Category: www.infosecurity-magazine.com

SEO poisoning attack has been observed targeting Chinese Windows users via lookalike domains, installing Hiddengh0st and Winos This article has been indexed from www.infosecurity-magazine.com Read the original article: SEO Poisoning Targets Chinese Users with Fake Software Sites

Read more →

HybridPetya ransomware mimics Petya/NotPetya, with an added UEFI bootkit and Secure Boot bypass This article has been indexed from www.infosecurity-magazine.com Read the original article: HybridPetya Mimics NotPetya, Adds UEFI Compromise

Read more →

Genians observed the Kimsuky group impersonate a defense institution in a spear-phishing attack, leveraging ChatGPT to create fake military ID cards This article has been indexed from www.infosecurity-magazine.com Read the original article: AI-Forged Military IDs Used in North Korean Phishing…

Read more →

US Department of Homeland Security OIG claims CISA mismanaged a key cyber retention incentive program This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA at Risk After OIG Accuses it of Wasting Federal Funds

Read more →

Threat actors are using multiple lures to trick users into installing RMM tools This article has been indexed from www.infosecurity-magazine.com Read the original article: Phishing Campaigns Drop RMM Tools for Remote Access

Read more →

HP Wolf has reported the use of multiple, uncommon binaries and novel uses of legitimate image files in recent malicious campaigns This article has been indexed from www.infosecurity-magazine.com Read the original article: Attackers Adopting Novel LOTL Techniques to Evade Detection

Read more →

Apple has sent at least four notifications in 2025, according to the French national cybersecurity agency This article has been indexed from www.infosecurity-magazine.com Read the original article: France Warns Apple Users of New Spyware Campaign

Read more →

ICO warned that growing hacks by children into school computer systems is setting them up for “a life of cybercrime” This article has been indexed from www.infosecurity-magazine.com Read the original article: ICO Warns of Student-Led Data Breaches in UK Schools

Read more →

The US cybersecurity agency called for the CVE program to remain publicly maintained and vendor-neutral while emphasizing the need for broader engagement This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Launches Roadmap for the CVE Program

Read more →

A sophisticated fileless malware campaign has been observed using legitimate tools to deliver AsyncRAT executed in memory This article has been indexed from www.infosecurity-magazine.com Read the original article: Fileless Malware Deploys Advanced RAT via Legitimate Tools

Read more →

Senator Ron Wyden of Oregon has urged the FTC to investigate Microsoft for cybersecurity lapses linked to ransomware attacks on US critical infrastructure This article has been indexed from www.infosecurity-magazine.com Read the original article: Wyden Urges FTC Investigation Over Ascension…

Read more →

Bitdefender said the sophisticated multi-stage operation allowed attackers to maintain persistent access and steal sensitive data from a Philippines military company This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese APT Actor Compromises Military Firm with Novel…

Read more →

Compromised data includes personal data such as patients’ full names, ages, phone numbers and email addresses This article has been indexed from www.infosecurity-magazine.com Read the original article: France: Three Regional Healthcare Agencies Targeted by Cyber-Attacks

Read more →

US offers $11m as LockerGoga ransomware suspect becomes one of Europe’s most wanted men This article has been indexed from www.infosecurity-magazine.com Read the original article: Ukrainian Ransomware Fugitive Added to Europe’s Most Wanted

Read more →

Government-run train operator LNER has revealed details of a supplier data breach This article has been indexed from www.infosecurity-magazine.com Read the original article: LNER Reveals Supply Chain Attack Compromised Customer Information

Read more →

A ransomware attack by KillSec on Brazil software provider MedicSolution threatens healthcare, impacting providers and patients This article has been indexed from www.infosecurity-magazine.com Read the original article: KillSec Ransomware Hits Brazilian Healthcare IT Vendor

