A Quarter of UK and US Firms Suffer Data Poisoning Attacks
New IO research reveals a surge in AI attacks attempting to corrupt underlying training data
Information Security Magazine
Shai-Hulud Worm Prowls npm to Steal Hundreds of Secrets
2 months 2 weeks ago
A secret-stealing worm is spreading fast across the npm ecosystem, experts have warned
Fifteen Ransomware Gangs “Retire,” Future Unclear
2 months 2 weeks ago
Fifteen ransomware groups have claimed shutdown on BreachForums; experts warn of rebrands and copycats
Gucci and Alexander McQueen Hit by Customer Data Breach
2 months 2 weeks ago
The attack, which is linked to ShinyHunters, has reportedly compromised data relating to 7.4 million unique email addresses
Chinese AI Villager Pen Testing Tool Hits 11,000 PyPI Downloads
2 months 2 weeks ago
AI-native Villager, which automates Kali and DeepSeek penetration tests, has reached 11,000 PyPI downloads fueling dual-use threat
UK: Tax Refund-Themed Phishing Slows in 2025
2 months 2 weeks ago
Reports of email phishing attempts impersonating the UK’s HM Revenue & Customs plummeted in the first half of 2025
JLR Extends Production Halt After Cyber-Attack
2 months 2 weeks ago
Jaguar Land Rover (JLR) has confirmed that its pause in production will last until at least Wednesday, September 24
API Threats Surge to 40,000 Incidents in 1H 2025
2 months 2 weeks ago
Thales claims there were over 40,000 API incidents in the first half of 2025
FinWise Bank Warns of Insider Data Breach
2 months 2 weeks ago
An insider data breach at FinWise may have impacted 689,000 customers
HybridPetya Mimics NotPetya, Adds UEFI Compromise
2 months 2 weeks ago
HybridPetya ransomware mimics Petya/NotPetya, with an added UEFI bootkit and Secure Boot bypass
SEO Poisoning Targets Chinese Users with Fake Software Sites
2 months 2 weeks ago
SEO poisoning attack has been observed targeting Chinese Windows users via lookalike domains, installing Hiddengh0st and Winos
AI-Forged Military IDs Used in North Korean Phishing Attack
2 months 2 weeks ago
Genians observed the Kimsuky group impersonate a defense institution in a spear-phishing attack, leveraging ChatGPT to create fake military ID cards
CISA at Risk After OIG Accuses it of Wasting Federal Funds
2 months 2 weeks ago
US Department of Homeland Security OIG claims CISA mismanaged a key cyber retention incentive program
Phishing Campaigns Drop RMM Tools for Remote Access
2 months 2 weeks ago
Threat actors are using multiple lures to trick users into installing RMM tools
Attackers Adopt Novel LOTL Techniques to Evade Detection
2 months 3 weeks ago
HP Wolf has reported the use of multiple, uncommon binaries and novel uses of legitimate image files in recent malicious campaigns
France Warns Apple Users of New Spyware Campaign
2 months 3 weeks ago
Apple has sent at least four notifications in 2025, according to the French national cybersecurity agency
ICO Warns of Student-Led Data Breaches in UK Schools
2 months 3 weeks ago
ICO warned that growing hacks by children into school computer systems is setting them up for “a life of cybercrime”
CISA Launches Roadmap for the CVE Program
2 months 3 weeks ago
The US cybersecurity agency called for the CVE program to remain publicly maintained and vendor-neutral while emphasizing the need for broader engagement
Fileless Malware Deploys Advanced RAT via Legitimate Tools
2 months 3 weeks ago
A sophisticated fileless malware campaign has been observed using legitimate tools to deliver AsyncRAT executed in memory
Wyden Urges FTC Investigation Over Ascension Ransomware Hack
2 months 3 weeks ago
Senator Ron Wyden of Oregon has urged the FTC to investigate Microsoft for cybersecurity lapses linked to ransomware attacks on US critical infrastructure
Checked
7 hours 18 minutes ago