Information Security News:
US Cyber Agency’s Future Role in Elections Remains Murky Under the Trump Administration
Security Week via Associated Press
The role of the US Cybersecurity and Infrastructure Security Agency (CISA) in safeguarding elections is increasingly uncertain under the Trump administration. While CISA played a key role in securing previous elections, its future involvement remains in question as officials reassess its authority and focus. Critics argue that sidelining the agency could weaken national election security at a time of rising cyber threats. With the 2026 midterms approaching, the debate over CISA’s role underscores the challenges of maintaining trust and resilience in the electoral process.
🔗 Read More
GitHub suffers major outage, “OH MY GOD”
Cyber News by Niamh Ancell
Developers worldwide were left in disarray as GitHub suffered a major outage, prompting frustration and memes across social media. The disruption lasted for hours, affecting repositories, pull requests, and CI/CD pipelines. While GitHub has restored services, the incident highlights the growing reliance on centralised development platforms and the ripple effects of downtime. Some industry voices are calling for greater decentralisation in software version control to prevent future disruptions on this scale.
🔗 Read More
Google: Over 57 Nation-State Threat Groups Using AI for Cyber Operations
The Hacker News by Ravie Lakshmanan
Google’s Threat Analysis Group has identified more than 57 nation-state threat groups leveraging AI to enhance their cyber operations. From automating phishing campaigns to generating more convincing deepfake content, adversaries are increasingly using AI to scale and refine attacks. While AI-powered security measures are advancing, this arms race presents new challenges for defenders. Google calls for stronger AI governance and real-time threat intelligence sharing to counter this emerging cyber battlefield.
🔗 Read More
Trump Admin’s Purge of US Cyber Advisory Boards was ‘Foolish,’ Says Ex-Navy Admiral
The Register by Jessica Lyons
A former US Navy admiral has criticised the Trump administration’s decision to dissolve several cyber advisory boards, calling it a “foolish” move that undermines national security. The boards, which provided strategic cyber guidance, were disbanded as part of a broader government shake-up. Critics argue that this leaves the US more vulnerable to cyber threats, especially at a time of increasing global tensions. Supporters of the move contend that the administration is streamlining cybersecurity efforts, but experts warn that sidelining key advisory voices could have long-term consequences.
🔗 Read More
Ransomware Attack at New York Blood Services Provider – Donors Turned Away During Shortage Crisis
The Register by Connor Jones
A ransomware attack on a major New York blood services provider has disrupted operations, forcing donation centres to turn donors away during a critical blood shortage. The attack encrypted key systems, delaying blood processing and distribution efforts. With hospitals already struggling to maintain supplies, the breach has sparked concerns about the vulnerability of healthcare-related infrastructure. The provider is working with cybersecurity experts to restore access, but this incident highlights the real-world consequences of cyberattacks beyond financial losses.
🔗 Read More
New Syncjacking Attack Hijacks Devices Using Chrome Extensions
BleepingComputer by Bill Toulas
Security researchers have uncovered a novel attack method called “Syncjacking,” which exploits Chrome’s sync feature to hijack user sessions across devices. By tricking users into installing malicious extensions, attackers can access synced data, including passwords, browsing history, and authentication tokens. Google has been alerted to the issue, but no patches have been released yet. Users are advised to scrutinise extensions carefully and enable multi-factor authentication to mitigate risks. This attack serves as a reminder that even convenience features can be turned against users when security is compromised.
🔗 Read More
Nulled, Other Cybercrime Websites Seized by Law Enforcement
Security Week by Eduard Kovacs
International law enforcement agencies have taken down multiple cybercrime marketplaces, including Nulled, a well-known forum for trading stolen credentials, malware, and hacking tools. The coordinated effort, led by Europol and US authorities, resulted in arrests and server seizures. While cybercriminals often regroup on new platforms, the disruption deals a significant blow to underground operations. Experts say this is part of a broader strategy to dismantle cybercrime ecosystems by targeting both the tools and the communities that sustain them.
🔗 Read More
DARPA Wants to Create ‘Self-Healing’ Firmware That Can Respond and Recover from Cyberattacks
Cyberscoop by Derek B. Johnson
The US military’s research arm, DARPA, is working on a groundbreaking project to develop “self-healing” firmware capable of detecting, responding to, and recovering from cyberattacks in real-time. The initiative aims to strengthen the resilience of embedded systems, particularly in military and critical infrastructure environments. If successful, this technology could drastically reduce downtime and neutralise threats before they cause significant damage. However, experts caution that developing truly autonomous cyber defences will require overcoming complex engineering and security challenges.