Read more →

A flaw in the Cursor extension allows unauthorized code execution when opening repositories in Visual Studio This article has been indexed from www.infosecurity-magazine.com Read the original article: Cursor Autorun Flaw Lets Repositories Execute Code Without Consent

Read more →

The vulnerability, dubbed SessionReaper, allows customer account takeover and unauthenticated remote code execution This article has been indexed from www.infosecurity-magazine.com Read the original article: Adobe Releases Emergency Patch for Critical Flaw in Commerce and Magento

Read more →

Sophos found that average ransom demands and payments fell substantially in the education sector in 2025, as recovery time and costs fell This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Payments Plummet in Education Amid Enhanced…

Read more →

Microsoft has fixed over 80 vulnerabilities including two publicly disclosed zero-days in its latest Patch Tuesday release This article has been indexed from www.infosecurity-magazine.com Read the original article: Two Zero-Days Among Patch Tuesday CVEs This Month

Read more →

Wiz Security warns that a recently discovered supply chain attack campaign targeting npm is far from over This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious npm Code Reached 10% of Cloud Environments

Read more →

A threat actor accidentally revealed their AI-powered methods by installing Huntress security software This article has been indexed from www.infosecurity-magazine.com Read the original article: Threat Actor Accidentally Exposes AI-Powered Operations

Read more →

Salty2FA phishing campaign showcases advanced techniques and professionalism of cybercrime operations This article has been indexed from www.infosecurity-magazine.com Read the original article: Salty2FA Phishing Kit Unveils New Level of Sophistication

Read more →

ReliaQuest warns that phishing campaigns abusing the Axios user agent have surged 241% in three months This article has been indexed from www.infosecurity-magazine.com Read the original article: Axios User Agent Helps Automate Phishing on “Unprecedented Scale”

Read more →

What could have been a historic supply chain attack seems to have been averted due to the rapid response of the open source community This article has been indexed from www.infosecurity-magazine.com Read the original article: Open Source Community Thwarts Massive…

Read more →

A House select committee said Chinese actors impersonated Representative John Moolenaar to steal information that could be used to influence trade talks This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Cyber Espionage Campaign Impersonates US Congressman

Read more →

Salesloft has revealed that threat actors targeted customer Salesforce data after breaching its GitHub account This article has been indexed from www.infosecurity-magazine.com Read the original article: Salesloft: GitHub Account Breach Was Ground Zero in Drift Campaign

Read more →

Wealthsimple confirmed a third-party vendor data breach affecting roughly 30,000 customers This article has been indexed from www.infosecurity-magazine.com Read the original article: Wealthsimple Confirms Data Breach After Supply Chain Attack

Read more →

Phishing campaign unveiled MostereRAT, targeting Windows systems with advanced evasion techniques This article has been indexed from www.infosecurity-magazine.com Read the original article: MostereRAT Targets Windows Users With Stealth Tactics

Read more →

Cisco Talos found that abuse of remote services and remote access software are the most prevalent ‘pre-ransomware’ tactics deployed by threat actors This article has been indexed from www.infosecurity-magazine.com Read the original article: Remote Access Abuse Biggest Pre-Ransomware Indicator

Read more →

Palo Alto Networks, Cloudflare and Zscaler were also among confirmed victims of the attack This article has been indexed from www.infosecurity-magazine.com Read the original article: Qualys, Tenable Latest Victims of Salesloft Drift Hack

Read more →

Security researchers have discovered a new malicious campaign impacting hundreds of GitHub users This article has been indexed from www.infosecurity-magazine.com Read the original article: GhostAction Supply Chain Attack Compromises 3000+ Secrets

Read more →

Critical SAP S/4HANA vulnerability CVE-2025-42957 is being exploited in the wild This article has been indexed from www.infosecurity-magazine.com Read the original article: SAP S/4HANA Users Urged to Patch Critical Exploited Bug

Read more →

Bridgestone Americas confirmed the incident but has not detailed the scope of the attack This article has been indexed from www.infosecurity-magazine.com Read the original article: Bridgestone Confirms “Limited Cyber Incident” Impacting Facilities in North America

