Attack & News

Latest cybersecurity news, threat reports, and attack campaigns

All Feeds Attack & News Gov Alerts / ISAC Vulnerability Alerts Privacy & Governance Fraud & Scams

518 articles

NEWSInfosecurity Magazine28 days ago

ICO Publishes Five-Step Plan to Counter Emerging AI-Powered Attacks

The Information Commissioner’s Office has released new guidance on how to mitigate the risk of AI-powered attacks

NEWScriticalInfosecurity Magazine28 days ago

Canvas Owner Reaches Agreement With Cybercriminals After Ransomware Attack

Instructure says it reached an agreement with ShinyHunters over the Canvas breach data

NEWSInfosecurity Magazine28 days ago

Avada Builder Flaws Expose One Million WordPress Sites

Avada Builder flaws allowed file read and SQL injection on one million WordPress sites

NEWShighInfosecurity Magazine28 days ago

Ransomware: Over Half of CISOs Would Consider Paying Ransom to Hackers

Survey of cybersecurity leaders suggests that majority would strongly consider paying cybercriminals, if that’s what it took to he…

NEWSInfosecurity Magazine29 days ago

Global Cyber Agencies Issue New SBOMs for AI Guidance to Tackle AI Supply Chain Risks

The G7 Cybersecurity Working Group releases new SBOM for AI guidance, outlining seven key data clusters to boost transparency and…

NEWSInfosecurity Magazine29 days ago

UK Cybersecurity Market Expands to £14.7bn with Strong Growth in AI Security Firms

UK cybersecurity sector reaches £14.7bn in revenue, driven by rapid growth in AI security firms, increased investment and rising e…

NEWScriticalInfosecurity Magazine29 days ago

Microsoft Fixes 17 Critical Flaws in May Patch Tuesday

Microsoft has patched 120 vulnerabilities in this month’s security update round

NEWShighKrebs on Security29 days ago

Patch Tuesday, May 2026 Edition

Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkabl…

NEWSInfosecurity Magazine29 days ago

OpenAI Launches 'Daybreak' to Help Build Secure By Design Software

With Daybreak, OpenAI wants its frontier AI models to be used to deploy secure by design software from the ground up

NEWSInfosecurity Magazine29 days ago

Mini Shai-Hulud Hits TanStack npm Packages

Mini Shai-Hulud compromises TanStack npm packages and spreads across PyPI

NEWSInfosecurity Magazine29 days ago

End‑to‑End Encrypted RCS Messaging Arrives Across iPhone and Android

Apple begins rolling out end-to-end encrypted RCS messaging between iPhone and Android in iOS 26.5

NEWSInfosecurity Magazine29 days ago

Attackers Combine ClickFix With PySoxy Proxying to Maintain Persistence

Exploitation of open-source tools allows attackers to maintain persistent access after initial social engineering, warn ReliaQuest…

NEWSInfosecurity Magazine30 days ago

Malicious Hugging Face Repository Typosquats OpenAI

HiddenLayer reveals infostealer malware in a Hugging Face repository

NEWScriticalInfosecurity Magazine30 days ago

South Staffordshire Water Fined £1m After Data Breach

The ICO has fined South Staffordshire Water nearly £1m for a series of data protection failings

NEWSInfosecurity Magazineabout 1 month ago

TrickMo Variant Routes Android Trojan Traffic Through TON

ThreatFabric finds new TrickMo Android banking trojan variant routing C2 through The Open Network

NEWShighInfosecurity Magazineabout 1 month ago

Rushed Patches Follow Broken Embargo on New Linux Kernel Vulnerabilities

Two new high-severity vulnerabilities, dubbed ’Dirty Frag’ when chained, have been found in the Linux kernel, affecting most Linux…

NEWSInfosecurity Magazineabout 1 month ago

Fake Claude Code Page Pushes PowerShell Stealer at Devs

Ontinue uncovers fake Claude Code installer pushing PowerShell stealer abusing Chrome's IElevator2

NEWScriticalInfosecurity Magazineabout 1 month ago

Hackers Observed Using AI to Develop Zero-Day for the First Time

Google Threat Intelligence Group details how cybercriminals attempted to launch a campaign based around an AI-developed Zero-Day t…

NEWSInfosecurity Magazineabout 1 month ago

US: FCC Relaxes Foreign-Made Router Ban to Allow for Security Updates

The same extension applies to security updates shipped to US-based users of foreign-made drones

NEWSInfosecurity Magazineabout 1 month ago

ShinyHunters Escalates Canvas Extortion with School by School Ransom Campaign

ShinyHunters has escalated its Canvas extortion campaign, defacing hundreds of school login pages and threatening to leak stolen d…

NEWScriticalInfosecurity Magazineabout 1 month ago

Zara Data Breach Impacts Nearly 200,000 Customers

ShinyHunters gets away with emails and other data on 200,000 Zara customers

NEWSInfosecurity Magazineabout 1 month ago

Police Shut Relaunched Crimenetwork Dark Web Marketplace

Spanish police have arrested the suspected administrator of German dark web marketplace Crimenetwork

NEWSInfosecurity Magazineabout 1 month ago

Australian Cyber Security Centre Issues Alert Over ClickFix Attacks

ACSC warns over a campaign targeting organizations which uses ClickFix to deliver Vidar infostealer malware

NEWSInfosecurity Magazineabout 1 month ago

PCPJack Campaign Boots TeamPCP Off Compromised Machines

SentinelOne believes the PCPJack campaign may be the brainchild of a former TeamPCP member

NEWSKrebs on Securityabout 1 month ago

Canvas Breach Disrupts Schools & Colleges Nationwide

An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework a…

NEWSInfosecurity Magazineabout 1 month ago

Legacy Security Tools Failing Data Protection, Capital One Software Report Finds

Traditional network security tools are undermining data protection, with Forrester and Capital One Software research warning AI ad…

NEWSInfosecurity Magazineabout 1 month ago

Cline Kanban Flaw Lets Websites Hijack AI Coding Agents

Oasis Security finds critical Cline kanban WebSocket flaw exposing AI coding agents to hijack

NEWScriticalInfosecurity Magazineabout 1 month ago

OpenAI and Anthropic LLMs Used in Critical Infrastructure Cyber-Attack, Warns Dragos

Commercial AI models were used to help plan and conduct cyber-attack against operational technology of a water and drainage facili…

NEWShighInfosecurity Magazineabout 1 month ago

Fake Claude AI Site Drops Beagle Backdoor on Windows Users

Sophos finds fake Claude site spreading DonutLoader and a new Beagle backdoor via DLL sideloading

NEWSInfosecurity Magazineabout 1 month ago

Daemon Tools Developer Confirms Software Was Trojanized

A China-linked threat actor backdoored a version of Daemon Tools to infect thousands