Infosec stories - Page 23

Attackers are abusing Windows screensaver files in a spearphishing campaign to stealthily install remote access tools on business systems.

Callback phishing jumps sixfold as BEC fraud stays dominant, with criminals weaponising CAPTCHAs, trusted brands and cloud platforms.

DryRun launches DeepScan Agent, an AI tool that scans whole codebases in hours to rank real-world security risks and speed remediation.

Moltbook's boom in user-built AI agents is fuelling mounting warnings over cyber threats and brand damage as governance lags adoption.

Tenable warns critical Google Looker flaws could enable server takeover and data theft, leaving unpatched self-hosted deployments exposed.

As most ransomware strikes after hours, small firms face a costly 3 AM security gap that only round-the-clock MDR can realistically close.

Tenable warns unpatched self-hosted Google Looker systems face remote takeover, data theft and cross-tenant cloud attack risks.

Attackers are hijacking live web sessions by stealthily tampering with NGINX configs, silently relaying traffic via rogue servers.

AI, quantum threats and tougher regulation will reshape cyber strategies by 2026, forcing new governance, identity models and SOC workflows.

YubiKey rollout boosts ROI by 265% and slashes breach exposure 99.99%, Forrester study finds, delivering multi-million USD $ gains.

Semperis has bought MightyID to extend its identity resilience platform with Okta and Ping backup and recovery across hybrid environments.

FireMon and Illumio link microsegmentation with firewall policies in one platform to cut conflicts and speed Zero Trust deployments.

A security lapse at AI agent service Moltbook exposes risky default database settings, raising fresh alarms over agentic system safeguards.

AI-fuelled cyber attacks surged 70% in 2025, with Check Point warning of machine-speed, multi-channel campaigns targeting key sectors.

As quantum computing looms, nations race to build sovereign cyber and post-quantum encryption to safeguard critical digital infrastructure.

Okta users face rising vishing attacks as ShinyHunters expand real-time MFA phishing, prompting fresh SaaS and identity security warnings.

A critical ICM Viewer flaw lets a single malicious click hijack IDIS CCTV hosts, exposing Australian networks to deep lateral attacks.

Panera data breach exposes details of 14 million customers, spotlighting a surge in SaaS-focused extortion and identity-driven cyber attacks.

London-based Intruder posts 81% surge in enterprise ARR as AI, cloud security and consolidation drive midmarket and enterprise demand.

Black Kite debuts ThreatTrace, harnessing NetFlow and DNS telemetry to reveal hidden third‑party compromises and sharpen cyber risk ratings.