Read more →

An investigation has revealed that files were stolen in a data breach affecting a South Carolina school district This article has been indexed from www.infosecurity-magazine.com Read the original article: South Carolina School District Data Breach Affects 31,000 People

Read more →

Trend Micro observed the attackers using terminal-based installation methods for the AMOS malware, luring macOS users into installing cracked versions of apps This article has been indexed from www.infosecurity-magazine.com Read the original article: macOS Stealer Campaign Uses “Cracked” App Lures…

Read more →

The joint guidance is a welcome first step towards a common, global adoption of SBOMs, experts argued This article has been indexed from www.infosecurity-magazine.com Read the original article: US and 14 Allies Release Joint Guidance on Software Bill of Materials

Read more →

The OPSWAT report found that insider breaches cost impacted firms $2.7m on average due to factors such as regulatory fines and diminished productivity This article has been indexed from www.infosecurity-magazine.com Read the original article: 61% of US Companies Hit by…

Read more →

North Korean hackers have been observed exploiting cyber threat intelligence platforms in a campaign targeting job seekers with malware-laced lures This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korean Hackers Exploit Threat Intel Platforms For Phishing

Read more →

A newly identified hacking group named GhostRedirector has compromised 65 Windows servers using previously unknown tools This article has been indexed from www.infosecurity-magazine.com Read the original article: GhostRedirector Emerges as New China-Aligned Threat Actor

Read more →

Google Cloud’s Mandiant successfully disrupted an active ViewState deserialization attack affecting Sitecore deployments This article has been indexed from www.infosecurity-magazine.com Read the original article: CMS Provider Sitecore Patches Exploited Critical Zero Day

Read more →

JLR said it is investigating following claims by the actor “Scattered Lapsus$ Hunters” that it had stolen data from the firm and had issued an extortion demand This article has been indexed from www.infosecurity-magazine.com Read the original article: Scattered Spider-Linked…

Read more →

A new Cobalt study finds healthcare organizations among the slowest at resolving serious vulnerabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: Healthcare Sector Takes 58 Days to Resolve Serious Vulnerabilities

Read more →

Hackers are using legitimate red team tool Hexstrike-AI to simplify and speed up vulnerability exploitation This article has been indexed from www.infosecurity-magazine.com Read the original article: Threat Actors Abuse Hexstrike-AI Tool to Accelerate Exploitation

Read more →

A malicious campaign using Ethereum smart contracts has been observed targeting developers via npm and GitHub This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious npm Packages Exploit Ethereum Smart Contracts

Read more →

The backdoor is a sophisticated VBA-based malware targeting Microsoft Outlook This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian APT28 Expands Arsenal with ‘NotDoor’ Outlook Backdoor

Read more →

A massive IPTV privacy network has been uncovered distributing unlicensed content from major brands including Apple TV, Disney+, HBO, Netflix and more This article has been indexed from www.infosecurity-magazine.com Read the original article: Major IPTV Piracy Network Uncovered Spanning 1100…

Read more →

Cloudflare has notified customers that hackers may have accessed their data as part of the Salesloft Drift campaign This article has been indexed from www.infosecurity-magazine.com Read the original article: Cloudflare and Palo Alto Networks Victimized in Salesloft Drift Breach

Read more →

Barracuda observed new methods to disguise phishing links in Tycoon phishing attacks, which are designed to bypass automated email security systems This article has been indexed from www.infosecurity-magazine.com Read the original article: Tycoon Phishing Kit Utilizes New Capabilities to Hide…

Read more →

Evertec subsidiary Sinqia has posted details of an attempt to steal $130m from two B2B partners This article has been indexed from www.infosecurity-magazine.com Read the original article: Brazilian Fintech Giant Sinqia Reveals $130m Heist Attempt

