Infosecurity News
Russian APT Groups Intensify Attacks in Europe with Zero-Day Exploits and Wipers
Researchers at ESET observed strengthened cyber-offensive activity from Russian groups, especially against Ukrainian and European entities
Mounting GenAI Cyber Risks Spur Investment in AI Security
Thales found that 73% of organizations are investing in AI-specific security tools, amid surging takeup of GenAI tools in enterprises
Half of Consumers Targeted by Social Media Fraud Ads
Around half of US and UK consumers have seen fraud ads and content on ‘refund hacks’ on social media
New 23andMe Buyer Regeneron Promises to Prioritize Security
Regeneron, which intends to acquire 23andMe for $256m, says data security and privacy will be a priority
New Malware on PyPI Poses Threat to Open-Source Developers
Malicious dbgpkg package on PyPI poses as a debugging utility but acts as a delivery mechanism for a stealthy backdoor
RCE Vulnerability Found in RomethemeKit For Elementor Plugin
RomethemeKit for Elementor has released a patch addressing an RCE vulnerability exposing 30,000 sites
GDPR Changes Risk Undermining its Principles, Civil Society Groups Warn
Civil society groups and academics are calling for the EU's GDPR to remain unchanged following the EU Commission's plans to revisit it
SEC SIM Swapper Gets 14 Months for X Account Hijack
An Alabama man has been sentenced to 14 months for hacking the SEC’s X account
Legal Aid Agency Admits Major Breach of Applicant Data
The UK government says that hackers accessed a “large amount” of personal information in attack on Legal Aid Agency
#Infosec2025: How CISOs Can Stay Ahead of Evolving Cloud Threats
Security experts tell Infosecurity about the cloud attack trends in the past year, and how CISOs can mitigate evolving techniques
US Officials Impersonated Via SMS and Voice Deepfakes
The FBI has warned about an ongoing smishing and vishing scheme using AI deepfakes to impersonate US officials
UK Cyber Vacancies Growing 12% Per Year
An analysis by Robert Walters found there are around 17,000 cybersecurity vacancies in the UK currently, with organizations struggling to fill open positions
Russian Espionage Operation Targets Organizations Linked to Ukraine War
In Operation RoundPress, the compromise vector is a spearphishing email leveraging an XSS vulnerability to inject malicious JavaScript code into the victim's webmail page
Healthcare Cyber-Attacks Intensify, Sector Now Prime Target
New data from Darktrace showed that cyber-attacks targeting healthcare organizations increased in intensity in 2024
Coinbase Offers $20m Bounty to Take Down Cybercrime Ring Behind Hack
Coinbase is offering a $20m reward to help catch the threat actor behind a cyber-attack that could cost it between $180-$400m
PowerShell-Based Loader Deploys Remcos RAT in New Fileless Attack
A stealthy fileless PowerShell attack using Remcos RAT bypassed antivirus by operating in memory
SAP NetWeaver Flaw Exploited by Ransomware Groups and Chinese-Backed Hackers
The critical vulnerability is being exploited by BianLian, RansomwEXX and a Chinese nation-state actor known as Chaya_004
Dior Confirms Data Breach Affecting Customer Information
Dior confirmed a data breach compromising customer personal information, discovered on May 7
New Linux Vulnerabilities Surge 967% in a Year
Researchers discovered over 3000 Linux vulnerabilities in 2024, the most of any category
"Endemic" Ransomware Prompts NHS to Demand Supplier Action on Cybersecurity
The voluntary cybersecurity charter asks NHS suppliers to commit to eight cybersecurity pledges, amid rising attacks on healthcare