Category: www.infosecurity-magazine.com

Asahi Group’s CEO said he is considering creating a dedicated cyber unit following the ransomware attack that crippled the company This article has been indexed from www.infosecurity-magazine.com Read the original article: Asahi to Launch Cybersecurity Overhaul After Crippling Cyber-Attack

Read more →

MITRE has released its Top 25 CWE list for 2025, compiled from software and hardware flaws behind almost 40,000 CVEs This article has been indexed from www.infosecurity-magazine.com Read the original article: Top 25 Most Dangerous Software Weaknesses of 2025 Revealed

Read more →

The UK’s National Cyber Security Centre has called on businesses to apply Cyber Essentials to suppliers This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Playbook Embeds Cyber Essentials in Supply Chains

Read more →

The Coupang South Korean unit’s response will be spearheaded by an executive based in the US This article has been indexed from www.infosecurity-magazine.com Read the original article: South Korean Police Raid Coupang Over Data Breach as CEO Resigns

Read more →

The UK’s data protection regulator has fined password manager provider LastPass £1.2m after 2022 data breach This article has been indexed from www.infosecurity-magazine.com Read the original article: ICO Fines LastPass £1.2m After 2022 Breach

Read more →

The National Cyber Security Centre has released new learnings from a cyber deception pilot This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Plugs Gap in Cyber-Deception Guidance

Read more →

OpenAI has reported a surge in performance as GPT-5.1-Codex-Max reaching 76% in capability assessments, and warned of upcoming cyber-risks This article has been indexed from www.infosecurity-magazine.com Read the original article: OpenAI Enhances Defensive Models to Mitigate Cyber-Threats

Read more →

A new campaign involving 19 malicious Visual Studio Code extensions used a legitimate npm package to embed malware in dependency folders This article has been indexed from www.infosecurity-magazine.com Read the original article: Malware Discovered in 19 Visual Studio Code Extensions

Read more →

New ITRC research finds 81% of US small businesses suffered a data or security breach in the past year This article has been indexed from www.infosecurity-magazine.com Read the original article: “Cyber Tax” Warning as Two-Fifths of SMBs Raise Prices After…

Read more →

Google has released a Chrome security update to fix three zero-day vulnerabilities, including a high-severity flaw with an active exploit This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Releases Critical Chrome Security Update to Address Three…

Read more →

Experts say a new Firm Checker tool from the FCA won’t move the dial on fraud but is a step in the right direction This article has been indexed from www.infosecurity-magazine.com Read the original article: Scam-Busting FCA Firm Checker Tool…

Read more →

A new malware campaign has been identified using a Python-based delivery system to deploy CastleLoader malware This article has been indexed from www.infosecurity-magazine.com Read the original article: ClickFix Social Engineering Sparks Rise of CastleLoader Attacks

Read more →

Pro-Russia hacktivist groups have been observed exploiting exposed virtual network computing connections to breach OT systems This article has been indexed from www.infosecurity-magazine.com Read the original article: Pro-Russia Hackers Target US Critical Infrastructure in New Wave

Read more →

The flaw, dubbed ‘GeminiJack,’ exploits the trust boundary between user-controlled content in data sources and the AI model’s instruction processing This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Fixes Zero Click Gemini Enterprise Flaw That Exposed…

Read more →

Sonatype has claimed that 13% of Log4j versions downloaded this year were vulnerable to the legacy critical Log4Shell bug This article has been indexed from www.infosecurity-magazine.com Read the original article: Log4Shell Downloaded 40 Million Times in 2025

Read more →

December’s Patch Tuesday sees the release of patches for over 50 CVEs including three zero-days This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Fixes Three Zero-Days in Final Patch Tuesday of 2025

Read more →

Sysdig has found sophisticated malicious campaigns exploiting React2Shell that delivered EtherRAT and suggested North Korean hackers’ involvement This article has been indexed from www.infosecurity-magazine.com Read the original article: React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics

Read more →

Two malicious Visual Studio Code extensions, Bitcoin Black and Codo AI, have been observed harvesting sensitive user data This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious VS Code Extensions Deploy Advanced Infostealer

Read more →

Cisco Talos has detected new tactics from a financially motivated actor using DeadLock ransomware This article has been indexed from www.infosecurity-magazine.com Read the original article: DeadLock Ransomware Uses BYOVD to Evade Security Measures

Read more →

The UK’s National Cyber Security Centre has warned of the dangers of comparing prompt injection to SQL injection This article has been indexed from www.infosecurity-magazine.com Read the original article: UK NCSC Raises Alarms Over Prompt Injection Attacks

Read more →