Information Security Magazine

ISC2 survey of cybersecurity professionals suggests that staff want their information security leaders to have experienced reacting to a significant cyber incident

GCHQ director urges urgent business cyber action as AI and quantum reshape the threat

Operators of the malicious Glassworm botnet have been targeting software developers since at least early 2025

Cybermindz warns that cybersecurity burnout is a growing risk, urging organizations to move beyond wellness initiatives and adopt a measurable, risk-based approach to workforce stress

Group-IB uncovered Ghost Stadium phishing and 4300 fake FIFA World Cup domains targeting fans

UK firms plan higher cyber spending as AI adoption raises security concerns

FortiGuard Labs detailed a PureLogs campaign using JavaScript, PowerShell and process hollowing

Almost all organizations impersonated by Chinese phishing platforms are non-Chinese entities, suggesting operators deliberately avoid domestic targets

BTMOB Android RAT sold as a service with a no-code builder for fast, regional phishing lures

CERT-In urges 12-hour patching of exposed flaws as AI compresses exploitation timelines

Iran's Nimbus Manticore pushes AI-built MiniFast backdoor via phishing and SEO poisoning

The Kali365 phishing-as-a-service platform lowers the barrier of entry for cybercriminals, said the FBI

From fake F1 streams to counterfeit merch, fraudsters are exploiting fans online and the Bitdefender Cybersecurity Grand Prix Fan Threat Index details how

The infostealer payload in this campaign collect a vast amount of data, from collaboration authentication keys to cryptocurrency wallets

Total figure for fraudulent transactions Apple has blocked since 2020 now stands at over $11bn

First VPN, a service used by ransomware actors and fraudsters, was dismantled by Europol

A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual Studio Marketplace

AI risks threaten to permeate supply chains through unvetted code and unaudited suppliers

Qualys finds nine-year-old Linux ptrace flaw exposing SSH keys and password hashes locally