Infosecurity News
FishMonger APT Group Linked to I-SOON in Espionage Campaigns
The FishMonger APT Group has been linked with I-SOON, targeting governments, NGOs and think tanks in cyber-espionage campaigns
Rooted Devices 250 Times More Vulnerable to Compromise
Rooted devices are 250 times more vulnerable to security incidents, Zimperium warned
UK CNI Security Leaders Express Confidence in Cybersecurity, Despite 95% Breach Rate
Bridewell has released its annual report on critical infrastructure security leaders’ perceived cybersecurity maturity and threats
UK Police Arrest 422 in Major Fraud Crackdown
February’s Operation Henhouse resulted in hundreds of arrests and the seizure of £7.5m
Over Half a Million Hit by Pennsylvania Schools Union Breach
The Pennsylvania State Education Association (PSEA) has sent breach notifications to over 500,000 current and former members
NCSC Sets 2035 Deadline for Post-Quantum Cryptography Migration
New NCSC guidance sets out a three-phase migration to post-quantum cryptography, designed to ensure all systems are protected from quantum attacks by 2035
Windows Shortcut Flaw Exploited by 11 State-Sponsored Groups
Newly discovered vulnerability ZDI-CAN-25373 takes advantage of Windows shortcuts has been exploited by 11 state-sponsored groups since 2017
752,000 Browser Phishing Attacks Mark 140% Increase YoY
A surge in browser-based phishing attacks has been recorded over the past year, with a 140% increase compared to 2023 according to Menlo Security
Brian Cox to Discuss Quantum Computing's Impact at Infosecurity Europe 2025
World-renowned physicist, Professor Brian Cox, will headline day one of Infosecurity Europe, analyzing the science behind quantum computing and the challenges it brings
Sneaky 2FA Joins Tycoon 2FA and EvilProxy in 2025 Phishing Surge
Security firm Barracuda said it has detected more than a million phishing-as-a-service (PhaaS) attacks in 2025
Fortinet Vulnerability Exploited in Ransomware Attack, CISA Warns
The US Cybersecurity and Infrastructure Security Agency added flaws in Fortinet and a popular GitHub Action to its Known Exploited Vulnerabilities catalog
Gartner Warns Agentic AI Will Accelerate Account Takeovers
Gartner has claimed that AI agents will reduce the time it takes to exploit exposed accounts
Europol Warns of “Shadow Alliance” Between States and Criminals
Europol’s annual report warns of a growing threat from aligned state and cybercrime groups, enabled by AI technologies
Security Researcher Proves GenAI Tools Can Develop Google Chrome Infostealers
A Cato Networks researcher discovered a new LLM jailbreaking technique enabling the creation of password-stealing malware
New Report Highlights Common Passwords in RDP Attacks
Report reveals common password use in RDP attacks, highlighting weak credentials remain a major security flaw
BlackBasta Ransomware Ties to Russian Authorities Uncovered
Leaked chat logs have exposed connections between the BlackBasta ransomware group and Russian authorities, according to new analysis by Trellix
Google Buys Wiz in $32bn Cloud Security Push
Google is set to acquire Wiz, a cloud security platform founded in 2020, for $32bn in an all-cash deal
Over 16.8 Billion Records Exposed as Data Breaches Increase 6%
Flashpoint data points to a surge in data breaches fueled by compromised credentials, ransomware and exploits
Large-Scale Malicious App Campaign Bypassing Android Security
Bitdefender said the malicious app campaign has resulted in more than 60 million downloads of malicious apps from the Google Play Store
Third of UK Supply Chain Relies on “Chinese Military” Companies
Bitsight reveals that UK companies are more exposed to cyber risk than global peers via their digital supply chains
