Information Security Magazine

Security researchers warn of Mirax, an emerging Android banking trojan using MaaS, remote access and residential proxies to target European users

The W3LL phishing kit has been associated with fraud attempts totaling $20m

The UK Cyber Security Council has unveiled a new Associate Cyber Security Professional title aimed at supporting early‑career cybersecurity professionals

UK, US and Canadian authorities have identified over 20,000 victims of approval phishing scams that trick users into handing over full crypto wallet access

Qilin, Akira and Dragonforce were responsible for 40% of 672 ransomware incidents reported in March, says Check Point

Chrome’s Device Bound Session Credentials is designed to block infostealers from harvesting session cookie

STX RAT, a newly identified remote access trojan, attempted deployment in finance, showing advanced C2 and stealthy delivery methods

Bitcoin Depot has disclosed a cyber-attack that led to the theft of more than 50 Bitcoin, worth $3.66m, after hackers accessed its internal systems

macOS 26.4 update introduced security warnings into Terminal to prevent ClickFix attacks, so attackers have shifted to Script Editor instead

A spear-phishing campaign which spread across the Middle East between 2023 and 2024 has now been linked to Bitter APT group

SANS Institute reveals that AI agents are behind a 76% surge in non-human identities

Google’s threat intel team warns UNC6783, a new extortion group possibly linked to the “Raccoon” persona, is targeting BPOs and enterprises

Google API key flaw exposes mobile apps to Gemini AI access, private files and billing risks

Ninja Forms File Upload RCE via unauthenticated arbitrary file upload; update to 3.3.27 immediately

Anthropic launches Project Glasswing, using its Claude Mythos Preview AI to autonomously identify and fix undiscovered vulnerabilities in critical software

The FBI deployed a method to unplug US-based routers compromised by APT28 from the threat actor’s malicious network

Anthropic’s Claude AI has helped researchers find a vulnerability in Apache ActiveMQ Classic

CISA has revealed Iranian attacks causing disruption and financial loss at US critical infrastructure firms

Newly identified malicious campaigns are linked to virtual private servers modified by APT28 to operate as malicious DNS servers

GPUBreach uses GPU Rowhammer on GDDR6 to flip bits, corrupt page tables and escalate to system root