Infosecurity News
US Federal Agencies Alert on “Unsophisticated” OT Cyber-Threats
Cyber incidents targeting OT in US critical infrastructure have prompted renewed federal action
Russian Group Launches LOSTKEYS Malware in Attacks
New LOSTKEYS malware has been identified and linked to COLDRIVER by GTIG, stealing files and system data in targeted attacks
LockBit Ransomware Hacked, Insider Secrets Exposed
The data dump will likely shed light on LockBit’s recent activity and help law enforcement trace cryptocurrency transactions
Just 5% of Enterprises Have Deployed Quantum-Safe Encryption
DigiCert survey finds only 5% of global businesses are using post-quantum cryptography
UK Cyber Essentials Certification Numbers Falling Short
The UK government is set to prioritize increasing the number of UK organizations who are Cyber Essentials certified over the coming year
UK Launches New Cybersecurity Assessment Initiatives to Drive Secure by Design
The UK government unveiled two new assessment schemes to boost confidence in the security of products and services during CYBERUK
Confusion Reigns as Threat Actors Exploit Samsung MagicInfo Flaw
Researchers spot in-the-wild exploits of Samsung MagicInfo despite recent patch
#Infosec2025: Combating Deepfake Threats at the Age of AI Agents
Organizations can start defending against deepfakes now, before efficient detectors are available
Hacker Finds New Technique to Bypass SentinelOne EDR Solution
Security researchers at Aon have discovered a threat actor who bypassed SentinelOne EDR protection to deploy Babuk ransomware
Inferno Drainer Returns, Stealing Millions from Crypto Wallets
Inferno Drainer returns, stealing millions from crypto wallets through phishing on Discord
"Nationally Significant" Cyber-Attacks Have Doubled, UK’s NCSC Reports
NCSC CEO Richard Horne said the cyber agency has managed twice as many nationally significant cyber incidents in the period from September 2024 to May 2025
DDoS-for-Hire Network Dismantled in International Operation
A prolific DDoS-for-hire network has been dismantled by Polish authorities as part of a coordinated international crackdown
Passkeys Set to Protect GOV.UK Accounts Against Cyber-Attacks
The UK government has announced that it will be replace its current SMS verification system with passkeys by the end of 2025
NSO Group Hit with $168m Fine for WhatsApp Pegasus Spyware Abuse
The Israeli spyware maker must pay $444,719 in compensatory damages to Meta and $167.25m in punitive damages
UK Government Warns Retail Attacks Must Serve as a “Wake-up Call”
UK government minister Pat McFadden said during CYBERUK that the incidents affecting M&S, Co-op and Harrods show that cybersecurity is a necessity
UK Cyber Insurance Claims Second Highest on Record
Marsh says ransomware drove cyber insurance claims to second highest on record in 2024
Talent Shortages Bite as 80% of UK Firms Hit with AI Threats
Half of UK firms have over 10 cyber positions unfilled, according to Cisco
Texas School District Notifies Over 47,000 People of Major Data Breach
The Alvin Independent School District in Texas has notified over 47,000 individuals affected by a data breach exposing sensitive personal information
Smishing Triad Upgrades Tools and Tactics for Global Attacks
Global smishing campaigns linked to Chinese cybercriminals escalate with Smishing Triad’s new tools and techniques
Inside DragonForce, the Group Tied to M&S, Co-op and Harrods Hacks
Individuals allegedly linked to the DragonForce cybercriminal syndicate have claimed the attack on the three UK retailers