Infosecurity News
US Officials Impersonated Via SMS and Voice Deepfakes
The FBI has warned about an ongoing smishing and vishing scheme using AI deepfakes to impersonate US officials
UK Cyber Vacancies Growing 12% Per Year
An analysis by Robert Walters found there are around 17,000 cybersecurity vacancies in the UK currently, with organizations struggling to fill open positions
Russian Espionage Operation Targets Organizations Linked to Ukraine War
In Operation RoundPress, the compromise vector is a spearphishing email leveraging an XSS vulnerability to inject malicious JavaScript code into the victim's webmail page
Healthcare Cyber-Attacks Intensify, Sector Now Prime Target
New data from Darktrace showed that cyber-attacks targeting healthcare organizations increased in intensity in 2024
Coinbase Offers $20m Bounty to Take Down Cybercrime Ring Behind Hack
Coinbase is offering a $20m reward to help catch the threat actor behind a cyber-attack that could cost it between $180-$400m
PowerShell-Based Loader Deploys Remcos RAT in New Fileless Attack
A stealthy fileless PowerShell attack using Remcos RAT bypassed antivirus by operating in memory
SAP NetWeaver Flaw Exploited by Ransomware Groups and Chinese-Backed Hackers
The critical vulnerability is being exploited by BianLian, RansomwEXX and a Chinese nation-state actor known as Chaya_004
Dior Confirms Data Breach Affecting Customer Information
Dior confirmed a data breach compromising customer personal information, discovered on May 7
New Linux Vulnerabilities Surge 967% in a Year
Researchers discovered over 3000 Linux vulnerabilities in 2024, the most of any category
"Endemic" Ransomware Prompts NHS to Demand Supplier Action on Cybersecurity
The voluntary cybersecurity charter asks NHS suppliers to commit to eight cybersecurity pledges, amid rising attacks on healthcare
Fraud Losses Hit $11m Per Company as Customer Abuse Soars
Most online merchants now believe customers pose as big a threat as professional fraudsters
#Infosec2025: Ransomware Enters ‘Post-Trust Ecosystem,’ NCA Cyber Expert Says
The ransomware landscape is more fragmented than ever, with no “market leader,” says William Lyne, Head of Intelligence at the NCA
Android Enterprise Launches Device Trust For Enhanced Security
Android Enterprise introduced Device Trust to enhance mobile security on Android devices
CISA Reverses Decision on Cybersecurity Advisory Changes
CISA paused plans to overhaul its advisory system after backlash from the infosec community
New Fortinet and Ivanti Zero Days Exploited in the Wild
Fortinet and Ivanti published advisories on the same day revealing that attackers are exploiting new zero days, one of which is rated critical
New 'Chihuahua’ Infostealer Targets Browser Data and Crypto Wallet Extensions
While appearing unsophisticated on the surface, Chihuahua Stealer uses advanced methods
European Police Bust €3m Investment Fraud Ring
Law enforcers from multiple countries team up to dismantle a multimillion-euro fraud gang
Microsoft Fixes Seven Zero-Days in May Patch Tuesday
Microsoft has patched seven zero-day bugs, five of which were exploited in the wild
Turkey-Aligned Hackers Targeted Iraq-Based Kurds with Zero-Day Exploit
Marbled Dust has been exploiting a vulnerability in user accounts associated with the Kurdish military operating in Iraq for over a year, according to Microsoft
DPRK-Backed TA406 Targets Ukraine With Malware Campaigns
Cyber espionage campaign linked to North Korean actor TA406 targeted Ukrainian government entities
