Data Security News
The Hacker News
- IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacksby info@thehackernews.com (The Hacker News)
Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 […]
- Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Appsby info@thehackernews.com (The Hacker News)
Arabic-speaking users have emerged as the target of a new Android spyware codenamed Asin, according to findings from ESET. The Slovakian […]
- New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Frameworkby info@thehackernews.com (The Hacker News)
Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 (where "OP" stands for "opponent") that has been […]
- Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliverby info@thehackernews.com (The Hacker News)
Eighteen months ago, the AI SOC was a marketing line. Today it's a budget item. The category has crossed over from interesting to inevitable, with […]
- Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sitesby info@thehackernews.com (The Hacker News)
Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to […]
- FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Loginsby info@thehackernews.com (The Hacker News)
Security researchers and the FBI are warning that a wave of FIFA-themed fraud is already hitting World Cup 2026 fans, days before the June 11 […]
- PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Networkby info@thehackernews.com (The Hacker News)
The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure to create a […]
- Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Publicby info@thehackernews.com (The Hacker News)
Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from […]
Graham Cluley Blog
Infosecurity Magazine
- Infosecurity Europe: Practical Lessons From Lloyds' Agentic AI Security Playbook
Lloyds Banking Group shared its approach for securing agentic AI workflows, with a mix of hands on experimentation and cross functional governance
- Infosecurity Europe: OWASP Introduces Agentic AI Security Maturity Framework
The OWASP agentic AI security framework helps organizations assess governance maturity vs adoption and adjust governance as needed
- Infosecurity Europe: AI Coding Tools Need Built-In Security for Agentic Development Era
Ox Security field CTO, Boaz Barzel, makes the case for vibe security to tackle AI agent coding risks
- Infosecurity Europe: Reactive Security Is Failing Healthcare Organizations, Experts Warn
A perfect storm of legacy devices, hyper connectivity and human fatigue is bad news for the healthcare sector, warns Cyber Salus
- Everest Forms Pro Vulnerability Allows Remote Code Execution on WordPress Sites
Critical Everest Forms Pro RCE flaw exploited to create rogue WordPress admin accounts
- Infosecurity Europe: AI Adoption Creates New Opportunities for Attackers to Distribute Malware, Microsoft Warns
Microsoft Detection and Response Team (DART) details how it has uncovered malicious AI applications as cyber criminals manipulate organizations […]
- Chinese-Speaking Actor TA4922 Widens Its Global Reach
Newly named Chinese-speaking actor TA4922 expands from East Asia into Europe and Africa
- Infosecurity Europe: Mythos Outperforms GPT5.5 on Google Chrome Vulnerability Exploits, Says New Benchmark
A Bugcrowd researcher has unveiled ExploitBench, an independent benchmark of AI models for vulnerability exploitation
Dark Reading News
- Name That Toon Contest
- Exposed Fuel Tank Gauges Under Attack in the USby Nate Nelson
Threat actors are taking advantage of Internet-exposed tank gauges by breaching gas stations, opening the door to disruption.
- Adaptive, Agentic AI Worms Loom as Next Enterprise Threatby Robert Lemos
AI worms, or "viruses with wings and brains," adapt to new environments, seek out vulnerabilities, and will likely strike within a year, researchers […]
- Trump AI Order Seeks Voluntary Frontier Model Testingby Alexander Culafi
The White House's executive order establishes voluntary framework for early government access to frontier models while investing in federal security.
- Rust-Written IronWorm Hits NPM Supply Chainby Jai Vijayan
Like Shai-Hulud, the campaign targets developers to steal credentials and reuses them to propagate across the software supply channel.
- China's TA4922 Expands Cybercrime Attacks Globallyby Nate Nelson
One of the world's most diverse, least-focused cybercrime groups is enlarging its footprint beyond East Asia.
- 4 Critical Threats Where Attackers Have the Advantageby Rob Wright
Gartner analysts issued a call to action to bolster defenses against several emerging critical threats, such as deepfakes and prompt injections.
- Bugcrowd Launches EU Data Residency Option For Evolving Data Sovereignty Needsby Arielle Waldman
Organizations are growing serious about what nation’s rules apply to their data. Experts point to geopolitical tensions as a main contributing […]