Information Security News Elon Musk’s Starlink Could Be Used to Transmit Australian Election Voting Results The Guardian by Josh TaylorThe Guardian reports that Elon Musk’s satellite internet service, Starlink, is being considered as a potential method to transmit voting results in Australian elections. This proposal …
Information Security News EU Looks to Tech Sovereignty with EuroStack Amid Trade War Biometric Update by Masha BorakThe European Union is making significant strides towards tech sovereignty with the development of EuroStack, a comprehensive technology initiative aimed at reducing dependence on foreign tech giants amid …
SecurityWeek by Eduard Kovacs
The U.S. House of Representatives has recently passed a bill that mandates federal contractors to establish vulnerability disclosure policies. This legislative move aims to strengthen the security of federal digital assets by ensuring that vulnerabilities are systematically reported and addressed. The bill stipulates clear guidelines for contractors on how to manage and respond to reported vulnerabilities effectively.
This initiative underscores the government’s commitment to bolstering national cybersecurity infrastructure and fostering a more secure cyber environment for public and private sector collaborations.
Read more
BleepingComputer by Bill Toulas
A malicious package designed to steal Ethereum private keys was recently discovered on the Python Package Index (PyPI), downloaded over 1,000 times before its removal. This deceptive package, masquerading as a legitimate tool, underscores the growing threat in software supply chains where attackers exploit trust to distribute malware.
The incident highlights the critical need for developers and users to exercise heightened vigilance when integrating third-party code, emphasizing the importance of verifying sources and maintaining rigorous security protocols to safeguard sensitive cryptocurrency assets.
Read more
Dark Reading by Kristina Beek
In 2024, the cybersecurity industry witnessed significant cutbacks that disproportionately impacted women, exacerbating existing gender disparities in tech roles. These reductions not only led to fewer women in cybersecurity positions but also stalled efforts toward achieving diversity and inclusivity within the sector.
The situation calls for urgent implementation of supportive measures and policies aimed at recruiting, retaining, and advancing women in technology, particularly in cybersecurity fields. Enhancing gender diversity is not just a matter of equity; it enriches problem-solving and strengthens the overall resilience of cybersecurity defenses, making it imperative for the industry to address these challenges proactively.
Read more
BleepingComputer by Bill Toulas
Recent reports have identified a new type of cyber attack involving malicious Chrome extensions that can impersonate legitimate password managers. These deceptive extensions are capable of stealing login credentials by tricking users into inputting their information, believing they are using their trusted password management tools.
This emerging threat highlights the necessity for users to scrutinize browser extensions carefully before installation and emphasizes the importance of sourcing extensions from reputable developers only. It also calls for enhanced security measures by browser and extension marketplaces to prevent such malicious activities.
Read more
SecurityWeek by Ionut Arghire
The BadBox botnet, which harnessed the power of over 1 million compromised Android devices, has recently been disrupted. This vast network was used for large-scale DDoS attacks and other malicious activities, posing significant threats to online security.
The disruption marks a significant victory for cybersecurity teams, highlighting the effectiveness of coordinated efforts in combating such extensive cyber threats. It also underscores the ongoing need for robust mobile device security measures and public awareness about the risks of downloading unverified applications, which often serve as entry points for malware.
Read more
The Hacker News by Ravie Lakshmanan
More than 1,000 WordPress sites have been compromised with JavaScript backdoors, allowing attackers persistent and covert access. This widespread issue highlights a significant vulnerability in website security, particularly affecting sites with outdated plugins or weak admin credentials.
The malicious JavaScript enables cybercriminals to manipulate site content, steal data directly from users, and potentially leverage the sites for further attacks. This situation calls for immediate action from site administrators to update and secure their systems, implement stringent security measures such as regular audits, and educate users on the importance of strong password policies and regular updates to prevent future breaches.
Read more
Dark Reading Global by Robert Lemos
A Saudi construction firm is currently under siege from a series of escalating ransomware attacks, highlighting a significant vulnerability within the infrastructure sector. These attacks not only threaten the operational continuity and data integrity of the firm but also expose potential security lapses in industry-wide cybersecurity practices.