Read more →

Evertec subsidiary Sinqia has posted details of an attempt to steal $130m from two B2B partners This article has been indexed from www.infosecurity-magazine.com Read the original article: Brazilian FinTech Giant Sinqia Reveals $130m Heist Attempt

Read more →

The US Immigration agency has resumed a $2m contract with the Graphite spyware developer, now owned by US investor AE Industrial Partners This article has been indexed from www.infosecurity-magazine.com Read the original article: ICE Reinstates Contract with Spyware Vendor Paragon

Read more →

A malicious npm package “nodejs-smtp” has been discovered impersonating nodemailer and injecting code to drain crypto wallets This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious npm Package Masquerades as Popular Email Library

Read more →

Experts have revealed an Azure AD vulnerability exposing ClientId and ClientSecret in a publicly accessible appsettings.json file This article has been indexed from www.infosecurity-magazine.com Read the original article: Azure AD Credentials Exposed in Public App Settings File

Read more →

Jaguar has proactively shut down systems to mitigate the impact of the incident, amid reports that workers at a UK manufacturing plant had been told to stay at home This article has been indexed from www.infosecurity-magazine.com Read the original article:…

Read more →

The UK National Cyber Security Centre thinks public disclosure programs could help mitigate AI safety threats This article has been indexed from www.infosecurity-magazine.com Read the original article: UK NCSC Supports Public Disclosure for AI Safeguard Bypass Threats

Read more →

Zscaler has emerged as the latest corporate victim of a supply chain attack targeting Salesforce data This article has been indexed from www.infosecurity-magazine.com Read the original article: Zscaler Customer Info Taken in Salesloft Breach

Read more →

Silver Fox APT abuses Microsoft-signed drivers to kill antivirus and deploy ValleyRAT remote-access backdoor This article has been indexed from www.infosecurity-magazine.com Read the original article: Silver Fox Exploits Signed Drivers to Deploy ValleyRAT Backdoor

Read more →

A vulnerability in the WordPress Paid Memberships Subscription plugin could lead to unauthenticated SQL injection on affected sites This article has been indexed from www.infosecurity-magazine.com Read the original article: High-Risk SQLi Flaw Exposes WordPress Memberships Plugin Users

Read more →

A vulnerability in the WordPress Paid Memberships Subscription plugin could lead to unauthenticated SQL injection on affected sites This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical SQLi Threat to WordPress Memberships Plugin Users

Read more →

Pennsylvania’s Attorney General confirmed the OAG had refused to pay a ransom demand to the attackers after files were encrypted This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Attack on Pennsylvania’s AG Office Disrupts Court Cases

Read more →

The campaign shows APT29’s intentions to “cast a wider net in their intelligence collection efforts,” said Amazon This article has been indexed from www.infosecurity-magazine.com Read the original article: Amazon Stops Russian APT29 Watering Hole Attack Exploiting Microsoft Auth

Read more →

Adversaries targeting the Salesloft Drift application integration with Salesforce have also compromised Google Workspace accounts This article has been indexed from www.infosecurity-magazine.com Read the original article: Salesloft Attacks Target Google Workspace

Read more →

WhatsApp has fixed a zero-day vulnerability linked to a sophisticated cyber-attack This article has been indexed from www.infosecurity-magazine.com Read the original article: WhatsApp Patches Zero-Day, Zero-Click Flaw

Read more →

Pyongyang-backed hacking group APT37 leveraged an internal South Korean intelligence briefing in a spear phishing campaign This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korean Hackers Weaponize Seoul Intelligence Files to Target South Koreans

Read more →

A software supply chain attack targeting Nx marks the first known case where attackers have leveraged developer AI assistants, according to StepSecurity This article has been indexed from www.infosecurity-magazine.com Read the original article: Npm Package Hijacked to Steal Data and…