🔗 Read More
DeepSeek Accidentally Exposed Sensitive Data Including User Prompts, Cyber Firm Reports
Cryptopolitan News by Noor Bazmi
A cybersecurity firm has revealed that DeepSeek, a Chinese AI chatbot platform, inadvertently exposed user prompts and sensitive data due to misconfigured security settings. The leak raises concerns about data privacy in AI-powered applications, particularly regarding how user inputs are stored and accessed. While DeepSeek has addressed the issue, this incident underscores the risks of inadequate security controls in AI-driven platforms. Users are advised to exercise caution when interacting with AI tools that handle personal or proprietary information.
🔗 Read More
Apple Chips Vulnerability Exposes Credit Cards & Location History to Hackers
Cybersecurity News by Guru Baran
A newly discovered vulnerability in Apple’s chips could allow attackers to extract sensitive information, including credit card data and location history. Researchers warn that the flaw, which affects devices using Apple’s secure enclave technology, could be exploited through side-channel attacks. While Apple has yet to release a full mitigation, security experts recommend users keep their devices updated and avoid using public Wi-Fi when accessing sensitive information. This discovery highlights ongoing concerns about hardware security in consumer devices.
🔗 Read More
You Probably Have More CIO Experience Than the Incoming White House CIO
The Register by Brandon Vigliarolo
The Trump administration’s appointment of a new White House CIO has raised eyebrows due to the nominee’s limited experience in IT leadership. Critics argue that overseeing federal cybersecurity initiatives requires a deep technical background, especially as cyber threats to government infrastructure intensify. However, supporters suggest that strong leadership and policy expertise may outweigh hands-on IT knowledge. With federal agencies increasingly targeted by cybercriminals, all eyes will be on how the new CIO handles evolving security challenges.
🔗 Read More
Threat of Cyber-Attacks on Whitehall ‘Is Severe and Advancing Quickly’, NAO Says
The Guardian by Robert Booth
The UK’s National Audit Office (NAO) has issued a stark warning about the growing severity of cyber threats targeting Whitehall, stating that attacks are “advancing quickly” and government defences remain under pressure. With foreign adversaries and criminal groups increasingly focused on breaching critical government infrastructure, the report urges urgent investment in cyber resilience. The NAO highlights weaknesses in legacy systems and calls for improved incident response strategies to prevent potential large-scale breaches.
🔗 Read More
Amazon Was Sued Over Alleged ‘Backdoor Access’ to Consumer Data
Quartz by Ben Kessler
Amazon is facing a lawsuit over allegations that it provided unauthorised “backdoor access” to consumer data, raising fresh concerns about privacy and data security. The lawsuit claims that Amazon allowed third parties, including government agencies, to access user information without explicit consent. Amazon has denied the allegations, stating that it adheres to strict privacy policies. The case highlights ongoing tensions between tech companies, regulators, and privacy advocates over data access and consumer rights.
🔗 Read More
$6.4M to Combat Health Sector Cyber Threat
InnovationAus by Brandon How
The Australian government has allocated $6.4 million to bolster cybersecurity in the health sector amid rising cyber threats targeting hospitals and medical institutions. The funding will be used to enhance digital security frameworks, improve threat intelligence sharing, and support response capabilities. With the healthcare industry increasingly in the crosshairs of ransomware gangs and nation-state actors, officials stress the importance of proactive measures to safeguard patient data and ensure operational resilience.
🔗 Read More
Engineering Giant Smiths Group Discloses Security Breach
BleepingComputer by Sergiu Gatlan
Smiths Group, a global engineering firm, has confirmed a security breach affecting its corporate network. The company has not disclosed the full scope of the attack but stated that it is working with cybersecurity experts to investigate and mitigate any damage. While operational disruptions appear limited, the breach underscores the ongoing targeting of industrial and engineering firms by cybercriminals. Businesses in critical infrastructure sectors are urged to fortify their defences against increasingly sophisticated cyber threats.
🔗 Read More
OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking
The Hacker News by Ravie Lakshmanan
Security researchers have uncovered a vulnerability in OAuth-based authentication systems used by major airlines, potentially exposing millions of travellers to account hijacking. Attackers could exploit the flaw to redirect users to malicious websites, stealing login credentials and personal data. Affected airlines are rushing to patch the issue, but the incident raises broader concerns about the security of third-party authentication integrations. Experts recommend enabling multi-factor authentication and being cautious of unexpected login requests.
🔗 Read More
Security Pros More Confident About Fending Off Ransomware, Despite Being Battered by Attacks
The Register by Connor Jones
A new industry report reveals that while security professionals remain under relentless ransomware attacks, confidence in their ability to mitigate threats has increased. Improved detection tools, better incident response plans, and stronger employee training are credited for this shift. However, experts caution that overconfidence could lead to complacency, as ransomware tactics continue to evolve. Organisations are urged to maintain vigilance and continuously update their cybersecurity strategies.
