Information Security News:
TSA’s Airport Facial-Recog Tech Faces Audit Probe
The Register by Brandon Vigliarolo
The U.S. Transportation Security Administration’s (TSA) facial recognition program is under audit by the Government Accountability Office (GAO) due to concerns over privacy, data security, and potential biases. The audit will assess how biometric data is collected, stored, and shared, and whether passengers can meaningfully opt out. Critics warn of surveillance overreach and hacking risks, while TSA argues the technology improves security and efficiency. The findings could impact future airport screening policies and the broader use of facial recognition in public spaces.
🔗 Read More
XE Group Cybercrime Gang Moves from Credit Card Skimming to Zero-Day Exploits
SecurityWeek by Ryan Naraine
The XE Group, a long-standing cybercrime syndicate, has shifted tactics from credit card skimming to exploiting zero-day vulnerabilities, targeting unpatched software in enterprise environments. Security researchers report that the group is now leveraging undisclosed flaws to gain initial access, escalating their operations to ransomware and espionage. This move highlights a broader trend of financially motivated threat actors abandoning low-level fraud in favour of more lucrative, high-impact cyberattacks. Organisations are urged to prioritise patching, threat intelligence, and zero-trust security models to mitigate risks.
🔗 Read More
1-Click Phishing Campaign Targets High-Profile X Accounts
Dark Reading by Elizabeth Montalbano
A new phishing campaign is compromising high-profile X (formerly Twitter) accounts through a one-click attack, bypassing traditional credential theft methods. Victims, including journalists, celebrities, and corporate brands, are tricked into clicking malicious links that instantly hijack their accounts. Attackers then use these accounts for scams, misinformation, and crypto fraud. Experts warn that multi-factor authentication alone may not prevent this attack, urging users to verify all communications and scrutinise links before clicking, as social media remains a prime battleground for cyber threats.
🔗 Read More
DeepSeek AI Tools Impersonated by Infostealer Malware on PyPI
BleepingComputer by Bill Toulas
Cybercriminals are impersonating DeepSeek AI tools on the Python Package Index (PyPI) to distribute infostealer malware, targeting developers and researchers. These malicious packages, once installed, steal credentials, exfiltrate sensitive data, and install backdoors into infected systems. The attack underscores ongoing software supply chain threats, as open-source repositories remain a prime target for abuse. Security experts recommend verifying maintainers, auditing dependencies, and using automated tools to detect rogue packages before they compromise development environments.
🔗 Read More
Elon Musk’s Doge Team Granted ‘Full Access’ to Federal Payment System
The Guardian by Ed Pilkington
Concerns over centralisation and oversight are mounting after reports revealed that Elon Musk’s Doge team was given full access to the U.S. federal payment system. Critics warn that such consolidation of power could create significant security and accountability risks, particularly with Musk’s history of controversial decision-making. While the move is framed as a step toward efficiency, regulators and lawmakers are now questioning how this level of access was granted and what safeguards, if any, are in place to prevent misuse or vulnerabilities in critical government financial infrastructure.
🔗 Read More
Privacy Commissioner Warns the ‘John Smiths’ of the World Can Acquire ‘Digital Doppelgangers’
The Register by Simon Sherwood
Australia’s Privacy Commissioner has raised alarms about how easily individuals can assume false digital identities using personal data scraped from the internet. With AI-powered fraud techniques evolving, impersonation attacks are becoming more common. Criminals can now create ‘digital doppelgangers’ to bypass authentication measures, defraud businesses, or manipulate online reputation. This warning underscores the need for stronger identity verification standards, better consumer awareness, and policy changes to curb the abuse of publicly available personal data for nefarious purposes.
🔗 Read More
Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware
The Hacker News by Ravie Lakshmanan
A notorious cybercriminal group dubbed ‘Crazy Evil’ is intensifying its attacks on cryptocurrency users, deploying a trifecta of malware—StealC, AMOS, and Angel Drainer. These threats work together to hijack digital wallets, steal credentials, and drain funds from unsuspecting users. The rise of these sophisticated malware strains highlights the increasing risks in the crypto space, where decentralised finance platforms and individual investors remain prime targets. Experts warn that without robust security practices and improved scam awareness, crypto holders will continue to be lucrative prey for cybercriminals.
🔗 Read More
FBI Attacks ‘The Manipulaters’ As Hackers Impact 17 Million Americans
Forbes by Davey Winder
The FBI has launched a major crackdown on a cybercriminal group known as ‘The Manipulaters,’ responsible for breaching sensitive records of 17 million Americans. This operation marks a significant step in tackling large-scale data theft, with the hackers accused of running sophisticated phishing campaigns and credential-stuffing attacks. The FBI’s intervention highlights the growing threat of mass-scale identity fraud and the urgent need for better consumer protection against cybercriminals leveraging automated attack methods to compromise vast amounts of personal data.
