to 2024

  9. Operation Endgame 3.0 Dismantles Three Major Malware Networks

    A global law enforcement operation has taken down the Rhadamanthys infostealer, VenomRAT trojan and the Elysium botnet

  10. Improve Collaboration to Hit Back At Rising Fraud, Says techUK

    Industry body techUK calls for real-time intelligence sharing across sectors to combat fraud

  11. Synnovis Finally Issues Breach Notification After 2024 Ransomware Attack

    NHS provider Synnovis is notifying clients about the extent of a data breach 17 months after it suffered a ransomware attack

  12. GlobalLogic Becomes Latest Cl0p Victim After Oracle EBS Attack

    GlobalLogic has notified 10,000 employees their data was stolen in the Oracle EBS campaign

  13. Cyber-Insurance Payouts Soar 230% in UK

    UK cyber-insurers paid 230% more to policyholders in 2024 than the year before

  14. Microsoft Fixes Windows Kernel Zero Day in November Patch Tuesday

    Microsoft has patched a zero-day vulnerability in the Windows Kernel under active exploitation by threat actors

  15. UK Government Finally Introduces Cyber Security and Resilience Bill

    The UK government is overhauling cybersecurity laws for the first time since 2018 with the Cyber Security and Resilience Bill

  16. Android Devices Targeted By KONNI APT in Find Hub Exploitation

    A new cyber-attack has been observed exploiting Google Find Hub to remotely wipe Android devices, linked to North Korean APTs

  17. Qilin Ransomware Activity Surges as Attacks Target Small Businesses

    Qilin group ransomware incidents have surged in SMBs, exploiting security gaps and collaborating with Scattered Spider threat group

  18. Hackers Exploit Critical Flaw in Gladinet's Triofox File Sharing Product

    Threat actors were exploiting vulnerable versions of Triofox after a patched version was released, said Google Cloud researchers

  19. CISA Adds Zero-Day Bug Used in Spyware Attacks to KEV

    CISA has demanded federal agencies patch a zero-day vulnerability affecting Samsung devices used in LandFall spyware attacks

  20. Quantum Route Redirect Phishing Kit Democratizes Cyber-Attacks

    KnowBe4 claims the new Quantum Route Redirect kit is supercharging phishing attacks on Microsoft365 users

Why Not Watch?

  1. Modernizing GRC: From Checkbox to Strategic Advantage

  2. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

  3. OT Security Ecosystem for Targeted Risk Reduction and Reporting

  4. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

What’s Hot on Infosecurity Magazine?