Information Security Magazine

John Hultquist suggests “aggressive” Iranian cyber attackers will target the US and its Gulf allies with plausibly deniable ransomware attacks, hacktivist campaigns and more

Military strikes in the Middle East escalate cyber ops, raising spillover risks globally for firms

Oasis Security reveals how a new ClawJacked vulnerability could allow attackers to silently take over a victim’s OpenClaw agent

Chainalysis reveals a big surge in median ransomware payment size in 2025 despite overall drop in criminal revenue

The security researchers from Zscaler ThreatLabz have also discovered five new tools deployed by the North Korean hacking group

The UK government says its new Vulnerability Monitoring Service has cut unresolved security flaws by 75% and reduced cyber-attack fix times from nearly two months to just over a week

International law enforcement operation led by Europol targets network of teenagers and young adults involved in ransomware attacks, extortion and other crimes

New botnet Aeternum shifted C2 operations to Polygon blockchain, complicating takedown efforts

2025 saw 32M phishing emails, with identity threats surpassing vulnerabilities

The UK’s Information Commissioner's Office is about to ditch single-leader model for CEO and board in a major shake-up

Datadog report reveals two-fifths of services are affected by exploitable bugs

UNC2814 hit 53 victims in 42 countries with novel backdoor in decade long cyber espionage operation

The US and allies are urging Cisco Catalyst SD-WAN customers to hunt for signs of exploitation

IBM's 2026 X-Force report reveals 44% rise in cyber-attacks on public apps, driven by AI and flaws

Malicious NuGet package mimicking Stripe's library targeted developers

A former general manager of a US defense contractor has been sentenced after selling zero days to Russia

The UK’s ICO has fined Reddit over £14m for failing to use children’s personal information lawfully

DTEX claims insider incidents cost $19.5m in 2025, with employee negligence most expensive

Phishing attack mimicking Bitpanda targets users, harvesting credentials and personal information

Ransomware Medusa linked to North Korean hackers targets US healthcare amid ongoing attacks