Third Defendant Pleads Guilty in Fantasy Sports Betting Hack Case
A Minnesota man has pleaded guilty to a credential stuffing scheme that compromised over 60,000 accounts
Information Security Magazine
Russian Phishing Campaign Delivers Phantom Stealer Via ISO Files
1 month 2 weeks ago
A new phishing campaign has been identified, delivering the Phantom information-stealing malware via an ISO attachment
Asahi to Launch Cybersecurity Overhaul After Crippling Cyber-Attack
1 month 2 weeks ago
Asahi Group’s CEO said he is considering creating a dedicated cyber unit following the ransomware attack that crippled the company
Top 25 Most Dangerous Software Weaknesses of 2025 Revealed
1 month 2 weeks ago
MITRE has released its Top 25 CWE list for 2025, compiled from software and hardware flaws behind almost 40,000 CVEs
NCSC Playbook Embeds Cyber Essentials in Supply Chains
1 month 2 weeks ago
The UK’s National Cyber Security Centre has called on businesses to apply Cyber Essentials to suppliers
NCSC Plugs Gap in Cyber-Deception Guidance
1 month 3 weeks ago
The National Cyber Security Centre has released new learnings from a cyber deception pilot
ICO Fines LastPass £1.2m After 2022 Breach
1 month 3 weeks ago
The UK’s data protection regulator has fined password manager provider LastPass £1.2m after 2022 data breach
South Korean Police Raid Coupang Over Data Breach as CEO Resigns
1 month 3 weeks ago
The Coupang South Korean unit's response will be spearheaded by an executive based in the US
OpenAI Enhances Defensive Models to Mitigate Cyber-Threats
1 month 3 weeks ago
OpenAI has reported a surge in performance as GPT-5.1-Codex-Max reaching 76% in capability assessments, and warned of upcoming cyber-risks
Malware Discovered in 19 Visual Studio Code Extensions
1 month 3 weeks ago
A new campaign involving 19 malicious Visual Studio Code extensions used a legitimate npm package to embed malware in dependency folders
Scam-Busting FCA Firm Checker Tool Given Cautious Welcome
1 month 3 weeks ago
Experts say a new Firm Checker tool from the FCA won’t move the dial on fraud but is a step in the right direction
Google Releases Critical Chrome Security Update to Address Three Zero-Days
1 month 3 weeks ago
Google has released a Chrome security update to fix three zero-day vulnerabilities, including a high-severity flaw with an active exploit
“Cyber Tax” Warning as Two-Fifths of SMBs Raise Prices After Breach
1 month 3 weeks ago
New ITRC research finds 81% of US small businesses suffered a data or security breach in the past year
ClickFix Social Engineering Sparks Rise of CastleLoader Attacks
1 month 3 weeks ago
A new malware campaign has been identified using a Python-based delivery system to deploy CastleLoader malware
Pro-Russia Hackers Target US Critical Infrastructure in New Wave
1 month 3 weeks ago
Pro-Russia hacktivist groups have been observed exploiting exposed virtual network computing connections to breach OT systems
Google Fixes Zero Click Gemini Enterprise Flaw That Exposed Corporate Data
1 month 3 weeks ago
The flaw, dubbed ‘GeminiJack,’ exploits the trust boundary between user-controlled content in data sources and the AI model’s instruction processing
Log4Shell Downloaded 40 Million Times in 2025
1 month 3 weeks ago
Sonatype has claimed that 13% of Log4j versions downloaded this year were vulnerable to the legacy critical Log4Shell bug
Microsoft Fixes Three Zero-Days in Final Patch Tuesday of 2025
1 month 3 weeks ago
December’s Patch Tuesday sees the release of patches for over 50 CVEs including three zero-days
React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics
1 month 3 weeks ago
Sysdig has found sophisticated malicious campaigns exploiting React2Shell that delivered EtherRAT and suggested North Korean hackers’ involvement
Malicious VS Code Extensions Deploy Advanced Infostealer
1 month 3 weeks ago
Two malicious Visual Studio Code extensions, Bitcoin Black and Codo AI, have been observed harvesting sensitive user data
Checked
11 hours 40 minutes ago