Chinese Ink Dragon Group Hides in European Government Networks
China’s Ink Dragon is using European government networks to hide its espionage activity
Information Security Magazine
Urban VPN Proxy Accused of Harvesting AI Chat Conversations
4 months ago
The browser extension Urban VPN Proxy has been reportedly collecting users’ AI chat conversations
JumpCloud Windows Agent Flaw Enables Local Privilege Escalation
4 months ago
A flaw in JumpCloud Remote Assist for Windows has exposed managed endpoints to local privilege escalation and denial-of-service attacks
Amazon Warns Russian GRU Hackers Target Western Firms via Edge Devices
4 months ago
Amazon researchers believe this campaign is part of a bigger operation spearheaded by Russia’s military intelligence service, the GRU
Millions of Car Owners Hit By Credit700 Data Breach
4 months ago
US financial services firm Credit700 has revealed a major data breach impacting 5.8 million people
Phishing Messages and Social Scams Flood Users Ahead of Christmas
4 months ago
Check Point has detected thousands of phishing emails in the past fortnight, offering fake promotions and special deals
Third Defendant Pleads Guilty in Fantasy Sports Betting Hack Case
4 months ago
A Minnesota man has pleaded guilty to a credential stuffing scheme that compromised over 60,000 accounts
Russian Phishing Campaign Delivers Phantom Stealer Via ISO Files
4 months ago
A new phishing campaign has been identified, delivering the Phantom information-stealing malware via an ISO attachment
Asahi to Launch Cybersecurity Overhaul After Crippling Cyber-Attack
4 months ago
Asahi Group’s CEO said he is considering creating a dedicated cyber unit following the ransomware attack that crippled the company
Top 25 Most Dangerous Software Weaknesses of 2025 Revealed
4 months ago
MITRE has released its Top 25 CWE list for 2025, compiled from software and hardware flaws behind almost 40,000 CVEs
NCSC Playbook Embeds Cyber Essentials in Supply Chains
4 months ago
The UK’s National Cyber Security Centre has called on businesses to apply Cyber Essentials to suppliers
NCSC Plugs Gap in Cyber-Deception Guidance
4 months ago
The National Cyber Security Centre has released new learnings from a cyber deception pilot
ICO Fines LastPass £1.2m After 2022 Breach
4 months ago
The UK’s data protection regulator has fined password manager provider LastPass £1.2m after 2022 data breach
South Korean Police Raid Coupang Over Data Breach as CEO Resigns
4 months ago
The Coupang South Korean unit's response will be spearheaded by an executive based in the US
OpenAI Enhances Defensive Models to Mitigate Cyber-Threats
4 months ago
OpenAI has reported a surge in performance as GPT-5.1-Codex-Max reaching 76% in capability assessments, and warned of upcoming cyber-risks
Malware Discovered in 19 Visual Studio Code Extensions
4 months ago
A new campaign involving 19 malicious Visual Studio Code extensions used a legitimate npm package to embed malware in dependency folders
Scam-Busting FCA Firm Checker Tool Given Cautious Welcome
4 months ago
Experts say a new Firm Checker tool from the FCA won’t move the dial on fraud but is a step in the right direction
Google Releases Critical Chrome Security Update to Address Three Zero-Days
4 months ago
Google has released a Chrome security update to fix three zero-day vulnerabilities, including a high-severity flaw with an active exploit
“Cyber Tax” Warning as Two-Fifths of SMBs Raise Prices After Breach
4 months ago
New ITRC research finds 81% of US small businesses suffered a data or security breach in the past year
ClickFix Social Engineering Sparks Rise of CastleLoader Attacks
4 months ago
A new malware campaign has been identified using a Python-based delivery system to deploy CastleLoader malware
Checked
13 hours 32 minutes ago