NCSC Plugs Gap in Cyber-Deception Guidance
The National Cyber Security Centre has released new learnings from a cyber deception pilot
Information Security Magazine
ICO Fines LastPass £1.2m After 2022 Breach
16 hours 29 minutes ago
The UK’s data protection regulator has fined password manager provider LastPass £1.2m after 2022 data breach
South Korean Police Raid Coupang Over Data Breach as CEO Resigns
17 hours 9 minutes ago
The Coupang South Korean unit's response will be spearheaded by an executive based in the US
OpenAI Enhances Defensive Models to Mitigate Cyber-Threats
1 day 8 hours ago
OpenAI has reported a surge in performance as GPT-5.1-Codex-Max reaching 76% in capability assessments, and warned of upcoming cyber-risks
Malware Discovered in 19 Visual Studio Code Extensions
1 day 9 hours ago
A new campaign involving 19 malicious Visual Studio Code extensions used a legitimate npm package to embed malware in dependency folders
Scam-Busting FCA Firm Checker Tool Given Cautious Welcome
1 day 15 hours ago
Experts say a new Firm Checker tool from the FCA won’t move the dial on fraud but is a step in the right direction
Google Releases Critical Chrome Security Update to Address Three Zero-Days
1 day 15 hours ago
Google has released a Chrome security update to fix three zero-day vulnerabilities, including a high-severity flaw with an active exploit
“Cyber Tax” Warning as Two-Fifths of SMBs Raise Prices After Breach
1 day 15 hours ago
New ITRC research finds 81% of US small businesses suffered a data or security breach in the past year
ClickFix Social Engineering Sparks Rise of CastleLoader Attacks
2 days 8 hours ago
A new malware campaign has been identified using a Python-based delivery system to deploy CastleLoader malware
Pro-Russia Hackers Target US Critical Infrastructure in New Wave
2 days 9 hours ago
Pro-Russia hacktivist groups have been observed exploiting exposed virtual network computing connections to breach OT systems
Google Fixes Zero Click Gemini Enterprise Flaw That Exposed Corporate Data
2 days 13 hours ago
The flaw, dubbed ‘GeminiJack,’ exploits the trust boundary between user-controlled content in data sources and the AI model’s instruction processing
Log4Shell Downloaded 40 Million Times in 2025
2 days 14 hours ago
Sonatype has claimed that 13% of Log4j versions downloaded this year were vulnerable to the legacy critical Log4Shell bug
Microsoft Fixes Three Zero-Days in Final Patch Tuesday of 2025
2 days 15 hours ago
December’s Patch Tuesday sees the release of patches for over 50 CVEs including three zero-days
React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics
3 days 8 hours ago
Sysdig has found sophisticated malicious campaigns exploiting React2Shell that delivered EtherRAT and suggested North Korean hackers’ involvement
Malicious VS Code Extensions Deploy Advanced Infostealer
3 days 8 hours ago
Two malicious Visual Studio Code extensions, Bitcoin Black and Codo AI, have been observed harvesting sensitive user data
DeadLock Ransomware Uses BYOVD to Evade Security Measures
3 days 9 hours ago
Cisco Talos has detected new tactics from a financially motivated actor using DeadLock ransomware
UK NCSC Raises Alarms Over Prompt Injection Attacks
3 days 14 hours ago
The UK’s National Cyber Security Centre has warned of the dangers of comparing prompt injection to SQL injection
Gartner Calls For Pause on AI Browser Use
3 days 16 hours ago
Gartner has called for organizations to block today’s AI browsers on security concerns
ClayRat Android Spyware Expands Capabilities
4 days 8 hours ago
A new version of ClayRat Android spyware features enhanced surveillance and device-control features
Marquis Software Breach Affects Over 780,000 Nationwide
4 days 9 hours ago
A data breach at Marquis Software Solutions due to a firewall flaw has affected over 780,000 people across the US
Checked
39 minutes 25 seconds ago