Data Security News
The Hacker News
- Expert Recommends: Prepare for PQC Right Nowby info@thehackernews.com (The Hacker News)
Introduction: Steal It Today, Break It in a Decade Digital evolution is unstoppable, and though the pace may vary, things tend to fall into place […]
- Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malwareby info@thehackernews.com (The Hacker News)
A "coordinated developer-targeting campaign" is using malicious repositories disguised as legitimate Next.js projects and technical assessments to […]
- Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokensby info@thehackernews.com (The Hacker News)
Cybersecurity researchers have disclosed details of a new malicious package discovered on the NuGet Gallery, impersonating a library from financial […]
- Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Accessby info@thehackernews.com (The Hacker News)
A newly disclosed maximum-severity security flaw in Cisco Catalyst SD-WAN Controller (formerly vSmart) and Catalyst SD-WAN Manager (formerly vManage) […]
- Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countriesby info@thehackernews.com (The Hacker News)
Google on Wednesday disclosed that it worked with industry partners to disrupt the infrastructure of a suspected China-nexus cyber espionage group […]
- Claude Code Flaws Allow Remote Code Execution and API Key Exfiltrationby info@thehackernews.com (The Hacker News)
Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic's Claude Code, an artificial intelligence (AI)-powered coding […]
- SLH Offers $500–$1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacksby info@thehackernews.com (The Hacker News)
The notorious cybercrime collective known as Scattered LAPSUS$ Hunters (SLH) has been observed offering financial incentives to recruit women to pull […]
- Top 5 Ways Broken Triage Increases Business Risk Instead of Reducing Itby info@thehackernews.com (The Hacker News)
Triage is supposed to make things simpler. In a lot of teams, it does the opposite. When you can’t reach a confident verdict early, alerts turn […]
Graham Cluley Blog
Infosecurity Magazine
- Darktrace Flags 32 Million Phishing Emails in 2025 as Identity Attacks Intensify
2025 saw 32M phishing emails, with identity threats surpassing vulnerabilities
- UK's Data Watchdog Gets a Makeover to Match Growing Demands
The UK’s Information Commissioner's Office is about to ditch single-leader model for CEO and board in a major shake-up
- Exploitable Vulnerabilities Present in 87% of Organizations
Datadog report reveals two-fifths of services are affected by exploitable bugs
- Google Disrupts ‘Prolific’ and ‘Elusive’ China-Linked Global Hacking Campaign
UNC2814 hit 53 victims in 42 countries with novel backdoor in decade long cyber espionage operation
- Global Cyber Agencies Urge Immediate Patching of Cisco SD-WAN Zero Day
The US and allies are urging Cisco Catalyst SD-WAN customers to hunt for signs of exploitation
- 44% Surge in App Exploits as AI Speeds Up Cyber-Attacks, IBM Finds
IBM's 2026 X-Force report reveals 44% rise in cyber-attacks on public apps, driven by AI and flaws
- Malicious NuGet Package Targets Stripe Developers
Malicious NuGet package mimicking Stripe's library targeted developers
- Former Defense Contractor Boss Gets 7+ Years for Selling Zero Days
A former general manager of a US defense contractor has been sentenced after selling zero days to Russia
Dark Reading News
- Chinese Police Use ChatGPT to Smear Japan PM Takaichiby Nate Nelson
A Chinese keyboard warrior inadvertently leaked information about politically motivated influence operations through a ChatGPT account.
- Flaws in Claude Code Put Developers' Machines at Riskby Jai Vijayan
The vulnerabilities highlight a big drawback to integrating AI into software development workflows and the potential impact on supply chains.
- RAMP Forum Seizure Fractures Ransomware Ecosystemby Alexander Culafi
Researchers suggest defenders monitor how these malicious groups re-form and leverage the useful threat intel to guide their next moves.
- PCI Council Says Threats to Payments Systems Are Speeding Upby Arielle Waldman
The PCI Security Standards Council experienced a record year in many regards, but its first annual report shows it needs to work even faster to stay […]
- Malicious Next.js Repos Target Developers Via Fake Job Interviewsby Elizabeth Montalbano
Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent access to infected machines.
- Why 'Call This Number' TOAD Emails Beat Gatewaysby Alexander Culafi
Attackers are bypassing email gateways through telephone-oriented attack delivery (TOAD), in which the only email payload is a phone number.
- 'Richter Scale' Model Measures Magnitude of OT Cyber Incidentsby Kelly Jackson Higgins
ICS/OT experts have devised a scoring system for rating the severity and effects of cybersecurity events in operational technology environments.
- Operation Red Card 2.0 Leads to 651 Arrests in Africaby Robert Lemos
In the latest operation targeting cybercrime groups, African law enforcement agencies cooperated with Interpol and cybersecurity firms to recover […]