Infosecurity News
SIM Swapping Fraud Surges in the Middle East
SIM swapping fraud surges in the Middle East as cybercriminals exploit websites mimicking legitimate services to steal personal data
Surge in Malicious Software Packages Exploits System Flaws
A new report by Fortinet reveals techniques used by attackers to evade detection and compromise systems
UK AI Research Under Threat From Nation-State Hackers
The Alan Turing institute urged government and academia to address systemic cultural and structural security barriers in UK AI research
Switzerland Mandates Cyber-Attack Reporting for Critical Infrastructure
Starting April 2025, Swiss critical infrastructure organizations will have to report cyber-attacks to the country’s authorities within 24 hours of discovery
Texas Developer Convicted After Kill Switch Sabotage Plot
Software developer Davis Lu cost his employer hundreds of thousands after deploying malware that caused crashes and failed logins
Number of Unauthorized Cobalt Strike Copies Plummets 80%
Fortra claims the number of unauthorized Cobalt Strike licenses in the wild fell 80% over two years
Ransomware Groups Favor Repeatable Access Over Mass Vulnerability Exploits
Travelers found that ransomware groups are focusing on targeting weak credentials on VPN and gateway accounts for initial access, marking a shift from 2023
Majority of Orgs Hit by AI Cyber-Attacks as Detection Lags
AI-driven cyberattacks are rapidly escalating, with a vast majority of security professionals reporting encounters and anticipating a surge, while struggling with detection
Medusa Ransomware Claims 40+ Victims in 2025, Confirmed Healthcare Attacks
Symantec found that Medusa has listed almost 400 victims on its data leaks site since early 2023, demanding ransom payments as high as $15m
Vulnerability in Chaty Pro Plugin Exposes 18,000 WordPress Sites
An arbitrary file upload vulnerability in the Chaty Pro plugin has been identified, affecting 18,000 WordPress sites
Attackers Target Japanese Firms with Cobalt Strike
Attackers are actively exploiting an RCE flaw in Windows PHP-CGI implementations to target Japanese firms, deploying Cobalt Strike for persistence
Cybersecurity Job Satisfaction Plummets, Women Hit Hardest
Layoffs and cutbacks have been cited as major factors in a significant drop in job satisfaction among women working in cybersecurity, according to ISC2
Six Critical Infrastructure Sectors Failing on NIS2 Compliance
Enisa identifies six sectors that it says must improve on NIS2 compliance
US Charges Members of Chinese Hacker-for-Hire Group i-Soon
The DoJ has charged Chinese government and i-Soon employees for a series of for-profit data theft campaigns
Silk Typhoon Shifts Tactics to Exploit Common IT Solutions
Chinese espionage group Silk Typhoon is increasingly exploiting common IT solutions to infiltrate networks and exfiltrate data
Nonprofits Face Surge in Cyber-Attacks as Email Threats Rise 35%
Nonprofits are facing a surge in cyber-attacks as email threats rise 35%, targeting donor data and transactions
Google Introduces New AI-Powered Scam Detection Features for Android
With Android Scam Detection for messages and calls, Google wants to push scam detection further than traditional spam detection
Stress and Burnout Impacting Vast Majority of IT Pros
ISACA identified factors such as heavy workload and long hours as the primary causes of stress, while there has been high turnover of IT professionals in the past two years
Over Half of Organizations Report Serious OT Security Incidents
New SANS Institute research finds that 50% of global organizations were hit by an OT security incident in the past year
Would-be Extortionists Send “BianLian” Ransom Notes in the Mail
GuidePoint Security has received reports of multiple organizations receiving ransom letters in the mail
