Attack & News

Latest cybersecurity news, threat reports, and attack campaigns

All Feeds Attack & News Gov Alerts / ISAC Vulnerability Alerts Privacy & Governance Fraud & Scams

517 articles

NEWSInfosecurity Magazineabout 1 month ago

No Metrics Are Better Than Bad Metrics in the SOC, Says NCSC

The National Cyber Security Centre has warned against measuring SOCs with ticket-based metrics

NEWShighInfosecurity Magazineabout 1 month ago

North Korean Hackers Target Crypto Firms with ClickFix and AI-Made Zoom Lures

Arctic Wolf attributed this large-scale spear-phishing campaign to BlueNoroff, a financially motivated subgroup of the Lazarus Gro…

NEWSInfosecurity Magazineabout 1 month ago

US Sanctions Target Cambodian Scam Network Leaders

US sanctions target Cambodian scam networks tied to crypto fraud and trafficking

NEWSInfosecurity Magazineabout 1 month ago

Utilities Tech Supplier Itron Discloses Cyber-Attack, Operations Unaffected

Itron confirmed a cyber incident but does not believe it is likely to have a material impact on the company

NEWSInfosecurity Magazineabout 1 month ago

Widely Used Browser Extensions Selling User Data

Dozens of browser extensions openly sell user data via privacy policy disclosures

NEWSInfosecurity Magazineabout 1 month ago

Most Cybersecurity Professionals Feel Undervalued and Underpaid

A new report by global technology recruitment firm, Harvey Nash, found that three quarters of cybersecurity staff are pessimistic…

NEWShighInfosecurity Magazineabout 1 month ago

Researchers Identify Fast16 Sabotage Malware That Pre-Dates Stuxnet

The “fast16” malware may have been used to target Iran’s nuclear program prior to Stuxnet

NEWSInfosecurity Magazineabout 1 month ago

BlackFile Group Targets Retail and Hospitality with Vishing Attacks

Researchers uncover a new data theft and extortion group dubbed “BlackFile”

NEWScriticalInfosecurity Magazineabout 2 months ago

UK Biobank Data Breach: Health Data of 500,000 Listed for Sale in China

UK government Minister confirms that breached health records of UK Biobank volunteers were up for sale on Chinese ecommerce platfo…

NEWSInfosecurity Magazineabout 2 months ago

AI Rush is Reviving Old Cybersecurity Mistakes, Mandiant VP Warns

AI tools are not just creating new vulnerabilities, they are reviving old security failures, warned Jurgen Kutscher, VP of Mandian…

NEWShighInfosecurity Magazineabout 2 months ago

Npm Supply Chain Malware Attack Targets Developers With Worm-Like Propagation

Malicious npm packages spread via worm-like propagation and steal developer credentials

NEWSInfosecurity Magazineabout 2 months ago

Google Favors General-Purpose Gemini Models Over Cybersecurity‑Specific AI

Google Cloud’s COO advocated for combining general-purpose frontier large language models with task-specific AI agents

NEWSInfosecurity Magazineabout 2 months ago

Apple Fixes iOS Notification Bug Exposing Deleted Messages

Apple patches iOS flaw that retained deleted notifications, exposing message data

NEWSInfosecurity Magazineabout 2 months ago

Google Introduces Unique AI Agent Identities in New Gemini Enterprise Platform

Google Cloud will attribute a unique cryptographic ID every AI agent that will be tied to “traceable and auditable” authorization…

NEWSInfosecurity Magazineabout 2 months ago

Cyber-Attacks Surge 63% Annually in Education Sector

Quorum Cyber report finds higher and further education institutions experienced 63% increase in attacks over a year

NEWSInfosecurity Magazineabout 2 months ago

Researchers Uncover 10 In-the-Wild Prompt Injection Payloads Targeting AI Agents

Forcepoint has found 10 new indirect prompt injection attacks targeting AI agents

NEWSInfosecurity Magazineabout 2 months ago

NCSC Backs Passkeys, Hailing a New Era of Sign-in

The UK’s NCSC has fully backed passkeys as consumers’ first choice for login, citing progress with FIDO and successful use across…

NEWSInfosecurity Magazineabout 2 months ago

MacOS Native Tools Enable Stealthy Enterprise Attacks

macOS LOTL techniques bypass detection using native tools and metadata abuse

NEWSInfosecurity Magazineabout 2 months ago

NCSC Unveils SilentGlass, a Plug-In Device to Protect Monitors from Cyber-Attacks

The UK’s cybersecurity agency said the devices will be available for purchase by organizations around the world

NEWSInfosecurity Magazineabout 2 months ago

UK Commits £90m for Cybersecurity and Pushes for ‘Resilience Pledge’

UK unveils £90m cybersecurity funding at CYBERUK to boost SME resilience, promote Cyber Essentials and a new Cyber Resilience Pled…

NEWShighInfosecurity Magazineabout 2 months ago

Surge in Silent Subject Phishing Attacks Targets VIP Users

Null subject phishing campaigns bypass filters and target VIPs with QR code and RMM abuse

NEWSInfosecurity Magazineabout 2 months ago

Former Ransomware Negotiator Pleads Guilty to Working For BlackCat Cyber Gang

A former ransomware negotiator has pleaded guilty to abusing his position by working with noted cybercrime group BlackCat

NEWSInfosecurity Magazineabout 2 months ago

Researchers Uncover ProxySmart Software Powering 90+ SIM Farms

Infrawatch says ProxySmart platform enables SIM farm activity at “industrial scale”

NEWSInfosecurity Magazineabout 2 months ago

UK Faces a Cyber ‘Perfect Storm’ Driven by Tech Advances and Nation State Threats, NCSC Warns

The convergence of global tensions and rapid technological change is driving a new era of cyber risk, the NCSC warns

NEWSInfosecurity Magazineabout 2 months ago

Trojanized Android App Fuels New Wave of NFC Fraud

NGate malware abuses HandyPay app to steal NFC card data and PINs in Brazil

NEWSKrebs on Securityabout 2 months ago

‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty

A 24-year-old British national and senior member of the cybercrime group "Scattered Spider" has pleaded guilty to wire fraud consp…

NEWSInfosecurity Magazineabout 2 months ago

The Gentlemen Ransomware Expands With Rapid Affiliate Growth

Gentlemen RaaS expands quickly with multi-platform attacks and SystemBC-linked infections

NEWSInfosecurity Magazineabout 2 months ago

Unchecked AI Agents Cause Cybersecurity Incidents at Two Thirds of Firms

Data exposure, operational disruption and financial losses among issues faced by businesses struggling with the rapid rise of AI a…

NEWShighInfosecurity Magazineabout 2 months ago

Vercel Confirms Cyber Incident After Sophisticated Attacker Exploits Third‑Party Tool

Cloud app developer Vercel appears to have suffered a security breach

NEWSInfosecurity Magazineabout 2 months ago

North Korea Blamed for $290m KelpDAO Crypto Heist

North Korea’s Lazarus Group is pegged for a $290m crypto theft at KelpDAO