The situation underscores the critical need for robust cybersecurity measures, including regular system updates, comprehensive employee training, and advanced threat detection mechanisms. It also calls for a collaborative approach to cybersecurity, with increased sharing of threat intelligence and best practices within the sector to mitigate future risks.
Read more
Dark Reading by Alexander Culafi
The espionage group known as ‘Lotus Blossom’ continues to intensify its cyber espionage efforts across Southeast Asia. Leveraging sophisticated tactics, the group targets government and military sectors to gather sensitive information that could influence regional security dynamics.
This persistent threat underscores the critical need for heightened cybersecurity measures within these sectors. Enhanced vigilance, advanced threat detection systems, and continuous cybersecurity training are imperative to defend against such state-sponsored activities and to safeguard national security interests in the region.
Read more
IT Security Guru
SandboxAQ has partnered with the UN AI Hub to enhance global cybersecurity measures and foster innovation in artificial intelligence. This collaboration aims to leverage SandboxAQ’s expertise in quantum computing and AI to develop solutions that address critical security challenges faced by nations worldwide.
By integrating advanced AI technologies, the partnership seeks to create more resilient cybersecurity infrastructures and drive technological advancements that benefit global security and governance. This initiative not only highlights the potential of AI in enhancing cybersecurity but also emphasizes the importance of international cooperation in tackling complex digital threats.
Read more
Cyberscoop by Matt Kapko
The United States has indicted 12 Chinese nationals in connection with a comprehensive espionage operation targeting sensitive U.S. industrial and technological sectors. This sweeping indictment underscores the ongoing geopolitical tensions and the extensive nature of state-sponsored cyber espionage activities.
The accused are alleged to have conducted sophisticated cyber operations to steal trade secrets and critical data, compromising national security and the competitive edge of U.S. businesses. The case highlights the critical need for robust cyber defences and international collaboration to combat these high-stakes threats.
Read more
BleepingComputer by Bill Toulas
Rayhunter, an innovative open-source tool, has been developed to empower individuals and organizations to detect Stingray attacks—covert surveillance methods that intercept mobile phone communications. This tool is particularly crucial in protecting privacy rights as it enables users to identify and mitigate unauthorized cell tower simulators used for eavesdropping.
Rayhunter’s availability underscores the importance of community-driven solutions in enhancing digital privacy and security. It represents a significant step forward in the fight against intrusive surveillance technologies, offering a proactive approach to safeguard personal communications.
Read more
TechRadar by Ellen Jennings-Trace
Tata Technologies has been severely impacted by a major ransomware attack, resulting in the theft of approximately 1.4 terabytes of data, encompassing over 730,000 files. This significant security breach underscores the escalating threat landscape that corporations worldwide are facing.
The attack not only highlights the need for stringent cybersecurity measures but also puts a spotlight on the vulnerabilities that can be exploited in critical business infrastructures. The incident calls for an urgent review and reinforcement of digital defenses to prevent future occurrences and protect sensitive corporate information.
Read more
The Hacker News by Ravie Lakshmanan
Recent discoveries have revealed significant security vulnerabilities in VMware products, which have been actively exploited in the wild. These flaws could allow attackers to execute code remotely and escape from secured environments, posing severe risks to enterprises relying on VMware for their virtual infrastructure.
In response, Broadcom has swiftly released urgent patches to address these vulnerabilities. Organizations are urged to apply these security updates immediately to protect their systems from potential breaches and maintain the integrity of their operational environments. This incident highlights the ongoing need for vigilance and prompt action in the face of emerging cybersecurity threats.
Read more
Dark Reading by Alexander Culafi
The ‘JavaGhost’ threat actor is currently targeting AWS environments through a sophisticated phishing scheme designed to compromise enterprise cloud infrastructures. By exploiting vulnerabilities in AWS configurations, JavaGhost has been able to execute phishing attacks that deceive users into revealing their credentials.
This campaign underscores the importance of stringent cloud security practices, including regular audits and employee training to recognize phishing attempts. Organizations using AWS must enhance their vigilance and deploy multi-layered security measures to prevent such breaches and protect their critical cloud assets.
