Infosecurity News

  1. Half of Firms Stall Digital Projects as Cyber Warfare Risk Surges

    Armis survey reveals that the growing threat of nation-state cyber-attacks is disrupting digital transformation

  2. CISA Warns of CrushFTP Vulnerability Exploitation in the Wild

    The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-31161 to its Known Exploited Vulnerabilities (KEV) catalog

  3. Boards Urged to Follow New Cyber Code of Practice

    The British government has launched a new code of practice designed to boost corporate cyber governance

  4. Malicious Microsoft VS Code Extensions Used in Cryptojacking Campaign

    Security researchers from ExtensionTotal have found nine malicious extensions in Visual Studio Code, Microsoft’s lightweight source-code editor

  5. Smishing Triad Fuels Surge in Toll Payment Scams in US, UK

    A rise in smishing campaigns impersonating toll service providers has been linked to China’s Smishing Triad

  6. Darknet’s Xanthorox AI Offers Customizable Tools for Hackers

    Xanthorox AI, a self-contained system for offensive cyber operations, has emerged on darknet forums

  7. Vodafone Urges UK Cybersecurity Policy Reforms as SME Cyber-Attack Costs Reach £3.4bn

    Vodafone Business has urged the UK government to implement policy changes, including improvements to the Cyber Essentials scheme and tax incentives for cybersecurity

  8. Government Backs Britain’s First Cyber Seed Fund, Worth £50m

    Osney Capital’s new fund is the first to focus exclusively on early-stage UK cybersecurity

  9. Aussie Pension Savers Hit with Wave of Credential Stuffing Attacks

    Cyber-attacks on Australian superannuation funds leave some savers out of pocket

  10. Cyber Agencies Warn of Fast Flux Threat Bypassing Network Defenses

    A joint cybersecurity advisory warns organizations globally about the defense gap in detecting and blocking fast flux techniques, which are exploited for malicious activities

  11. Tj-actions Supply Chain Attack Traced Back to Single GitHub Token Compromise

    The threat actors initially attempted to compromise projects associated with the Coinbase cryptocurrency exchange, said Palo Alto Networks

  12. Chinese State Hackers Exploiting Newly Disclosed Ivanti Flaw

    Mandiant warned that Chinese espionage actor UNC5221 is actively exploiting a critical Ivanti vulnerability, which can lead to remote code execution

  13. Major Online Platform for Child Exploitation Dismantled

    An international law enforcement operation has shut down Kidflix, a platform for child sexual exploitation with 1.8m registered users

  14. CrushFTP Vulnerability Exploited Following Disclosure Issues

    A critical authentication bypass flaw in CrushFTP is under active exploitation following a mishandled disclosure process

  15. Amateur Hacker Leverages Russian Bulletproof Hosting Server to Spread Malware

    The cybercriminal uses the service of Proton66, an infamous Russian-based bulletproof hosting provider, to deploy malware

  16. Sensitive Data Breached in Highline Schools Ransomware Incident

    Highline Public Schools revealed that sensitive personal, financial and medical data was accessed by ransomware attackers during the September 2024 incident

  17. Over Half of Attacks on Electricity and Water Firms Are Destructive

    Semperis claims 62% of water and electricity providers were hit by cyber-attacks in the past year

  18. Nearly 600 Phishing Domains Emerge Following Bybit Heist

    BforeAI researchers discover 596 suspicious Bybit-themed domains designed to defraud visitors

  19. Stripe API Skimming Campaign Unveils New Techniques for Theft

    A novel skimming attack has been observed by Jscramber, using the Stripe API to steal payment information by injecting malicious scripts into pages

  20. Royal Mail Investigates Data Breach Affecting Supplier

    A cyber threat actor has claimed to have leaked 144GB of data from Royal Mail users

What’s hot on Infosecurity Magazine?