Tag: Information Security Buzz

ReliaQuest’s 2026 Annual Threat Report reveals that 2025 saw an unparalleled escalation in AI- and automation-facilitated cyberattacks. Incident data from 2024 was compared to 2025, and ReliaQuest found that threat actors are now faster than ever. To remain ahead of the curve, security practitioners will need to adopt AI…

Read more →

In early 2026, a platform called Moltbook, later renamed OpenClaw, went viral for what appeared to be a startling development. Autonomous AI agents were posting, debating, upvoting, and forming communities without human participation. Basically, how most end-of-the-world sci-fi movies start.…

Read more →

A UK solicitor is under investigation for allegedly violating client confidentiality and waiving legal privilege after they confessed to uploading their clients’ confidential documents to ChatGPT.   This is in line with a warning issued by the Upper Tribunal that the…

Read more →

Cyber Risk is now a standing item in most boardrooms. You’ll find it in annual reports, audit committees, and regulatory filings. And still, cyber risk is not being addressed.  Not because boards don’t care, or because CISOs are not reporting. But because something fundamental…

Read more →

New evidence indicates that the North Korean state-sponsored Lazarus Group has adopted the infamous Medusa ransomware in its extortion attacks, including those against the healthcare and nonprofit sectors.  The Threat Hunter Team from Symantec and Carbon Black says these attacks have…

Read more →

Malware-fuelled ATM “jackpotting” attacks are surging across the United States, with the FBI warning that incidents have spiked sharply in 2025.  In a recent alert, the Bureau said it has recorded around 1,900 ATM jackpotting incidents since 2020. Alarmingly, more than…

Read more →

PayPal has disclosed a data breach that exposed some of its customers’ personal information and led to fraudulent transactions.  The company said it happed due to an error in its PayPal Working Capital (“PPWC”) loan application, an offering that gives businesses a cash advance based on…

Read more →

A bug has been causing Microsoft Copilot to read and summarise users’ confidential emails, and it’s been happening since late January.   Microsoft says the issue stems from a code error that bypassed data loss prevention (DLP) policies designed to stop sensitive information from being accessed in…

Read more →

Abnormal has discovered a new phishing kit that allows bad actors to steal usernames and passwords with a toolkit that spoofs live login pages and bypasses multi-factor authentication (MFA) protections.  Most phishing kits depend on static HTML clones of login pages, which,…

Read more →

Companies are investing in artificial intelligence at an unprecedented pace. Few areas of business remain untouched by automation, generation, or analysis through AI, yet what’s often missing from the conversation is how quickly this shift is redefining the threat landscape…

Read more →

Security researchers at ESET have uncovered what they describe as the first known case of Android malware abusing generative AI to manipulate a device’s user interface in real time.  Dubbed PromptSpy, the newly identified malware family uses Google’s Gemini to analyze on-screen content and dynamically…

Read more →

CISA has warned that a critical security vulnerability (CVE-2026-1670) has been identified in four Honeywell CCTV camera models.  “Successful exploitation of this vulnerability could lead to account takeovers and unauthorized access to camera feeds; an unauthenticated attacker may change the recovery email address, potentially…

Read more →

Scammers, confidence men, swindlers. Whatever you call them, for all of human history, people have made a living cheating others out of their hard-earned possessions. While that’s never going to change, their tactics, however, always will. In Q4 2025, email…

Read more →

APIs made up 17% of 67,058 published vulnerabilities in 2025, a total of 11,053 API-related flaws. The overlap between APIs and AI is even more notable. More than a third (36%) of AI vulnerabilities (786 out of 2,185) were API-related. …

Read more →

Eurail BV has confirmed that some customer data impacted by the previously reported security incident has been offered for sale on the dark web and a sample data set has been posted on Telegram.   The company said it is continuing to investigate the scope…

Read more →

Modern supply chain attacks are no longer isolated events. Rather, phishing, identity theft, malicious extensions, data breaches, ransomware, and extortion are becoming more and more interrelated steps of a single attack chain, where each step reinforces the next.  This was one of the…

Read more →

A recent report from Picus Labs, has uncovered a chilling evolution in cyber warfare, that it calls “the rise of the Digital Parasite.”   The report analyzed more than 1.1 million malicious files and 15.5 million actions last year, and revealed that bad actors have shifted 80% of their resources toward stealth, evasion, and…

Read more →

Dutch telecoms business Odido has disclosed a cyberattack on its customer contact system that happened on 7 February.   The personal information of approximately 6.2 million customers was disclosed, including names, residential addresses, mobile phone numbers, email addresses, account numbers, and ID information such as passports and driver’s licenses.   In a statement, the company…

Read more →

Almost 17,000 Volvo employees have had their personal data exposed after attackers breached Conduent, an outsourcing company that manages workforce benefits and back-office services.   In a filing with the Maine Attorney General, Volvo Group North America said it learned in late January that employee data had been exposed through systems run by Conduent.  …

Read more →

For years, cybersecurity strategies have focused on people. From employees and contractors to partners and insiders, that familiar ‘humans are the weakest link’ rhetoric has defined the industry for decades. The tools and strategies developed to defend against threats, like…

Read more →