🔗 Read More
Gilmore Girls Fans Nabbed as Eurocops Dismantle Two Major Cybercrime Forums
The Register by Connor Jones
European law enforcement has dismantled two major cybercrime forums, leading to multiple arrests—including individuals who oddly identified as Gilmore Girls fans. The sites facilitated data breaches, malware distribution, and stolen data sales, making them prime hubs for cybercriminal activity. This operation highlights the increasing effectiveness of international law enforcement in taking down illicit online marketplaces and reinforces the importance of cross-border collaboration in tackling cyber threats.
🔗 Read More
AI Tools Used for Child Sexual Abuse Images Targeted in Home Office Crackdown
The Guardian by Michael Savage
The UK Home Office is intensifying efforts to combat AI-generated child sexual abuse images, a growing concern in the digital age. Generative AI tools now allow criminals to create illegal material at scale, evading traditional detection methods. The crackdown signals a push for tighter regulation and proactive enforcement to prevent AI from being exploited by predators. With technology evolving faster than legislation, experts warn that more comprehensive frameworks are needed to keep up with the risks AI poses in the wrong hands.
🔗 Read More
Google Says Hackers Abuse Gemini AI to Empower Their Attacks
BleepingComputer by Bill Toulas
Threat actors linked to China and Iran are leveraging Google’s Gemini AI to improve their hacking techniques, generating malicious scripts and refining phishing campaigns. This revelation amplifies concerns about AI being weaponised to enhance cyber threats, raising difficult questions about restricting access to advanced AI models. With cybersecurity experts calling for stronger guardrails, tech companies face growing pressure to develop AI tools that balance innovation with security, preventing them from becoming tools of cyber warfare.
🔗 Read More
A Man Stalked a Professor for Six Years. Then He Used AI Chatbots to Lure Strangers to Her Home
The Guardian by Katie McQue
A man who stalked a professor for six years escalated his harassment by using AI chatbots to impersonate her online and lure strangers to her home. The case illustrates how AI can be weaponised for harassment, fraud, and identity theft, pushing the need for legal protections and AI safeguards. While chatbots offer convenience and efficiency, their potential for abuse remains a serious concern, raising ethical questions about responsibility when AI is misused in harmful ways. Stronger AI governance is needed to prevent similar incidents.
🔗 Read More
DeepSeek Jailbreak Reveals Its Entire System Prompt
Dark Reading by Nate Nelson
A jailbreak of China’s DeepSeek AI has revealed its internal system prompt, exposing operational secrets and potential security gaps. This discovery raises concerns about AI transparency, adversarial exploitation, and the ease with which these models can be manipulated. As governments and companies race to develop more powerful AI, security vulnerabilities like this highlight the risks of inadequate safeguards. The leak also underscores the challenges of maintaining AI integrity, as unauthorised modifications could be used to manipulate outputs for malicious purposes.
🔗 Read More
Bill Requiring Federal Contractors to Have Vulnerability Disclosure Policies Gets House Redo
Cyber Scoop by Matt Bracken
The Strengthening Cybersecurity for the [US] Federal Government Act is back on the table, mandating that all federal contractors implement vulnerability disclosure policies (VDPs). These policies ensure that security flaws are reported and addressed before they can be exploited by attackers. With rising cyber threats targeting government suppliers, lawmakers argue that the bill will close critical security gaps and enforce consistent standards across agencies. The legislation aligns with broader federal efforts to tighten cybersecurity compliance, reducing risks in sectors handling sensitive data and critical infrastructure. If passed, contractors will need to proactively identify and mitigate vulnerabilities to retain government contracts.
🔗 Read More
Even the US Government Can Fall Victim to Cryptojacking
FedScoop by Rebecca Heilweil & Tim Starks
A new report reveals that even US government networks have been compromised by cryptojacking—where hackers hijack computing resources to mine cryptocurrency. These attacks exploit vulnerabilities in cloud infrastructure, slowing operations and increasing costs. The incidents demonstrate how financially motivated cybercriminals are shifting tactics, using low-profile attacks to generate passive income. Experts warn that cryptojacking is an underreported but growing concern, urging organisations to monitor for unusual CPU usage and unauthorised mining scripts.
🔗 Read More
Indian Tech Giant Tata Technologies Hit by Ransomware Attack
BleepingComputer by Bill Toulas
Indian IT giant Tata Technologies was hit by a ransomware attack, disrupting operations across multiple regions. The breach underscores the persistent threat of ransomware to enterprises, particularly those in critical supply chains. Cybercriminals continue to target major corporations with financially motivated extortion schemes, demanding hefty ransoms for decryption keys. This incident reinforces the need for robust incident response plans, improved cybersecurity training, and resilient backup strategies to mitigate operational disruptions and financial losses.
