Infosecurity News

  1. Mandatory Ransomware Payment Disclosure Begins in Australia

    Australian firms with an annual turnover of AUS $3m are now required to report any payments to ransomware groups to authorities

  2. US Banks Urge SEC to Repeal Cyber Disclosure Rule

    Five major banking associations in the US claim the new SEC cyber incident disclosure rule puts a strain on their resources

  3. FBI Flags Philippines Tech Company Behind Crypto Scam Infrastructure

    The FBI provided details of Funnull’s malicious activities, selling infrastructure to criminal groups to facilitate cryptocurrency fraud in the US

  4. UK MoD Launches New Cyber Warfare Command

    The UK MoD has unveiled a new Cyber and Electromagnetic Command, which will focus on offensive cyber operations and “electromagnetic warfare” capabilities

  5. CISA Urged to Enrich KEV Catalog with More Contextual Data

    Security teams should use vulnerability context alongside KEV lists to prioritize patching, OX argued

  6. ConnectWise Confirms Hack, “Very Small Number” of Customers Affected

    The firm’s remote monitoring management tool, ScreenConnect, has reportedly been patched

  7. New Browser Exploit Technique Undermines Phishing Detection

    Fullscreen Browser-in-the-Middle attacks are making it harder for users to detect malicious websites

  8. Malware Analysis Reveals Sophisticated RAT With Corrupted Headers

    Fortinet has identified a new Windows RAT operating stealthily on compromised systems with advanced evasion techniques

  9. Thousands of ASUS Routers Hijacked in Stealthy Backdoor Campaign

    A threat actor has used ASUS routers’ legitimate features to create persistent backdoors that survive firmware updates and reboots

  10. Cybersecurity Teams Generate Average of $36M in Business Growth

    A new EY report found that cybersecurity teams are a major vehicle for business growth, and CISOs should push for a seat at the top table

  11. #Infosec2025: Over 90% of Top Email Domains Vulnerable to Spoofing Attacks

    EasyDMARC found that just 7.7% of the world’s top 1.8 million email domains have implemented the most stringent DMARC policy

  12. Ivanti Vulnerability Exploit Could Expose UK NHS Data

    Two NHS England trusts could see highly sensitive patient records exposed

  13. Fake Bitdefender Site Spreads Trio of Malware Tools

    A spoofed Bitdefender site has been used in a malicious campaign distributing VenomRAT and other malware, according to DomainTools

  14. Czech Republic Accuses China of Government Hack

    This is the first time Czech authorities have officially called out a nation-state over a cyber-attack

  15. Microsoft OneDrive Flaw Exposes Users to Data Overreach Risks

    A flaw in OneDrive File Picker has exposed millions to data overreach through excessive OAuth permissions

  16. Adidas Customer Data Stolen in Third-Party Attack

    Adidas revealed that customer contact information, including names, emails and phone numbers were accessed by an unauthorized party

  17. Vietnam-Nexus Hackers Distribute Malware Via Fake AI Video Generator Websites

    A Vietnam-nexus hacking group distributes infostealers and backdoors via social media ads promoting fake AI generator websites

  18. New Russian State Hacking Group Hits Europe and North America

    A newly-discovered Russian group, Void Blizzard, has successfully compromised organizations in critical industries, Microsoft warned

  19. DragonForce Ransomware Leveraged in MSP Attack Using RMM Tool

    A targeted cyber-attack on an MSP exploited flaws in remote management tools, resulting in ransomware deployment and data theft

  20. Malicious Machine Learning Model Attack Discovered on PyPI

    A novel attack exploited machine learning models on PyPI, using zipped Pickle files to deliver infostealer malware

What’s hot on Infosecurity Magazine?