Read more
Cyberscoop by Matt Bracken
In response to increasing cyber attacks targeting the telecommunications sector, Congress is considering legislation to expand the cyber responsibilities of the National Telecommunications and Information Administration (NTIA). This move aims to bolster the United States’ defenses against sophisticated cyber threats that disrupt essential communication services.
By enhancing the NTIA’s capabilities, lawmakers hope to improve coordination across federal agencies and strengthen the resilience of critical infrastructure. The proposed changes underscore the urgency of adapting governmental cyber strategies to meet the evolving landscape of digital threats.
Read more
BleepingComputer by Sergiu Gatlan
Cisco has issued a warning about a critical flaw in Webex for BroadWorks that could expose user credentials, posing a significant security risk. This vulnerability allows unauthorized access to sensitive information, potentially enabling attackers to intercept and manipulate communications.
Cisco has recommended immediate updates and has provided patches to mitigate this vulnerability. This incident highlights the continuous need for vigilance and prompt software updates in safeguarding communication tools from emerging cyber threats. Organizations are urged to apply these patches without delay to protect their data and maintain the integrity of their communication channels.
Read more
BleepingComputer by Lawrence Abrams
Recent analysis has revealed that cybercriminals employing Black Basta and Cactus ransomware are leveraging Microsoft Teams as a vector for their attacks. These groups use malicious tactics, such as embedding malware within seemingly legitimate communications, to exploit the popular collaboration platform.
The use of Microsoft Teams enables these attackers to bypass traditional security measures and gain unauthorized access to corporate networks. This development calls for organizations to enhance their security protocols concerning communication tools and educate employees about the risks of malware in everyday applications, ensuring robust defenses against these sophisticated cyber threats.
Read more
BleepingComputer by Bill Toulas
A sophisticated new form of polyglot malware has been identified targeting aviation and satellite communication firms, posing significant security challenges. This malware uniquely blends multiple functionalities, allowing it to act both as a data stealer and a disruptor of communication systems.
The attacks highlight vulnerabilities within critical infrastructure sectors and underscore the urgent need for enhanced cybersecurity measures. Firms in these industries are advised to conduct thorough security audits, update their systems regularly, and train staff to recognize signs of malicious activities to safeguard against such advanced threats.
Read more
Dark Reading by Jai Vijayan
Three critical zero-day vulnerabilities have been discovered in VMware software, allowing attackers to escape from virtualized environments and execute code on the host machine. These vulnerabilities pose severe risks to enterprises relying on VMware for virtualization, as they could lead to full system compromise if exploited.
VMware has responded by releasing urgent patches to address these security flaws. Organizations are strongly advised to apply these updates immediately to protect their systems from potential attacks. This incident highlights the ongoing need for proactive security practices and rapid response to emerging threats in virtualization technology.
Read more
BleepingComputer by Bill Toulas
Tata Technologies recently fell victim to a significant ransomware attack by Hunters International, resulting in the theft of over 1.4 terabytes of sensitive data, including more than 730,000 files. This breach underscores the growing threat of ransomware attacks targeting major corporations, highlighting the potential for substantial operational disruption and financial loss.
In response to the attack, Tata Technologies is taking robust measures to bolster their cybersecurity defences and mitigate the impact of the breach. This incident serves as a critical reminder for all companies to enhance their data protection strategies and prepare for the possibility of similar cyber threats.
Read more
Cybersecurity Dive by David Jones
The Eleven11 botnet, a rapidly expanding network, has compromised over 86,000 IoT devices worldwide, demonstrating the increasing vulnerabilities in connected technology. This botnet exploits weak default passwords and unpatched security flaws to control devices, using them for large-scale DDoS attacks and other malicious activities.
The widespread impact underscores the critical importance of securing IoT devices with strong, unique passwords and regular firmware updates. It highlights the necessity for manufacturers and users to implement more rigorous security measures to prevent such infiltrations and protect the integrity of IoT ecosystems.
Read more
SecurityWeek by Ionut Arghire
The Polish Space Agency recently experienced a significant cyberattack, highlighting vulnerabilities in national security and space exploration sectors. This breach compromised sensitive data, potentially affecting critical operations and international collaborations.
