Infosecurity News

  1. Columbus Ransomware Attack Exposes Data of 500,000 Residents

    The City of Columbus, Ohio, informed the Maine Attorney General’s Office that approximately 55% of its residents were affected by the breach

  2. Cybercriminals Exploit DocuSign APIs to Send Fake Invoices

    Cybercriminals are exploiting DocuSign APIs to send fake invoices, bypassing security filters and mimicking well-known brands

  3. Nigerian Handed 26-Year Sentence for Real Estate Phishing Scam

    A US district court sentenced a Nigerian man for an elaborate ‘man-in-the-middle’ phishing campaign, which resulted in $12m in losses from real-estate transactions

  4. Google Researchers Claim First Vulnerability Found Using AI

    The flaw, an exploitable stack buffer underflow in SQLite, was found by Google’s Big Sleep team using a large language model (LLM)

  5. US Says Russia Behind Fake Haitian Voters Video

    US government agencies said the video, widely shared on social media, is part of Russia’s broader strategy of undermining the integrity of the Presidential Election

  6. Supply Chain Attack Uses Smart Contracts for C2 Ops

    Checkmarx has observed a novel npm supply chain attack using Ethereum smart contracts to manage command-and-control (C2) operations

  7. UK Council Sites Recover Following Russian DDoS Blitz

    Several UK council websites are back online after being disrupted by Russian hacktivist DDoS attacks

  8. Sophos Warns Chinese Hackers Are Becoming Stealthier

    Sophos provided details of changing tactics by Chinese APT groups over a five-year period, involving a shift towards stealthy, targeted attacks

  9. CISA Warns of Critical Software Vulnerabilities in Industrial Devices

    Multiple vulnerabilities in Rockwell Automation and Mitsubishi products could allow ICS cyber-attacks

  10. US and Israel Warn of Iranian Threat Actor’s New Tradecraft

    US and Israeli government agencies have warned that the Iranian state-sponsored threat actor Cotton Sandstorm is deploying new tradecraft to expand its operations

  11. New Xiu Gou Phishing Kit Targets US, Other Countries with Mascot

    New phishing kit Xiu Gou, featuring a unique “doggo” mascot, targets users in US, UK, Spain, Australia and Japan with 2000+ scam websites

  12. Misconfigured Git Configurations Targeted in Emeraldwhale Attack

    Emeraldwhale breach allowed access to over 10,000 repositories and resulted in the theft of more than 15,000 cloud service credentials

  13. Canadian Government Data Stolen By Chinese Hackers

    A report by the Canadian Centre for Cyber Security described China as the most sophisticated cyber threat to Canada, also identified India as an emerging threat

  14. North Korean Hackers Collaborate with Play Ransomware

    Palo Alto Networks’ Unit 42 has observed the first-ever collaboration between North Korean-backed Jumpy Pisces and Play ransomware

  15. Government Sector Suffers 236% Surge in Malware Attacks

    Malware-related attacks against global government organizations increased 236% year-on-year in Q1 2024, according to SonicWall

  16. Over 80% of US Small Businesses Have Been Breached

    ITRC data finds 81% of US small businesses have suffered a data or security breach over the past year

  17. LiteSpeed Cache Plugin Vulnerability Poses Admin Access Risk

    The LiteSpeed Cache vulnerability allows administrator-level access, risking security for over 6 million WordPress sites

  18. Updated FakeCall Malware Targets Mobile Devices with Vishing

    The new FakeCall variant uses advanced vishing tactics, featuring Bluetooth for device monitoring

  19. Apple Rolls Out Major Security Update to Patch macOS and iOS Vulnerabilities

    In a major security update, Apple has fixed dozens of bugs and vulnerabilities across its operating systems and services

  20. CISA Launches First International Cybersecurity Plan

    CISA’s 2025-2026 International Strategic Plan aims to strengthen external partnerships to reduce risks to critical infrastructure relied on in the US

What’s hot on Infosecurity Magazine?