Data Security News
The Hacker News
- UAT-10027 Targets U.S. Education and Healthcare with Dohdoor Backdoorby info@thehackernews.com (The Hacker News)
A previously undocumented threat activity cluster has been attributed to an ongoing malicious campaign targeting education and healthcare sectors in […]
- ThreatsDay Bulletin: Kali Linux + Claude, Chrome Crash Traps, WinRAR Flaws, LockBit & 15+ Storiesby info@thehackernews.com (The Hacker News)
Nothing here looks dramatic at first glance. That’s the point. Many of this week’s threats begin with something ordinary, like an ad, a meeting […]
- Expert Recommends: Prepare for PQC Right Nowby info@thehackernews.com (The Hacker News)
Introduction: Steal It Today, Break It in a Decade Digital evolution is unstoppable, and though the pace may vary, things tend to fall into place […]
- Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malwareby info@thehackernews.com (The Hacker News)
A "coordinated developer-targeting campaign" is using malicious repositories disguised as legitimate Next.js projects and technical assessments to […]
- Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokensby info@thehackernews.com (The Hacker News)
Cybersecurity researchers have disclosed details of a new malicious package discovered on the NuGet Gallery, impersonating a library from financial […]
- Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Accessby info@thehackernews.com (The Hacker News)
A newly disclosed maximum-severity security flaw in Cisco Catalyst SD-WAN Controller (formerly vSmart) and Catalyst SD-WAN Manager (formerly vManage) […]
- Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countriesby info@thehackernews.com (The Hacker News)
Google on Wednesday disclosed that it worked with industry partners to disrupt the infrastructure of a suspected China-nexus cyber espionage group […]
- Claude Code Flaws Allow Remote Code Execution and API Key Exfiltrationby info@thehackernews.com (The Hacker News)
Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic's Claude Code, an artificial intelligence (AI)-powered coding […]
Graham Cluley Blog
Infosecurity Magazine
- Aeternum Botnet Shifts Command Control to Polygon Blockchain
New botnet Aeternum shifted C2 operations to Polygon blockchain, complicating takedown efforts
- Darktrace Flags 32 Million Phishing Emails in 2025 as Identity Attacks Intensify
2025 saw 32M phishing emails, with identity threats surpassing vulnerabilities
- UK's Data Watchdog Gets a Makeover to Match Growing Demands
The UK’s Information Commissioner's Office is about to ditch single-leader model for CEO and board in a major shake-up
- Exploitable Vulnerabilities Present in 87% of Organizations
Datadog report reveals two-fifths of services are affected by exploitable bugs
- Google Disrupts ‘Prolific’ and ‘Elusive’ China-Linked Global Hacking Campaign
UNC2814 hit 53 victims in 42 countries with novel backdoor in decade long cyber espionage operation
- Global Cyber Agencies Urge Immediate Patching of Cisco SD-WAN Zero Day
The US and allies are urging Cisco Catalyst SD-WAN customers to hunt for signs of exploitation
- 44% Surge in App Exploits as AI Speeds Up Cyber-Attacks, IBM Finds
IBM's 2026 X-Force report reveals 44% rise in cyber-attacks on public apps, driven by AI and flaws
- Malicious NuGet Package Targets Stripe Developers
Malicious NuGet package mimicking Stripe's library targeted developers
Dark Reading News
- Chinese Police Use ChatGPT to Smear Japan PM Takaichiby Nate Nelson
A Chinese keyboard warrior inadvertently leaked information about politically motivated influence operations through a ChatGPT account.
- Flaws in Claude Code Put Developers' Machines at Riskby Jai Vijayan
The vulnerabilities highlight a big drawback to integrating AI into software development workflows and the potential impact on supply chains.
- RAMP Forum Seizure Fractures Ransomware Ecosystemby Alexander Culafi
Researchers suggest defenders monitor how these malicious groups re-form and leverage the useful threat intel to guide their next moves.
- PCI Council Says Threats to Payments Systems Are Speeding Upby Arielle Waldman
The PCI Security Standards Council experienced a record year in many regards, but its first annual report shows it needs to work even faster to stay […]
- Malicious Next.js Repos Target Developers Via Fake Job Interviewsby Elizabeth Montalbano
Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent access to infected machines.
- Why 'Call This Number' TOAD Emails Beat Gatewaysby Alexander Culafi
Attackers are bypassing email gateways through telephone-oriented attack delivery (TOAD), in which the only email payload is a phone number.
- 'Richter Scale' Model Measures Magnitude of OT Cyber Incidentsby Kelly Jackson Higgins
ICS/OT experts have devised a scoring system for rating the severity and effects of cybersecurity events in operational technology environments.
- Operation Red Card 2.0 Leads to 651 Arrests in Africaby Robert Lemos
In the latest operation targeting cybercrime groups, African law enforcement agencies cooperated with Interpol and cybersecurity firms to recover […]