The incident emphasizes the urgent need for enhanced cybersecurity protocols and systems within agencies involved in space technology and research. It also calls for increased cooperation among international partners to bolster defenses against such sophisticated threats, ensuring the protection of vital infrastructure and information in the expanding arena of space exploration.
Read more
itNews by Renju Jose
Major technology companies are challenging an exemption that would allow YouTube to operate under Australia’s proposed social media ban, citing concerns over fairness and regulatory consistency. The ban, aimed at protecting users from harmful online content, has sparked debate among tech giants, who argue that all platforms should be held to the same standards.
This opposition highlights the complexities of regulating digital platforms while ensuring competitive equity. It underscores the need for clear, equitable regulations that balance user safety with fair market practices, crucial for maintaining a healthy digital ecosystem.
Read more
Dark Reading by Shirley Salzman
Shirley Salzman, writing for Dark Reading, argues that the future of cybersecurity isn’t about hoarding tools but about mastering governance. While technology plays a role, true resilience comes from strong policies, risk management, and compliance frameworks that align security strategies with business objectives.
Salzman emphasizes that prioritizing governance over endless tool acquisition strengthens operational resilience, mitigates risks proactively, and ensures organizations can adapt to evolving threats. By embedding governance into cybersecurity, businesses create a security posture that’s not just reactive but strategic, scalable, and built for long-term digital defense.
Read more
The Hacker News
The Hacker News staff highlights identity as the new battleground in cybersecurity, with attackers shifting from exploiting system vulnerabilities to targeting user credentials. Protecting digital identities now requires more than just passwords—it demands multi-factor authentication, continuous monitoring, and behavioural analytics to detect and block unauthorized access.
As identity theft and credential-based attacks grow more sophisticated, organizations must prioritize advanced identity protection measures to safeguard individuals and digital infrastructure from evolving cyber threats.
Read more
Dark Reading by Adam Strange
Writing for Dark Reading, Adam Strange emphasizes that as AI continues reshaping business operations, balancing productivity with stringent data security is critical. Organizations must embed security-first principles into AI deployments, ensuring sensitive information is protected from misuse or breaches.
Strong data governance, encryption, and access controls are essential to maintaining trust in AI-driven environments. Strange argues that without prioritizing security alongside innovation, businesses risk compromising both regulatory compliance and long-term growth in an AI-powered corporate landscape.
Read more
InnovationAus by Toby Murray
Toby Murray of InnovationAus critiques tech companies’ proposed safety codes, arguing they fail to offer comprehensive protection for all children online. While these measures represent progress, they still leave critical gaps, particularly for vulnerable users who need the most protection.
Murray calls for stronger regulatory enforcement, ensuring platforms take real accountability rather than relying on voluntary commitments. Without broader, legally binding safeguards, children remain at risk, highlighting the urgent need for policies that prioritize child safety over corporate interests.
Read more
PrivID (Substack)
PrivID (Substack) highlights encryption as a crucial safeguard for democracy, especially as cyberwarfare threats escalate. Strong encryption protects voter data and election integrity from manipulation, ensuring that democratic outcomes remain free from interference.
Weakening these protections risks exposing electoral systems to hostile actors, eroding public trust. The analysis calls on governments to uphold robust encryption standards, reinforcing digital voting security, transparency, and resilience against cyber threats that seek to undermine democratic processes.
Read more
Dark Reading by Andrey Leskin
Andrey Leskin of Dark Reading examines the paradox of a cybersecurity job market plagued by both a talent shortage and hiring difficulties. Despite high demand, many skilled candidates struggle to secure roles due to rigid job descriptions, unrealistic experience requirements, and a preference for niche expertise over adaptable skills.
Instead of fostering talent, companies are narrowing the pool by demanding certifications over potential. The analysis calls for a shift in hiring strategies—investing in internal development, easing entry barriers, and creating pathways for emerging professionals to bridge the cybersecurity skills gap before it widens further.
Read more
Trend Micro by Trent Holmes & Willem Gooderham
Trent Holmes and Willem Gooderham of Trend Micro uncover critical security flaws in DeepSeek-R1, exposing weaknesses in its chain-of-thought reasoning that attackers can exploit. These vulnerabilities enable adversaries to manipulate AI outputs, leading to misinformation, biased responses, or data leaks.
