Infosecurity News
GlobalLogic Becomes Latest Cl0p Victim After Oracle EBS Attack
GlobalLogic has notified 10,000 employees their data was stolen in the Oracle EBS campaign
Cyber-Insurance Payouts Soar 230% in UK
UK cyber-insurers paid 230% more to policyholders in 2024 than the year before
Microsoft Fixes Windows Kernel Zero Day in November Patch Tuesday
Microsoft has patched a zero-day vulnerability in the Windows Kernel under active exploitation by threat actors
UK Government Finally Introduces Cyber Security and Resilience Bill
The UK government is overhauling cybersecurity laws for the first time since 2018 with the Cyber Security and Resilience Bill
Android Devices Targeted By KONNI APT in Find Hub Exploitation
A new cyber-attack has been observed exploiting Google Find Hub to remotely wipe Android devices, linked to North Korean APTs
Qilin Ransomware Activity Surges as Attacks Target Small Businesses
Qilin group ransomware incidents have surged in SMBs, exploiting security gaps and collaborating with Scattered Spider threat group
Hackers Exploit Critical Flaw in Gladinet's Triofox File Sharing Product
Threat actors were exploiting vulnerable versions of Triofox after a patched version was released, said Google Cloud researchers
CISA Adds Zero-Day Bug Used in Spyware Attacks to KEV
CISA has demanded federal agencies patch a zero-day vulnerability affecting Samsung devices used in LandFall spyware attacks
Quantum Route Redirect Phishing Kit Democratizes Cyber-Attacks
KnowBe4 claims the new Quantum Route Redirect kit is supercharging phishing attacks on Microsoft365 users
65% of Leading AI Companies Found With Verified Secrets Leaks
A new study has revealed 65% of top AI firms have leaked sensitive data on GitHub, risking $400bn in assets
China-Aligned UTA0388 Uses AI Tools in Global Phishing Campaigns
Volexity has linked spear phishing operations to China-aligned UTA0388 in new campaigns using advanced tactics and LLMs
New NCA Campaign Warns Men Off Crypto Investment Scams
The UK’s National Crime Agency is warning men under 45 that crypto dreams can soon become a scam nightmare
NCSC Set to Retire Web Check and Mail Check Tools
The UK’s National Cyber Security Centre has urged users of its Web Check and Mail Check services to find alternatives
Russian Hacking Group Sandworm Deploys New Wiper Malware in Ukraine
Sandworm deployed data wipers against Ukrainian governmental entities and companies in the energy, logistics and grain sectors
“I Paid Twice” Phishing Campaign Targets Booking.com
Experts have uncovered large-scale phishing exploiting Booking.com, Airbnb and Expedia accounts, targeting hotels and customers
Multi-Turn Attacks Expose Weaknesses in Open-Weight LLM Models
A new Cisco report exposed large language models to multi-turn adversarial attacks with 90% success rates
Hacktivist-Driven DDoS Dominates Attacks on Public Sector
ENISA report reveals DDoS accounted for 60% of public sector security incidents last year
AI-Enabled Malware Now Actively Deployed, Says Google
Google warns of “just-in-time AI” malware using LLMs to evade detection and generate malicious code on-demand
Google Forecasts Rise of Cyber-Physical Attacks Targeting Europe in 2026
Europe will likely face a combination of heightened cyber-physical attacks and information operations coming from nation-state groups in 2026
Operation Chargeback Uncovers €300m Fraud Scheme in 193 Countries
Operation “Chargeback” has dismantled global fraud networks misusing stolen card data from more than 4.3 million victims