🔗 Read More
Italy Blocks Access to the Chinese AI Application DeepSeek to Protect Users’ Data
SecurityWeek via Associated Press
Citing data protection concerns, Italy has blocked access to China’s DeepSeek AI, joining a growing list of nations scrutinising AI-powered services over potential privacy violations. The decision underscores global apprehension about how AI applications handle and store user data, with fears of mass surveillance and regulatory breaches fueling stricter policies. As AI continues to evolve, more governments are expected to implement preemptive bans and security reviews to protect citizens from opaque AI-driven data collection.
🔗 Read More
US, Dutch Authorities Disrupt Pakistani Hacking Shop Network
SecurityWeek by Ionut Arghire
Authorities in the US and the Netherlands have taken down a Pakistani cybercriminal network involved in hacking and online fraud. The operation marks a significant victory in the fight against transnational cybercrime, demonstrating the importance of intelligence-sharing in dismantling illicit digital operations. With cybercriminal networks operating across borders, these joint efforts are becoming increasingly essential in tackling sophisticated cyber threats that impact governments, businesses, and individuals worldwide.
🔗 Read More
US Healthcare Provider Data Breach Impacts 1 Million Patients
BleepingComputer by Sergiu Gatlan
A major healthcare provider in the US has suffered a data breach affecting over one million patients. The breach exposed sensitive medical records, putting personal and financial information at risk. Healthcare remains a prime target for cybercriminals due to the high value of patient data on the black market. This latest attack underscores the urgent need for stronger cybersecurity measures in the sector, as well as better regulatory enforcement to ensure patient data is properly protected from increasingly sophisticated cyber threats.
🔗 Read More
Once-Secret Treasury Memos Detail Agency Response to SolarWinds Hack
Bloomberg by Jason Leopold
Recently declassified Treasury Department memos reveal internal discussions and responses to the SolarWinds cyberattack, one of the largest espionage campaigns in history. The documents show how officials scrambled to assess the damage and mitigate risks after discovering that Russian hackers had infiltrated multiple federal agencies. The memos highlight gaps in federal cybersecurity preparedness and the challenges of responding to nation-state attacks at scale. This insight into government decision-making underscores the ongoing need for improved threat detection and rapid response frameworks.
🔗 Read More
FDA, CISA Warn About Vulnerabilities in Patient Health Monitors
Cybersecurity Dive by Nick Paul Taylor
The FDA and CISA have issued a joint advisory about security flaws in several widely used patient monitoring devices. These vulnerabilities could allow attackers to access or disrupt medical devices, potentially putting patients’ lives at risk. As healthcare technology becomes increasingly connected, the risk of cyberattacks targeting medical devices grows. The advisory urges manufacturers to address security gaps proactively and stresses the importance of regulatory oversight in ensuring patient safety in an era of digital health transformation.
🔗 Read More
WhatsApp Says It Disrupted Spyware Campaign Aimed at Reporters, Civil Society
CyberScoop by Tim Starks
WhatsApp has disrupted a sophisticated spyware campaign targeting journalists and civil society members, reportedly linked to the Israeli firm Paragon. The attackers used zero-click exploits, meaning victims could be infected without taking any action. This case highlights the ongoing threat of commercial spyware and the risks posed to activists and reporters. While WhatsApp has bolstered its security, the persistence of these attacks underscores the need for broader legislative action against spyware vendors and stronger international cooperation to combat digital surveillance abuses.
🔗 Read More
Analysis
Cyber Insights 2025: Quantum and the Threat to Encryption
SecurityWeek by Kevin Townsend
Quantum computing is advancing faster than anticipated, posing a serious threat to modern encryption standards. Experts warn that once quantum systems reach a certain threshold, they could break widely used cryptographic protections, exposing sensitive data across industries. Governments and cybersecurity researchers are racing to develop quantum-resistant encryption, but adoption lags behind the technology’s rapid development. Organisations must begin assessing their cryptographic resilience now to avoid a future where quantum-powered cyberattacks render current security frameworks obsolete.
🔗 Read More
What Does It Mean to Build in Security from the Ground Up?
The Register by Larry Peterson
Despite years of warnings, many organisations still treat security as an afterthought, bolting it on at the end rather than integrating it from the start. This reactive approach leaves systems vulnerable and increases costs when security flaws must be patched later. The article explores why businesses continue to prioritise convenience, speed, and usability over cybersecurity and the risks this poses. With increasing cyber threats, regulatory demands, and consumer expectations, companies must shift towards proactive security strategies to build resilient, trustworthy digital ecosystems.
