Infosecurity News
ISACA Addresses Experience Gap with CISA Associate Designation
The new CISA Associate designation recognizes ISACA members who have passed the CISA exam, but do not yet have the required experience
British Man Sentenced for Network Rail Wi-Fi Hack
The man was handed a suspended prison sentence for offenses relating to the hack of Network Rail public Wi-Fi, exposing customers to offensive messaging
Indian Cyber Espionage Group Targets Italian Government
DoNot APT, also known as APT-C-35, traditionally operates exclusively in South Asia
Over Half of “Finfluencer” Victims Have Lost Money, Says TSB
British bank TSB warns of rise of “finfluencers” who dispense dubious financial advice online
MPs Warn of “Significant” Iranian Cyber-Threat to UK
The Intelligence and Security Committee has warned of Iran’s “aggressive” and “extensive” cyber capabilities
LLMs Fall Short in Vulnerability Discovery and Exploitation
Forescout found that most LLMs are unreliable in vulnerability research and exploit tasks, with threat actors still skeptical about using tools for these purposes
TikTok's Handling of EU User Data in China Comes Under Scrutiny Again
A new probe, opened two months after a €530m fine to TikTok, will investigate the tech giant’s storage of EU users’ data in China
Four Arrested in Connection with April UK Retail Attacks
The NCA has arrested four individuals on suspicion of involvement in the attacks on M&S, Co-op and Harrods
Nippon Steel IT Subsidiary Hit by "Zero-Day Attack," Causing Data Breach
Personal data of Nippon Steel Solutions’ customers, partners and employees may be compromised
Tribunal Ruling Brings ICO’s £12.7m TikTok Fine Closer
The UK ICO has welcomed a ruling in its favor in a long-running battle to issue a fine to TikTok
Qantas Confirms 5.7 Million Customers Hit by Data Breach
Qantas says nearly six million passengers were impacted by a recent data breach
Ransomware Attack Stops Nova Scotia Power Meter Readings
Nova Scotia Power revealed that a ransomware attack has prevented meters from sending energy usage data to its systems, impacting billing
Microsoft Patch Tuesday: One Zero-Day and A Potential 'Wormable' Flaw
CVE-2025-47981 has the “unfortunate hallmarks of becoming a significant problem,” said WatchTowr’s CEO
Chinese State-Sponsored Hacker Charged Over COVID-19 Research Theft
The US allege that the hacker stole critical COVID-19 research from universities at the behest of the Chinese government
MacOS Infostealer AMOS Evolves with Backdoor for Persistent Access
The addition of a backdoor to the Atomic macOS Stealer marks a pivotal shift in one of the most active macOS threats, said Moonlock
M&S Chair Details Ransomware Attack, Declines to Confirm if Payment Was Made
M&S chairman Archie Norman provided more insights into the April ransomware attack, but did not confirm whether a payment was made to the attackers
Researchers Reveal 18 Malicious Chrome and Edge Extensions Disguised as Everyday Tools
Researchers from Koi Security have detected 18 malicious Chrome and Edge extensions masquerading as benign productivity and entertainment tools
Over 500 Scattered Spider Phishing Domains Poised to Target Multiple Industries
Check Point discovered around 500 suspected Scattered Spider phishing domains, suggesting the group is preparing to expand its targeting
Malicious Open Source Packages Surge 188% Annually
Sonatype’s latest Open Source Malware Index report has identified more than 16,000 malicious open source packages, representing a 188% annual increase
Red Team Tool Developer Shellter Admits ‘Misuse’ by Adversaries
The company behind AV/EDR evasion tool Shellter has confirmed the product is being used by threat actors
