Infosecurity News

  1. Israeli Hacktivists Steal and Burn $90m+ from Iranian Crypo Biz

    Pro-Israel Predatory Sparrow Group steals $90m in crypto from Iranian exchange Nobitex

  2. Critical Linux Flaws Discovered Allowing Root Access Exploits

    Two critical Linux flaws allow unprivileged users to gain root access, affecting major distributions

  3. AI Now Generates Majority of Spam and Malicious Emails

    Barracuda observed a big spike in spam emails generated using AI tools, making up the majority detected in April 2025

  4. GodFather Malware Upgraded to Hijack Legitimate Mobile Apps

    Upgraded GodFather banking malware now uses on-device virtualization to hijack apps, enabling real-time fraud

  5. ClickFix Helps Infostealers Use MHSTA for Defense Evasion

    ClickFix techniques are enabling threat actors to bypass defenses using tools like MSHTA, says ReliaQuest

  6. UK Government Publishes Plan to Boost Cyber Sector Growth

    The new Cyber Growth Action Plan aims to support the UK’s cyber industry, including the development of innovative new technologies and startups

  7. Ransomware Group Qilin Offers Legal Counsel to Affiliates

    The group positions itself “not just as a ransomware group, but as a full-service cybercrime platform”, according to Cybereason

  8. Paddle Pays $5m to Settle Tech Support Scam Allegations

    Payment processor Paddle has agreed to settle with the FTC over allegations related to tech support scams

  9. Hacklink Marketplace Fuels Surge in Covert SEO Poisoning Attacks

    New SEO poisoning attacks identified, using Hacklink to hijack search rankings and inject malicious links into sites

  10. UK ICO Fines 23andMe £2.3m for Data Protection Failings

    23andMe has been fined over £2m by the UK ICO for failing to adequately protect genetic data

  11. Taiwan Hit by Sophisticated Phishing Campaign

    Phishing campaign targeting Taiwan has been identified, using tax-themed emails and malware like Winos and HoldingHands

  12. Chained Flaws in Enterprise CMS Provider Sitecore Could Allow Remote Code Execution

    WatchTowr has found three vulnerabilities in the Sitecore Experience Platform, used by HSBC and L’Oréal

  13. Microsoft Promises to Keep European Cloud Data in Europe

    Microsoft’s Sovereign Cloud solutions are designed to ensure European cloud data is stored and processed in Europe

  14. Brits Lose £106m to Romance Fraud in a Year

    New City of London Police data reveals British men and women lost over £100m to romance fraudsters in 2024

  15. Threat Actors Target Victims with HijackLoader and DeerStealer

    Cyber-attacks using HijackLoader and DeerStealer have been identified exploiting phishing tactics via ClickFix

  16. Archetyp Market Shut Down in Europe-wide Law Enforcement Operation

    Operation DEEP Sentinel has shut down Archetyp Market, the longest-running dark web drug marketplace

  17. Tenable Fixes Three High-Severity Flaws in Vulnerability Scanner Nessus

    Nessus users should update patches as soon as possible

  18. Anubis Ransomware Adds File-Wiping Capability

    Trend Micro identified a novel “wipe mode” included in Anubis ransomware to prevent file recovery, increasing pressure on victims to give in to demands

  19. Over a Third of Grafana Instances Exposed to XSS Flaw

    Some 36% of Grafana instances are vulnerable to account takeover bug, putting DevOps teams at risk

  20. WestJet Investigates Cyber-Attack Impacting Customers

    Canadian airline WestJet is investigating a cyber-attack that struck on June 13

Why Not Watch?

  1. Time Is a New Attack Surface: Securing Networks with Trusted Time Synchronization

  2. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  3. Audit & Compliance in the Era of AI and Emerging Technology

  4. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

What’s Hot on Infosecurity Magazine?