New “Lies-in-the-Loop” Attack Undermines AI Safety Dialogs
A novel attack technique dubbed ”Lies-in-the-Loop” (LITL) has been observed manipulating human approval prompts in agentic AI systems
Information Security Magazine
ISACA Named Global Credentialing Authority for DoD’s CMMC Program
1 month 3 weeks ago
ISACA has been appointed by the US DoD as the global credentialing authority for its CMMC program
US Autoparts Maker LKQ Confirms Oracle EBS Breach
1 month 3 weeks ago
LKQ confirmed that over 9000 individuals saw their personal data compromised because of the breach
European Investigators Disrupt $12m Call Center Fraud Ring
1 month 3 weeks ago
Eurojust reveals new policing operation which helped to smash a Ukraine-based call center fraud gang
Chinese Ink Dragon Group Hides in European Government Networks
1 month 3 weeks ago
China’s Ink Dragon is using European government networks to hide its espionage activity
Urban VPN Proxy Accused of Harvesting AI Chat Conversations
1 month 3 weeks ago
The browser extension Urban VPN Proxy has been reportedly collecting users’ AI chat conversations
JumpCloud Windows Agent Flaw Enables Local Privilege Escalation
1 month 3 weeks ago
A flaw in JumpCloud Remote Assist for Windows has exposed managed endpoints to local privilege escalation and denial-of-service attacks
Amazon Warns Russian GRU Hackers Target Western Firms via Edge Devices
1 month 3 weeks ago
Amazon researchers believe this campaign is part of a bigger operation spearheaded by Russia’s military intelligence service, the GRU
Millions of Car Owners Hit By Credit700 Data Breach
1 month 3 weeks ago
US financial services firm Credit700 has revealed a major data breach impacting 5.8 million people
Phishing Messages and Social Scams Flood Users Ahead of Christmas
1 month 3 weeks ago
Check Point has detected thousands of phishing emails in the past fortnight, offering fake promotions and special deals
Third Defendant Pleads Guilty in Fantasy Sports Betting Hack Case
1 month 4 weeks ago
A Minnesota man has pleaded guilty to a credential stuffing scheme that compromised over 60,000 accounts
Russian Phishing Campaign Delivers Phantom Stealer Via ISO Files
1 month 4 weeks ago
A new phishing campaign has been identified, delivering the Phantom information-stealing malware via an ISO attachment
Asahi to Launch Cybersecurity Overhaul After Crippling Cyber-Attack
1 month 4 weeks ago
Asahi Group’s CEO said he is considering creating a dedicated cyber unit following the ransomware attack that crippled the company
Top 25 Most Dangerous Software Weaknesses of 2025 Revealed
1 month 4 weeks ago
MITRE has released its Top 25 CWE list for 2025, compiled from software and hardware flaws behind almost 40,000 CVEs
NCSC Playbook Embeds Cyber Essentials in Supply Chains
1 month 4 weeks ago
The UK’s National Cyber Security Centre has called on businesses to apply Cyber Essentials to suppliers
NCSC Plugs Gap in Cyber-Deception Guidance
2 months ago
The National Cyber Security Centre has released new learnings from a cyber deception pilot
ICO Fines LastPass £1.2m After 2022 Breach
2 months ago
The UK’s data protection regulator has fined password manager provider LastPass £1.2m after 2022 data breach
South Korean Police Raid Coupang Over Data Breach as CEO Resigns
2 months ago
The Coupang South Korean unit's response will be spearheaded by an executive based in the US
OpenAI Enhances Defensive Models to Mitigate Cyber-Threats
2 months ago
OpenAI has reported a surge in performance as GPT-5.1-Codex-Max reaching 76% in capability assessments, and warned of upcoming cyber-risks
Malware Discovered in 19 Visual Studio Code Extensions
2 months ago
A new campaign involving 19 malicious Visual Studio Code extensions used a legitimate npm package to embed malware in dependency folders
Checked
9 hours 28 minutes ago