Infosecurity News

  1. Flaw in Google Cloud Functions Sparks Broader Security Concerns

    Patched privilege escalation flaw in Google Cloud Platform linked to wider cloud security concerns

  2. US Teen to Plead Guilty in PowerSchool Extortion Campaign

    The 19-year-old and his accomplices obtained key data for the extortion scheme in a 2022 breach of a US telco

  3. Two-Fifths of Americans Want to Ban Biometric Use

    ITRC report finds that 39% of American consumers believe biometric use should be banned

  4. M&S Braces for £300 Million Cyber-Attack Costs

    An M&S trading update estimates the ongoing cyber-incident will cost £300m, largely from lost sales due to the suspension of online orders

  5. NCSC Helps Firms Securely Dispose of Old IT Assets

    A new NCSC guide offers useful information on how to safely and securely dispose of end-of-life assets

  6. Uncensored AI Tool Raises Cybersecurity Alarms

    The Venice.ai chatbot gained traction in hacking forums for its uncensored access to advanced models

  7. Debt Collector Data Breach Affects 200,000 Harbin Clinic Patients

    A data breach at Nationwide Recovery Services compromised data of 200,000 Harbin Clinic patients

  8. Russian APT Groups Intensify Attacks in Europe with Zero-Day Exploits and Wipers

    Researchers at ESET observed strengthened cyber-offensive activity from Russian groups, especially against Ukrainian and European entities

  9. Mounting GenAI Cyber Risks Spur Investment in AI Security

    Thales found that 73% of organizations are investing in AI-specific security tools, amid surging takeup of GenAI tools in enterprises

  10. Half of Consumers Targeted by Social Media Fraud Ads

    Around half of US and UK consumers have seen fraud ads and content on ‘refund hacks’ on social media

  11. New 23andMe Buyer Regeneron Promises to Prioritize Security

    Regeneron, which intends to acquire 23andMe for $256m, says data security and privacy will be a priority

  12. New Malware on PyPI Poses Threat to Open-Source Developers

    Malicious dbgpkg package on PyPI poses as a debugging utility but acts as a delivery mechanism for a stealthy backdoor

  13. RCE Vulnerability Found in RomethemeKit For Elementor Plugin

    RomethemeKit for Elementor has released a patch addressing an RCE vulnerability exposing 30,000 sites

  14. GDPR Changes Risk Undermining its Principles, Civil Society Groups Warn

    Civil society groups and academics are calling for the EU's GDPR to remain unchanged following the EU Commission's plans to revisit it

  15. SEC SIM Swapper Gets 14 Months for X Account Hijack

    An Alabama man has been sentenced to 14 months for hacking the SEC’s X account

  16. Legal Aid Agency Admits Major Breach of Applicant Data

    The UK government says that hackers accessed a “large amount” of personal information in attack on Legal Aid Agency

  17. #Infosec2025: How CISOs Can Stay Ahead of Evolving Cloud Threats

    Security experts tell Infosecurity about the cloud attack trends in the past year, and how CISOs can mitigate evolving techniques

  18. US Officials Impersonated Via SMS and Voice Deepfakes

    The FBI has warned about an ongoing smishing and vishing scheme using AI deepfakes to impersonate US officials

  19. UK Cyber Vacancies Growing 12% Per Year

    An analysis by Robert Walters found there are around 17,000 cybersecurity vacancies in the UK currently, with organizations struggling to fill open positions

  20. Russian Espionage Operation Targets Organizations Linked to Ukraine War

    In Operation RoundPress, the compromise vector is a spearphishing email leveraging an XSS vulnerability to inject malicious JavaScript code into the victim's webmail page

What’s hot on Infosecurity Magazine?