🔗 Read More
DeepSeek Blames Disruption on Cyberattack as Vulnerabilities Emerge
Security Week by Eduard Kovacs
AI chatbot provider DeepSeek has blamed a recent service disruption on a cyberattack, raising further concerns after security researchers flagged vulnerabilities in its platform. The incident has drawn regulatory scrutiny, with officials questioning the company’s security measures and user data protection practices. While DeepSeek has implemented emergency fixes, the event underscores the growing cybersecurity risks tied to AI-driven platforms and the need for robust protections.
🔗 Read More
Ransomware Targets ESXi Systems via Stealthy SSH Tunnels for C2 Operations
The Hacker News by Ravie Lakshmanan
A newly discovered ransomware campaign is exploiting ESXi hypervisors using stealthy SSH tunnels to maintain persistent command-and-control (C2) operations. By targeting virtualisation infrastructure, attackers can maximise disruption while evading traditional security measures. The attack highlights the increasing focus on ESXi environments by ransomware groups, underscoring the need for organisations to harden hypervisor security, monitor for unusual SSH activity, and enforce strict access controls.
🔗 Read More
Origin Energy Fined $1.6M After Sharing Private Details of Family Violence Victims
The Guardian via Australian Associated Press
Origin Energy has been fined $1.6 million after it was found to have improperly disclosed the personal details of family violence survivors. The breach, which violated privacy and safety protections, has drawn sharp criticism from consumer advocacy groups. Regulators emphasise that organisations handling sensitive information must implement stricter data protection measures to prevent further harm. The case serves as a stark reminder of the real-world consequences of data mishandling, particularly for vulnerable individuals.
🔗 Read More
How Long Does It Take Hackers to Crack Modern Hashing Algorithms?
The Hacker News
A new analysis reveals how quickly hackers can crack modern hashing algorithms, with weaker hashes like MD5 and SHA-1 being compromised in mere seconds. Even stronger algorithms, like bcrypt, can be cracked given enough computing power, particularly with AI-assisted brute force techniques. The findings highlight the importance of using complex, long passwords, enabling multi-factor authentication, and adopting newer hashing standards like Argon2. Organisations must stay ahead of evolving attack methods to protect sensitive credentials.
🔗 Read More
Network Security Tool Defects Are Endemic, Eroding Enterprise Defense
Cybersecurity Dive by Matt Kapko
A new study has found that security tools meant to protect networks often contain critical vulnerabilities themselves, creating gaps in enterprise defences. Misconfigurations, outdated software, and reliance on legacy systems exacerbate these weaknesses. The report calls for organisations to conduct continuous security assessments, patch vulnerabilities promptly, and implement layered defences to reduce risk. As attackers increasingly target security tools themselves, proactive monitoring and auditing are essential to maintaining a strong security posture.
🔗 Read More
White House Evaluates China AI App DeepSeek’s Effect on National Security
itNews by Andrea Shalal and David Shepardson
The Trump administration is assessing whether China’s AI-powered chatbot, DeepSeek, poses a national security risk. Officials are concerned about potential data privacy violations and AI-driven misinformation campaigns. With growing tensions between the U.S. and China over AI dominance, this review could lead to tighter restrictions on Chinese AI technologies. The outcome may also set a precedent for how governments regulate foreign AI systems, especially those with access to large-scale user data.
🔗 Read More
USPS Impersonators Tap Trust in PDFs in Smishing Attack Wave
Dark Reading by Elizabeth Montalbano
Cybercriminals are using PDF attachments in smishing campaigns that impersonate the U.S. Postal Service (USPS), tricking victims into revealing personal and financial details. The attack exploits users’ trust in official-looking documents, bypassing basic phishing detection measures. Security experts warn that PDF-based phishing is on the rise, as it can evade email security filters. Users are advised to verify sender details, avoid clicking on unsolicited links, and use multi-factor authentication to protect their accounts.
🔗 Read More
Bitwarden Makes It Harder to Hack Password Vaults Without MFA
BleepingComputer by Bill Toulas
Bitwarden has introduced new security measures to make hacking password vaults significantly more difficult for attackers who bypass or steal credentials. By requiring additional authentication checks for high-risk actions and accounts without multi-factor authentication (MFA), the update aims to reduce unauthorised access. Security experts praise the move, though they continue to stress that MFA remains essential for securing online accounts. Users are encouraged to enable MFA to maximise protection.
🔗 Read More
Someone Is Slipping a Hidden Backdoor into Juniper Routers Across the Globe, Activated by a Magic Packet
The Register by Jessica Lyons
Security researchers have discovered a covert backdoor in Juniper routers that can be remotely activated with a specially crafted “magic packet.” The backdoor, found in multiple locations worldwide, allows attackers to gain persistent access without detection. It remains unclear whether this is the work of nation-state actors or cybercriminals, but experts warn of potential espionage or large-scale cyberattacks. Network administrators are urged to apply the latest firmware updates and monitor unusual traffic patterns.
