Infosecurity News

  1. Pair of Suspected Scattered Spider Hackers Charged by UK, US Authorities

    One of the teenage suspects is accused of involvement in at least 120 attacks, resulting in $115m in ransom payments

  2. New York Blood Center Alerts 194,000 People to Data Breach

    A breach at the New York Blood Center resulted in theft of data for 194,000 people, including SSNs, IDs, bank and health information

  3. 1 in 3 Android Apps Leak Sensitive Data

    One third of Android and over half iOS apps shown to be leaking insecure APIs and hardcoded secrets

  4. SonicWall Discloses Compromise of Cloud Backup Service

    SonicWall said that threat actors accessed firewall preference files stored in the cloud for around 5% of its firewall install base

  5. VC Firm Insight Partners Notifies Victims After Ransomware Breach

    Insight Partners has released more details of a 2024 ransomware breach impacting thousands of individuals

  6. NCA Singles Out “The Com” as it Chairs Five Eyes Group

    The UK’s National Crime Agency is the new chair of the Five Eyes Law Enforcement Group

  7. FileFix Campaign Using Steganography and Multistage Payloads

    FileFix campaign hides PowerShell script and encrypted EXEs in JPGs via multilingual phishing

  8. Critical CVEs in Chaos-Mesh Enable In-Cluster Code Execution

    A trio of critical vulnerabilities in the Chaos-Mesh platform allow in-cluster attackers to run arbitrary code, even in default configuration

  9. TaskUs Employees Behind Coinbase Breach, US Court Filing Alleges

    An employee of outsourcing firm TaskUs allegedly sold data stolen during the Coinbase data breach to hackers for $200 per record before her arrest in January 2025

  10. Microsoft Disrupts RaccoonO365 Phishing Kit, Seizes 338 Malicious Sites

    Microsoft revealed it has seized 338 websites associated with RaccoonO365, a phishing kit which has stolen at least 5000 Microsoft credentials worldwide

  11. A Quarter of UK and US Firms Suffer Data Poisoning Attacks

    New IO research reveals a surge in AI attacks attempting to corrupt underlying training data

  12. Shai-Hulud Worm Prowls npm to Steal Hundreds of Secrets

    A secret-stealing worm is spreading fast across the npm ecosystem, experts have warned

  13. Fifteen Ransomware Gangs “Retire,” Future Unclear

    Fifteen ransomware groups have claimed shutdown on BreachForums; experts warn of rebrands and copycats

  14. Gucci and Alexander McQueen Hit by Customer Data Breach

    The attack, which is linked to ShinyHunters, has reportedly compromised data relating to 7.4 million unique email addresses

  15. Chinese AI Villager Pen Testing Tool Hits 11,000 PyPI Downloads

    AI-native Villager, which automates Kali and DeepSeek penetration tests, has reached 11,000 PyPI downloads fueling dual-use threat

  16. UK: Tax Refund-Themed Phishing Slows in 2025

    Reports of email phishing attempts impersonating the UK’s HM Revenue & Customs plummeted in the first half of 2025

  17. JLR Extends Production Halt After Cyber-Attack

    Jaguar Land Rover (JLR) has confirmed that its pause in production will last until at least Wednesday, September 24

  18. API Threats Surge to 40,000 Incidents in 1H 2025

    Thales claims there were over 40,000 API incidents in the first half of 2025

  19. FinWise Bank Warns of Insider Data Breach

    An insider data breach at FinWise may have impacted 689,000 customers

  20. HybridPetya Mimics NotPetya, Adds UEFI Compromise

    HybridPetya ransomware mimics Petya/NotPetya, with an added UEFI bootkit and Secure Boot bypass

Why not watch?

  1. From Chaos to Confidence: Establishing Trust in Every Cloud Interaction

  2. Mastering Identity and Access for Non-Human Cloud Entities

  3. The Invisible Frontline: Proactive Approaches to Browser Defense

  4. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

What’s hot on Infosecurity Magazine?