Npm Supply Chain Malware Attack Targets Developers With Worm-Like Propagation
Malicious npm packages spread via worm-like propagation and steal developer credentials
Infosecurity Magazine
20 articles
Google Favors General-Purpose Gemini Models Over Cybersecurity‑Specific AI
Google Cloud’s COO advocated for combining general-purpose frontier large language models with task-specific AI agents
Apple Fixes iOS Notification Bug Exposing Deleted Messages
Apple patches iOS flaw that retained deleted notifications, exposing message data
Google Introduces Unique AI Agent Identities in New Gemini Enterprise Platform
Google Cloud will attribute a unique cryptographic ID every AI agent that will be tied to “traceable and auditable” authorization policies
Cyber-Attacks Surge 63% Annually in Education Sector
Quorum Cyber report finds higher and further education institutions experienced 63% increase in attacks over a year
Researchers Uncover 10 In-the-Wild Prompt Injection Payloads Targeting AI Agents
Forcepoint has found 10 new indirect prompt injection attacks targeting AI agents
NCSC Backs Passkeys, Hailing a New Era of Sign-in
The UK’s NCSC has fully backed passkeys as consumers’ first choice for login, citing progress with FIDO and successful use across the NHS
MacOS Native Tools Enable Stealthy Enterprise Attacks
macOS LOTL techniques bypass detection using native tools and metadata abuse
NCSC Unveils SilentGlass, a Plug-In Device to Protect Monitors from Cyber-Attacks
The UK’s cybersecurity agency said the devices will be available for purchase by organizations around the world
UK Commits £90m for Cybersecurity and Pushes for ‘Resilience Pledge’
UK unveils £90m cybersecurity funding at CYBERUK to boost SME resilience, promote Cyber Essentials and a new Cyber Resilience Pledge, sparking industry debate
Surge in Silent Subject Phishing Attacks Targets VIP Users
Null subject phishing campaigns bypass filters and target VIPs with QR code and RMM abuse
Former Ransomware Negotiator Pleads Guilty to Working For BlackCat Cyber Gang
A former ransomware negotiator has pleaded guilty to abusing his position by working with noted cybercrime group BlackCat
Researchers Uncover ProxySmart Software Powering 90+ SIM Farms
Infrawatch says ProxySmart platform enables SIM farm activity at “industrial scale”
UK Faces a Cyber ‘Perfect Storm’ Driven by Tech Advances and Nation State Threats, NCSC Warns
The convergence of global tensions and rapid technological change is driving a new era of cyber risk, the NCSC warns
Trojanized Android App Fuels New Wave of NFC Fraud
NGate malware abuses HandyPay app to steal NFC card data and PINs in Brazil
The Gentlemen Ransomware Expands With Rapid Affiliate Growth
Gentlemen RaaS expands quickly with multi-platform attacks and SystemBC-linked infections
Unchecked AI Agents Cause Cybersecurity Incidents at Two Thirds of Firms
Data exposure, operational disruption and financial losses among issues faced by businesses struggling with the rapid rise of AI agents, warns Cloud Security...
Vercel Confirms Cyber Incident After Sophisticated Attacker Exploits Third‑Party Tool
Cloud app developer Vercel appears to have suffered a security breach
North Korea Blamed for $290m KelpDAO Crypto Heist
North Korea’s Lazarus Group is pegged for a $290m crypto theft at KelpDAO
ZionSiphon Malware Targets Water Infrastructure Systems
ZionSiphon malware targets OT water systems with sabotage and ICS scanning capabilities