🔗 Read More
Analysis:
Cyber Insights 2025: Cyberinsurance – The Debate Continues
Security Week by Kevin Townsend
The debate over the role and sustainability of cyberinsurance is heating up as 2025 approaches. With ransomware payouts surging and insurers tightening requirements, businesses are facing higher premiums and more stringent security mandates. Some argue that cyberinsurance incentivises better security practices, while others warn it creates a false safety net. This analysis explores how the cyberinsurance market is evolving, the increasing role of regulatory pressure, and whether businesses can still rely on policies as a viable risk management strategy.
🔗 Read More
The Risks of Politicising Europe’s Tech Laws
PrivID (Substack)
As Europe’s regulatory landscape tightens, concerns are mounting over the growing politicisation of tech laws. Policymakers are increasingly using cybersecurity and data protection as geopolitical tools, creating inconsistencies in enforcement and compliance burdens for businesses. This analysis explores the long-term risks of over-regulating the sector, including stifling innovation and creating regulatory fragmentation. The piece calls for a balanced approach that prioritises security without undermining Europe’s tech competitiveness.
🔗 Read More
The Growing Complexity of Global Cybersecurity: Moving from Challenges to Action
World Economic Forum by Akshay Joshi
Cybersecurity threats are outpacing traditional defense mechanisms, and global leaders are being urged to shift from reactive to proactive security strategies. This WEF report outlines key steps businesses and governments must take, including strengthening international cyber cooperation, investing in resilience, and prioritising cyber hygiene at all levels. The report also highlights how emerging technologies like AI and quantum computing will further reshape the threat landscape. The takeaway? Cybersecurity must evolve as fast as the threats it seeks to combat.
🔗 Read More
The Cybersecurity Skills Gap Reality: We Need to Face the Challenge of Emerging Tech
CSO by Jon Oltsik
The cybersecurity skills gap is widening, and with AI, quantum computing, and new attack vectors emerging, the challenge is becoming more urgent. This analysis explores why existing training and recruitment models are failing to keep pace with technological change. Industry leaders argue that businesses must rethink hiring strategies, invest in continuous upskilling, and embrace automation to offset the shortage. Without intervention, the talent gap will continue to grow, leaving organisations vulnerable to increasingly sophisticated cyber threats.
🔗 Read More
CyAN Members Op-Eds, Articles, etc.:
Identity: The New Perimeter for Organisational Cybersecurity in the Age of Competitive AI
CyAN Blog by Joe Cozzupoli
CyAN member Joe Cozzupoli explores why identity is becoming the new frontline of cybersecurity, especially as AI-driven threats evolve. With traditional network perimeters fading, organisations must prioritise identity security to defend against credential theft, AI-powered deepfake attacks, and insider threats. Joe highlights the need for robust identity management frameworks, zero-trust principles, and continuous authentication to stay ahead of emerging risks. As AI reshapes the cyber landscape, securing identity isn’t just about access—it’s about resilience.
🔗 Read More
Beyond Data Protection Day: Safeguarding Our Digital Lives Every Day
Kim Chandler McDonald
In this insightful piece, CyAN global VP Kim Chandler McDonald argues that data privacy shouldn’t be a one-day-a-year conversation. While Data Protection Day serves as a reminder of digital rights and responsibilities, true security requires ongoing vigilance. Kim explores the increasing risks to personal and corporate data, the need for stronger privacy frameworks, and practical steps individuals and organisations can take to strengthen data sovereignty. The message is clear: cybersecurity isn’t a checkbox—it’s a continuous commitment.
🔗 Read More
Upcoming CyAN Global Events:
- AI Global Everything, Dubai, UAE: 4-6 February
🔗 More Info - CyAN APAC: The Geopolitical Impacts of Cyber Threats: From Espionage to Influence – Keynote by Dan Elliot
📅 March 12, Peoplebank, Sydney
(Initial tickets will be by invitation only for CyAN members, general release tickets available soon!) - GITEX AFRICA, Marrakesh, Morocco: 14-16 April
🔗 More Info - GITEX ASIA, Singapore (Marina Bay Sands): 23-25 April
🔗 More Info - GISEC, Dubai World Trade Center, Dubai, UAE: 6-8 May
🔗 More Info - The Cyber Outstanding Security Performance Awards (Cyber OSPAs), London, UK: May 8
🔗 More Info - MaTeCC, Rabat, Morocco: 7-9 June 2025
(The third annual North Africa and beyond cybersecurity event, hosted by CyAN partner organisation École High-Tech.)
🔗 More Info