Infosecurity News
NCSC Sets 2035 Deadline for Post-Quantum Cryptography Migration
New NCSC guidance sets out a three-phase migration to post-quantum cryptography, designed to ensure all systems are protected from quantum attacks by 2035
Windows Shortcut Flaw Exploited by 11 State-Sponsored Groups
Newly discovered vulnerability ZDI-CAN-25373 takes advantage of Windows shortcuts has been exploited by 11 state-sponsored groups since 2017
752,000 Browser Phishing Attacks Mark 140% Increase YoY
A surge in browser-based phishing attacks has been recorded over the past year, with a 140% increase compared to 2023 according to Menlo Security
Brian Cox to Discuss Quantum Computing's Impact at Infosecurity Europe 2025
World-renowned physicist, Professor Brian Cox, will headline day one of Infosecurity Europe, analyzing the science behind quantum computing and the challenges it brings
Fortinet Vulnerability Exploited in Ransomware Attack, CISA Warns
The US Cybersecurity and Infrastructure Security Agency added flaws in Fortinet and a popular GitHub Action to its Known Exploited Vulnerabilities catalog
Sneaky 2FA Joins Tycoon 2FA and EvilProxy in 2025 Phishing Surge
Security firm Barracuda said it has detected more than a million phishing-as-a-service (PhaaS) attacks in 2025
Gartner Warns Agentic AI Will Accelerate Account Takeovers
Gartner has claimed that AI agents will reduce the time it takes to exploit exposed accounts
Europol Warns of “Shadow Alliance” Between States and Criminals
Europol’s annual report warns of a growing threat from aligned state and cybercrime groups, enabled by AI technologies
Security Researcher Proves GenAI Tools Can Develop Google Chrome Infostealers
A Cato Networks researcher discovered a new LLM jailbreaking technique enabling the creation of password-stealing malware
New Report Highlights Common Passwords in RDP Attacks
Report reveals common password use in RDP attacks, highlighting weak credentials remain a major security flaw
BlackBasta Ransomware Ties to Russian Authorities Uncovered
Leaked chat logs have exposed connections between the BlackBasta ransomware group and Russian authorities, according to new analysis by Trellix
Google Buys Wiz in $32bn Cloud Security Push
Google is set to acquire Wiz, a cloud security platform founded in 2020, for $32bn in an all-cash deal
Over 16.8 Billion Records Exposed as Data Breaches Increase 6%
Flashpoint data points to a surge in data breaches fueled by compromised credentials, ransomware and exploits
Large-Scale Malicious App Campaign Bypassing Android Security
Bitdefender said the malicious app campaign has resulted in more than 60 million downloads of malicious apps from the Google Play Store
Third of UK Supply Chain Relies on “Chinese Military” Companies
Bitsight reveals that UK companies are more exposed to cyber risk than global peers via their digital supply chains
Cloudflare Introduces E2E Post-Quantum Cryptography Protections
Cloudflare introduces E2E post-quantum cryptography, enhancing security against quantum threats
UK's Online Safety Act: Ofcom Can Now Issue Sanctions
From March 17, Ofcom will enforce rules requiring tech platforms operating in the UK to remove illegal content, including child abuse material
Researchers Confirm BlackLock as Eldorado Rebrand
DarkAtlas researchers have uncovered a direct link between BlackLock and the Eldorado ransomware group, confirming a rebranded identity of the notorious threat actor
US Legislators Demand Transparency in Apple's UK Backdoor Court Fight
A bipartisan delegation of US Congresspeople and Senators has asked the hearing between the UK government and Apple to be made public
£1M Lost as UK Social Media and Email Account Hacks Skyrocket
Action Fraud reported a spike in social media and email account hacks in 2024, resulting in losses of nearly £1m
