Infosecurity News

  1. Nezha Tool Used in New Cyber Campaign Targeting Web Applications

    A cyber campaign using Nezha has been identified, targeting vulnerable web apps with PHP web shells and Ghost RAT

  2. Digital Fraud Costs Companies Worldwide 7.7% of Annual Revenue

    According to TransUnion, digital fraud has cost companies $534bn in losses globally with US business hit hardest

  3. Cyber-Attack Contributes to Huge Sales Drop at JLR

    Jaguar Land Rover has reported a 25% drop in volume sales in the three months up to September 30, largely due to the impact of the ongoing cyber incident

  4. Bybit Theft Drives Record-Breaking $2bn Haul for North Korea

    North Korean hackers have stolen over $2bn in cryptocurrency already this year, says Elliptic

  5. Met Police Arrest Two Teens in Connection with Kido Attack

    Two 17-year-olds have been arrested following a cyber-attack on the Kido nursery group

  6. Qilin Ransomware Gang Claims Asahi Cyber-Attack

    The Qilin group claims to have stolen sensitive personal and proprietary data from the Brewer

  7. Critical Flaw Exposes 60,000 Redis Servers to Remote Exploitation

    A critical Redis flaw, dubbed “RediShell,” has exposed 60,000 unprotected servers to exploitation

  8. Qilin Claims Ransomware Attack on Mecklenburg Schools

    The Qilin ransomware gang has claimed attacks at Mecklenburg County Public Schools, stealing financial records and childrens’ medical files

  9. Discord Reveals Data Breach Following Third-Party Compromise

    Discord said a third-party customer services provider was compromised to access user data, with the attackers aiming to extort a financial ransom

  10. NCSC: Patch Critical Oracle EBS Bug Now

    A critical Oracle E-Business Suite vulnerability is being actively exploited by the Clop ransomware group

  11. Microsoft: Critical GoAnywhere Bug Exploited in Medusa Ransomware Campaign

    A critical GoAnywhere vulnerability is being exploited by the Medusa ransomware group, says Microsoft

  12. Europol Calls for Stronger Data Laws to Combat Cybercrime

    Europol’s Cybercrime Conference has warned that cybercriminals are exploiting new technologies faster than law enforcement can adapt

  13. Ransomware Group “Trinity of Chaos” Launches Data Leak Site

    A new TOR data leak site published by the Trinity of Chaos ransomware group unveils 39 firms’ data and threatens Salesforce litigation

  14. Scanning of Palo Alto Portals Surges 500%

    Experts warn that threat actors may be gearing up for compromise after large uptick in scans of Palo Alto Network portals

  15. Asahi Confirms Ransomware Attack, Data Stolen from Servers

    Asahi confirmed it has fallen victim to a ransomware attack, and revealed it has started manual order processing amid ongoing operational disruption

  16. Renault Informs Customers of Supply Chain Data Breach

    Renault and Dacia have become the latest big-name brands to suffer a supply chain breach

  17. Chinese-Speaking Cybercrime Group Hijacks IIS Servers for SEO Fraud

    Cisco Talos has identified a Chinese-speaking cybercrime group that targets high-value Internet Information Services (IIS) for SEO fraud

  18. Hackers Target Unpatched Flaws in Oracle E-Business Suite

    Patches for the targeted vulnerabilities were released in Oracle’s July 2025 security update

  19. WestJet Data Breach Impacts 1.2 Million Customers

    WestJet revealed that customer personal details and membership data were stolen in the June 2025 attack

  20. US Government Shutdown to Slash Federal Cybersecurity Staff

    The US government shutdown is estimated to result in around 65% of CISA staff being furloughed, with fears that threat actors will exploit critical security gaps

What’s Hot on Infosecurity Magazine?