Infosecurity News

  1. Malicious Ads Target Freelance Developers via GitHub

    Fake job ads target freelance developers, spreading malware via GitHub

  2. West Coast Cybersecurity Salaries Outshine Rest of Country

    A survey by IANS and Artico found significant regional variation in cybersecurity salary levels across North America

  3. Mobile Phishing Attacks Surge with 16% of Incidents in US

    Mobile phishing attacks surged in 2024, with 16% of all incidents occurring in the US, according to a new Zimperium report

  4. Over 330 Million Credentials Compromised by Infostealers

    Kela researchers 330 million compromised credentials to infostealer activity on over four million machines in 2024

  5. Hackers Chain Exploits of Three Palo Alto Networks Firewall Flaws

    Palo Alto Networks has observed exploit attempts chaining three vulnerabilities in its PAN-OS firewall appliances

  6. CISA and FBI Warn of Global Threat from Ghost Ransomware

    CISA and the FBI have released a joint advisory detailing the activity of China’s Ghost ransomware

  7. WordPress Plugin Vulnerability Exposes 90,000 Sites to Attack

    A flaw in the Jupiter X Core plugin has been identified, allowing upload of malicious SVG files and remote code execution on vulnerable servers

  8. Finastra Notifies Customers of Data Breach

    Finastra notifies customers of data breach that took place more than three months ago, impacting sensitive financial information

  9. Australian IVF Clinic Suffers Data Breach Following Cyber Incident

    Australia-based Genea said it is investigating the cyber incident to determine whether any personal data was accessed by an unauthorized third party

  10. Spies Eye AUKUS Nuclear Submarine Secrets, Australia’s Intelligence Chief Warns

    The head of the Australian Security Intelligence Organisation gave his Annual Threat Assessment for the year ahead

  11. Cyber Investor Insight Partners Suffers Security Breach

    Venture capital firm Insight Partners, which counts Recorded Future, SentinelOne and Wiz in its portfolio, confirmed an intrusion into its systems via a social engineering attack

  12. Russian State Hackers Target Signal to Spy on Ukrainians

    Google has warned that Russian state-backed hackers are targeting Signal to eavesdrop on persons of interest in Ukraine

  13. Hundreds of US Military and Defense Credentials Compromised

    Hudson Rock has found evidence that infostealers have compromised hundreds of US military and defense contractor credentials

  14. OpenSSH Flaws Expose Systems to Critical Attacks

    Significant OpenSSH flaws are exposing systems to man-in-the-middle and denial-of service attacks

  15. Mustang Panda Leverages Microsoft Tools to Bypass Anti-Virus Solutions

    Trend Micro found that Chinese espionage group Mustang Panda is deploying malware via legitimate Microsoft tools, enabling it to bypass ESET antivirus applications

  16. Evolving Snake Keylogger Variant Targets Windows Users

    A new Snake Keylogger variant, responsible for over 280 million blocked infection attempts worldwide, has been identified targeting Windows users

  17. BlackLock On Track to Be 2025’s Most Prolific Ransomware Group

    The BlackLock or Eldorado ransomware gang could be the year’s fastest-growing ransomware-as-a-service group

  18. Proofpoint Uncovers FrigidStealer, A New MacOS Infostealer

    Proofpoint also identified two new threat actors operating components of web inject campaigns, TA2726 and TA2727

  19. Zacks Investment Research Breach Hits 12 Million

    A threat actor claims to have hacked and published data on 12 million Zacks Investment Research accounts

  20. Pro-Russia Hackers NoName057(16) Hit Italian Banks and Airports

    Pro-Russia hackers NoName057(16) has targeted Italian banks, airports and ports in a series of DDoS attacks

What’s hot on Infosecurity Magazine?