Infosecurity News

  1. PowerShell-Based Loader Deploys Remcos RAT in New Fileless Attack

    A stealthy fileless PowerShell attack using Remcos RAT bypassed antivirus by operating in memory

  2. SAP NetWeaver Flaw Exploited by Ransomware Groups and Chinese-Backed Hackers

    The critical vulnerability is being exploited by BianLian, RansomwEXX and a Chinese nation-state actor known as Chaya_004

  3. Dior Confirms Data Breach Affecting Customer Information

    Dior confirmed a data breach compromising customer personal information, discovered on May 7

  4. New Linux Vulnerabilities Surge 967% in a Year

    Researchers discovered over 3000 Linux vulnerabilities in 2024, the most of any category

  5. "Endemic" Ransomware Prompts NHS to Demand Supplier Action on Cybersecurity

    The voluntary cybersecurity charter asks NHS suppliers to commit to eight cybersecurity pledges, amid rising attacks on healthcare

  6. Fraud Losses Hit $11m Per Company as Customer Abuse Soars

    Most online merchants now believe customers pose as big a threat as professional fraudsters

  7. #Infosec2025: Ransomware Enters ‘Post-Trust Ecosystem,’ NCA Cyber Expert Says

    The ransomware landscape is more fragmented than ever, with no “market leader,” says William Lyne, Head of Intelligence at the NCA

  8. Android Enterprise Launches Device Trust For Enhanced Security

    Android Enterprise introduced Device Trust to enhance mobile security on Android devices

  9. CISA Reverses Decision on Cybersecurity Advisory Changes

    CISA paused plans to overhaul its advisory system after backlash from the infosec community

  10. New Fortinet and Ivanti Zero Days Exploited in the Wild

    Fortinet and Ivanti published advisories on the same day revealing that attackers are exploiting new zero days, one of which is rated critical

  11. New 'Chihuahua’ Infostealer Targets Browser Data and Crypto Wallet Extensions

    While appearing unsophisticated on the surface, Chihuahua Stealer uses advanced methods

  12. European Police Bust €3m Investment Fraud Ring

    Law enforcers from multiple countries team up to dismantle a multimillion-euro fraud gang

  13. Microsoft Fixes Seven Zero-Days in May Patch Tuesday

    Microsoft has patched seven zero-day bugs, five of which were exploited in the wild

  14. Turkey-Aligned Hackers Targeted Iraq-Based Kurds with Zero-Day Exploit

    Marbled Dust has been exploiting a vulnerability in user accounts associated with the Kurdish military operating in Iraq for over a year, according to Microsoft

  15. DPRK-Backed TA406 Targets Ukraine With Malware Campaigns

    Cyber espionage campaign linked to North Korean actor TA406 targeted Ukrainian government entities

  16. CISA Shifts Alert Distribution Strategy to Email, Social Media

    CISA won't post standard cybersecurity updates on its website, shifting to email and social media

  17. European Vulnerability Database Launches Amid US CVE Chaos

    ENISA has officially launched the European Vulnerability Database as required by the NIS2 directive

  18. M&S Confirms Customer Data Stolen in Cyber-Attack

    M&S Chief Executive, Stuart Machin, said that the firm has written to customers to inform them that some personal information was accessed by threat actors

  19. UK Considers New Enterprise IoT Security Law

    The UK government wants to hear feedback on a possible new standard or legislation to improve enterprise IoT security

  20. Hacktivist Attacks on India Overstated Amid APT36 Espionage Threat

    Hacktivist claims on Indian infrastructure raised alarms, but investigations showed minimal damage

Why not watch?

  1. How to Implement Attack Surface Management in the AI and Cloud Age

  2. Reimagining the SOC: From Reactive to Resilient

  3. How to Tackle Rising Cloud Identity Attacks

  4. Closing the Browser Security Gap: Defending Against Modern Web-Based Threats

What’s hot on Infosecurity Magazine?