Read more →

Recorded Future highlighted the vast capabilities of state actors to rapidly weaponize newly disclosed vulnerabilities for geopolitical purposes This article has been indexed from www.infosecurity-magazine.com Read the original article: State-Sponsored Hackers Behind Majority of Vulnerability Exploits

Read more →

The credit rating giant revealed that the breach, which occurred on July 28, was caused by unauthorized access to a third-party application This article has been indexed from www.infosecurity-magazine.com Read the original article: TransUnion Data Breach Impacts 4.5 Million US…

Read more →

Fake IT support lures are being used to trick employees into installing remote‑access tools via Microsoft Teams This article has been indexed from www.infosecurity-magazine.com Read the original article: Fake IT Support Attacks Hit Microsoft Teams

Read more →

Salt Typhoon’s primary Dutch targets were small internet service providers and hosting providers This article has been indexed from www.infosecurity-magazine.com Read the original article: Netherlands Confirms China’s Salt Typhoon Targeted Small Dutch Telcos

Read more →

Visual Studio Code extensions have been identified exploiting a loophole that allows reuse of names from removed packages This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious VS Code Extensions Exploit Name Reuse Loophole

Read more →

Nevada’s CIO confirmed in a press conference that ransomware actors had exfiltrated data from state networks, amid an ongoing incident investigation This article has been indexed from www.infosecurity-magazine.com Read the original article: Nevada Confirms Ransomware Attack, State Data Stolen

Read more →

The US, UK and allies have called out China’s “commercial cyber ecosystem” for enabling large-scale Salt Typhoon campaigns This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Tech Firms Linked to Salt Typhoon Espionage Campaigns

Read more →

Chainalysis, OKX, Binance and Tether have managed to stop nearly $50m reaching romance baiting fraudsters This article has been indexed from www.infosecurity-magazine.com Read the original article: Crypto Companies Freeze $47m in Romance Baiting Funds

Read more →

Microsoft observed Storm-0501 pivot to the victim’s cloud environment to exfiltrate data rapidly and prevent the victim’s recovery This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Actor Deletes Data and Backups Post-Exfiltration on Azure

Read more →

CISA has launched a new Software Acquisition Guide Web Tool to enhance security in software procurement This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Strengthens Software Procurement Security With New Tool

Read more →

While still in development, PromptLock is described as the “first known AI-powered ransomware” by ESET researchers This article has been indexed from www.infosecurity-magazine.com Read the original article: Researchers Discover First Reported AI-Powered Ransomware

Read more →

The Office of the Governor of Nevada revealed that the incident has shut down in-person State services, while government phone lines and websites are offline This article has been indexed from www.infosecurity-magazine.com Read the original article: Nevada “Network Security Incident”…

Read more →

A series of cyber-attacks against government organizations in Central Asia and Asia- Pacific has been linked to the ShadowSilk threat cluster This article has been indexed from www.infosecurity-magazine.com Read the original article: ShadowSilk Campaign Targets Central Asian Governments

Read more →

Citrix customers are urged to patch their vulnerable NetScaler appliances, but “patching alone won’t cut it,” experts said This article has been indexed from www.infosecurity-magazine.com Read the original article: Citrix Patches Three NetScaler Zero Days as One Sees Active Exploitation

Read more →

EU security agency ENISA is being handed €36m to operate the EU Cybersecurity Reserve This article has been indexed from www.infosecurity-magazine.com Read the original article: ENISA to Coordinate €36m EU-Wide Incident Response Scheme

Read more →

Google is warning of a new credential theft campaign targeting Salesforce customers via Salesloft Drift This article has been indexed from www.infosecurity-magazine.com Read the original article: New Data Theft Campaign Targets Salesforce via Salesloft App

Read more →

Abnormal AI said the campaign, which lures victims into downloading legitimate RMM software, marks a major evolution in phishing tactics This article has been indexed from www.infosecurity-magazine.com Read the original article: New Phishing Campaign Abuses ConnectWise ScreenConnect to Take Over…

