LNER Reveals Supply Chain Attack Compromised Customer Information Information Security Magazine 9 months 3 weeks ago Government-run train operator LNER has revealed details of a supplier data breach
KillSec Ransomware Hits Brazilian Healthcare IT Vendor Information Security Magazine 9 months 3 weeks ago A ransomware attack by KillSec on Brazil software provider MedicSolution threatens healthcare, impacting providers and patients
Cursor Autorun Flaw Lets Repositories Execute Code Without Consent Information Security Magazine 9 months 3 weeks ago A flaw in the Cursor extension allows unauthorized code execution when opening repositories in Visual Studio
Adobe Releases Emergency Patch for Critical Flaw in Commerce and Magento Information Security Magazine 9 months 3 weeks ago The vulnerability, dubbed SessionReaper, allows customer account takeover and unauthenticated remote code execution
Ransomware Payments Plummet in Education Amid Enhanced Resiliency Information Security Magazine 9 months 3 weeks ago Sophos found that average ransom demands and payments fell substantially in the education sector in 2025, as recovery time and costs fell
Two Zero-Days Among Patch Tuesday CVEs This Month Information Security Magazine 9 months 3 weeks ago Microsoft has fixed over 80 vulnerabilities including two publicly disclosed zero-days in its latest Patch Tuesday release
Malicious npm Code Reached 10% of Cloud Environments Information Security Magazine 9 months 3 weeks ago Wiz Security warns that a recently discovered supply chain attack campaign targeting npm is far from over
Threat Actor Accidentally Exposes AI-Powered Operations Information Security Magazine 9 months 4 weeks ago A threat actor accidentally revealed their AI-powered methods by installing Huntress security software
Salty2FA Phishing Kit Unveils New Level of Sophistication Information Security Magazine 9 months 4 weeks ago Salty2FA phishing campaign showcases advanced techniques and professionalism of cybercrime operations
Open Source Community Thwarts Massive npm Supply Chain Attack Information Security Magazine 9 months 4 weeks ago What could have been a historic supply chain attack seems to have been averted due to the rapid response of the open source community
Axios User Agent Helps Automate Phishing on “Unprecedented Scale” Information Security Magazine 9 months 4 weeks ago ReliaQuest warns that phishing campaigns abusing the Axios user agent have surged 241% in three months
Chinese Cyber Espionage Campaign Impersonates US Congressman Information Security Magazine 9 months 4 weeks ago A House select committee said Chinese actors impersonated Representative John Moolenaar to steal information that could be used to influence trade talks
Salesloft: GitHub Account Breach Was Ground Zero in Drift Campaign Information Security Magazine 9 months 4 weeks ago Salesloft has revealed that threat actors targeted customer Salesforce data after breaching its GitHub account
Wealthsimple Confirms Data Breach After Supply Chain Attack Information Security Magazine 9 months 4 weeks ago Wealthsimple confirmed a third-party vendor data breach affecting roughly 30,000 customers
MostereRAT Targets Windows Users With Stealth Tactics Information Security Magazine 9 months 4 weeks ago Phishing campaign unveiled MostereRAT, targeting Windows systems with advanced evasion techniques
Remote Access Abuse Biggest Pre-Ransomware Indicator Information Security Magazine 9 months 4 weeks ago Cisco Talos found that abuse of remote services and remote access software are the most prevalent ‘pre-ransomware’ tactics deployed by threat actors
Qualys, Tenable Latest Victims of Salesloft Drift Hack Information Security Magazine 9 months 4 weeks ago Palo Alto Networks, Cloudflare and Zscaler were also among confirmed victims of the attack
GhostAction Supply Chain Attack Compromises 3000+ Secrets Information Security Magazine 9 months 4 weeks ago Security researchers have discovered a new malicious campaign impacting hundreds of GitHub users
SAP S/4HANA Users Urged to Patch Critical Exploited Bug Information Security Magazine 9 months 4 weeks ago Critical SAP S/4HANA vulnerability CVE-2025-42957 is being exploited in the wild
Bridgestone Confirms "Limited Cyber Incident" Impacting Facilities in North America Information Security Magazine 10 months ago Bridgestone Americas confirmed the incident but has not detailed the scope of the attack