🔗 Read More
5 Risk Factors from Supply Chain Interdependencies in a Complex Cybersecurity Landscape
World Economic Forum by Akhilesh Tuteja
Cybercriminals are increasingly exploiting supply chain vulnerabilities to infiltrate organisations, making third-party risks a major security concern. From compromised software dependencies to unvetted suppliers, businesses are often unaware of weak links in their supply chains. This article breaks down the top five risk factors contributing to supply chain insecurity and offers practical strategies to mitigate them. As cybercriminal tactics grow more sophisticated, companies must implement stronger security assessments, enforce compliance standards, and build resilience into their vendor ecosystems to prevent costly breaches.
🔗 Read More
CISO Stature Gains Traction as Global Cyber Risk Escalates
Cybersecurity Dive by David Jones
Once relegated to back-office IT roles, Chief Information Security Officers (CISOs) are now gaining prominence in boardrooms as cyber threats escalate. The rise in ransomware attacks, regulatory scrutiny, and the increasing financial stakes of breaches have made cybersecurity a core business concern. But with increased influence comes heightened expectations—CISOs must now balance risk management, compliance, and business strategy while justifying security investments to executives. This article explores how the CISO role is evolving, the challenges they face, and what businesses must do to support them in protecting their digital assets.
🔗 Read More
Can AI & the Cyber Trust Mark Rebuild Endpoint Confidence?
Dark Reading by Chris “CT” Thomas
AI-driven cybersecurity solutions are becoming essential in the fight against increasingly complex cyber threats. However, concerns around transparency, reliability, and adversarial manipulation of AI models remain. This analysis examines whether initiatives like the Cyber Trust Mark can provide the assurances needed to rebuild confidence in endpoint security. As cybercriminals experiment with AI-powered attacks, security teams must evaluate whether AI defences can keep up. The piece explores the potential of AI in securing enterprise environments while addressing the challenges of bias, explainability, and resistance to adversarial manipulation.
🔗 Read More
Third-Party Delegation: Striking the Balance Between Risk, Trust, and Control
IT Security Guru by Kirsten Doyle
Delegating access to third parties is essential in modern business operations, but it comes with significant risks. Unauthorised access, poor security hygiene, and lack of oversight can lead to devastating breaches. This article explores how companies can establish strong third-party risk management frameworks to mitigate threats while maintaining operational efficiency. By striking the right balance between trust and control, organisations can ensure secure collaborations without exposing themselves to unnecessary vulnerabilities.
🔗 Read More
State Data Privacy Regulators Are Coming. What Story Will You Tell Them?
Dark Reading by Becky Bracken
As data privacy regulators increase enforcement actions, businesses need to be ready to justify how they collect, store, and use customer data. This article explores the evolving regulatory landscape and the steps companies must take to align with new compliance expectations. Transparency, accountability, and ethical data management are now non-negotiable, with organisations expected to demonstrate responsible data stewardship. The ability to articulate a strong compliance narrative can mean the difference between building consumer trust and facing regulatory penalties. With governments worldwide strengthening privacy laws, companies that fail to prepare risk costly fines, reputational damage, and legal battles.
🔗 Read More
CyAN Members Op Eds, Articles, etc:
The Hidden Cyber Risks Lurking in Supply Chains: What Every Business Leader Needs to Know
Kim Chandler McDonald
CyAN Global VP Kim Chandler McDonald examines the increasing dangers of AI-driven harassment, including deepfake manipulation, cyberstalking, and automated abuse. Highlighting real-world cases where AI tools have been weaponised, disproportionately targeting women and vulnerable groups, her article calls for urgent regulatory action and proactive industry collaboration to mitigate these risks. Kim stresses that AI developers must embed protective measures from the outset rather than attempting to address harm retroactively.
🔗 Read More
AI Global Everything, Dubai, UAE: February 4-6
🔗 Event Details
Upcoming CyAN Global Events
Breaking the Cycle: Combating Online IBSA for a Safer Digital Experience Webinar, March 6
(EST 6AM, CET 12PM, AEST 10PM)
🔗 Event Details
CyAN APAC: The Geopolitical Impacts of Cyber Threats: From Espionage to Influence Keynote by Dan Elliot, March 12
Location: Peoplebank, Sydney (Save the date, general release tickets available soon!)
GITEX AFRICA, Marrakesh, Morocco: April 14-16
🔗 Event Details
GITEX ASIA: Singapore (Marina Bay Sands) April 23-25
🔗 Event Details
GISEC: Dubai World Trade Center, Dubai, UAE: May 6-8
🔗 Event Details
The Cyber Outstanding Security Performance Awards (Cyber OSPAs), May 8, London, UK
🔗 Event Details
MaTeCC: Rabat, Morocco, June 7-9, 2025
(The third annual North Africa and beyond cybersecurity event, hosted by CyAN partner organisation École High-Tech.)
🔗 Event Details