Read more →

A new version of the Hook Android banking Trojan features 107 remote commands, including ransomware overlays This article has been indexed from www.infosecurity-magazine.com Read the original article: New Android Trojan Variant Expands with Ransomware Tactics

Read more →

A global phishing campaign has been identified using personalized emails and fake websites to deliver malware via UpCrypter This article has been indexed from www.infosecurity-magazine.com Read the original article: Phishing Campaign Uses UpCrypter to Deploy Remote Access Tools

Read more →

All previously scheduled mobility trips across Maryland for this week will be honored, said the state’s transportation administration This article has been indexed from www.infosecurity-magazine.com Read the original article: US: Maryland Confirms Cyber Incident Affecting State Transport Systems

Read more →

A new CIISec poll finds the majority of industry professionals would prefer more rigorous cybersecurity laws This article has been indexed from www.infosecurity-magazine.com Read the original article: CIISec: Most Security Professionals Want Stricter Regulations

Read more →

Data I/O has revealed operational disruption following a ransomware breach that forced it to take some systems offline This article has been indexed from www.infosecurity-magazine.com Read the original article: Tech Manufacturer Data I/O Hit by Ransomware

Read more →

A variant of the Atomic macOS Stealer (AMOS) targets macOS users via fake support sites in malvertising campaign This article has been indexed from www.infosecurity-magazine.com Read the original article: Fake macOS Help Sites Seek to Spread Infostealer in Targeted Campaign

Read more →

A Chinese developer has been sentenced to four years in prison after being found to deploy malicious code in his employer’s network, including a “kill switch” This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Developer Jailed…

Read more →

The US Cybersecurity and Infrastructure Security Agency is planning to launch an update to a 2021 guideline for SBOM requirements This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Seeks Biden Era’s SBOM Minimum Requirements Guideline Change

Read more →

Operation Serengeti 2.0 operators helped recover $97.4m stolen by cybercriminals This article has been indexed from www.infosecurity-magazine.com Read the original article: Interpol-Led African Cybercrime Crackdown Leads to 1209 Arrests

Read more →

Darktrace observed a coordinated campaign on customer SaaS accounts, all of which involved logins from IP addresses linked to VPS providers This article has been indexed from www.infosecurity-magazine.com Read the original article: Attackers Abuse Virtual Private Servers to Compromise SaaS…

Read more →

All Apple users are encouraged to update their iPhones, iPads and macOS devices This article has been indexed from www.infosecurity-magazine.com Read the original article: Apple Releases Patch for Likely Exploited Zero-Day Vulnerability

Read more →

Microsoft has set out a roadmap to complete transition to PQC in all its products and services by 2033, with roll out beginning by 2029 This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft to Make All…

Read more →

Russian state-backed hackers are exploiting a seven-year-old Cisco Smart Install vulnerability (CVE-2018-0171) in end-of-life devices, prompting warnings from the FBI and Cisco Talos This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Espionage Group Static Tundra Targets…

Read more →

Colt customers can request a list of filenames posted on the dark web via a dedicated call center This article has been indexed from www.infosecurity-magazine.com Read the original article: Colt Admits Customer Data Likely Stolen in Cyber-Attack

Read more →

A 22-year-old Oregon man has been charged with administering the Rapper Bot DDoS-for-hire Botnet This article has been indexed from www.infosecurity-magazine.com Read the original article: Oregon Man Charged in Rapper Bot DDoS-for-Hire Case

Read more →

Noah Urban, linked with the Scattered Spider cybercriminal gang, will also pay $13m in restitution to victims This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybercriminal Linked to Notorious Scattered Spider Gang Gets 10-Year Sentence

Read more →

Orange Belgium revealed that a threat actor has compromised 850,000 customer accounts, with SIM card numbers among the data accessed This article has been indexed from www.infosecurity-magazine.com Read the original article: Orange Data Breach Raises SIM-Swapping Attack Fears

Read more →