The findings highlight the urgent need for security-first AI development, where transparency, rigorous testing, and adversarial resilience are prioritized. Without stronger safeguards, large language models remain susceptible to manipulation, posing risks to trust, decision-making, and the ethical use of AI-driven systems.
Read more
CyAN Member and evisec CEO Henry Röigas
Highlights from the latest cybersecurity research sources by evisec:
For a deeper dive on these topics and other data-led insights, explore the latest Cybersecurity Research Digest here:
Read more
CyAN Staff
CyAN firmly opposes encryption backdoors, warning that such policies undermine global cybersecurity. While governments argue they are necessary for law enforcement, the reality is they create systemic vulnerabilities that can be exploited by cybercriminals and hostile nation-states.
Weakening encryption doesn’t just affect criminals—it puts businesses, critical infrastructure, and everyday users at risk. Instead of compromising security, CyAN advocates for stronger encryption policies that protect privacy, safeguard data integrity, and ensure a more resilient digital landscape without handing malicious actors an easy entry point.
Read more
CyAN Blog by Fel Gayanilo
CyAN Gen Sec Fel Gayanilo dives into the ever-expanding world of digital scams, where cybercriminals exploit email (phishing), SMS (smishing), and QR codes (quishing) to trick users into handing over sensitive data.
As fraud tactics evolve, so must our defenses. Many scams rely on urgency and deception, preying on human instincts rather than technical vulnerabilities. Fel emphasizes the importance of skepticism, user awareness, and layered security to mitigate these threats.
The best defense? Think before you click—because in today’s cyber landscape, convenience often comes with a hidden cost.
Read more
CyAN Blog by Rupesh Shirke
CyAN explores Dynamic Resilience, a strategy that merges cybersecurity, business agility, and economic security to help organizations navigate digital transformation without increasing risk.
As cyber threats evolve, businesses must move beyond static defenses and embrace flexible security frameworks that adapt in real time. The key lies in balancing innovation with proactive risk management, ensuring security measures scale with technological advancements.
By integrating security into operational agility, organizations can sustain growth, safeguard assets, and maintain resilience in an unpredictable digital landscape.
Read more
CyAN Blog by John Salomon
CyAN Communications and Mentorship Director John Salomon, writing for the CyAN blog, dismantles the argument for encryption backdoors, bluntly stating that they are a fundamentally flawed and dangerous idea.
While governments argue for access in the name of law enforcement, Salomon warns that weakening encryption creates systemic vulnerabilities that cybercriminals and hostile actors will inevitably exploit. He emphasizes that encryption is not just about privacy—it underpins national security, financial stability, and critical infrastructure.
The article makes a clear case: breaking encryption to catch criminals ultimately puts everyone at risk.
Read more
We’re immensely proud to share that Dan Elliott, a highly valued member of our CyAN community and an internationally acclaimed cybersecurity advisor, is a finalist in the 2025 Australian Cyber Awards! 🏆
Dan has been recognized in the Cybersecurity Professional of the Year – Professional and Financial Services category. His nomination is a testament to his dedication to the field, his commitment to collaboration with clients and peers, and his passion for sharing his extensive experience across the sector. Join us in celebrating this well-deserved recognition!
🔗 Read more: Dan Elliott’s LinkedIn Post
On March 18th, Dan will also be speaking at the Australian Information Security Association (AISA) CyberCon Canberra on the topic:
“The Human Element in Cyber Resilience: Lessons from the Intelligence Community”
If you’re in Canberra, you won’t want to miss this insightful session!
🔗 Watch the highlights: Dan Elliott’s LinkedIn Post
At CyAN, we are ALWAYS overjoyed to celebrate our members’ successes and contributions to the cybersecurity community. Congratulations, Dan!
• CyAN APAC: The Geopolitical Impacts of Cyber Threats: From Espionage to Influence keynote by Dan Elliot, March 12, Peoplebank, Sydney
More info
• Trust & Safety Forum at Forum INCYBER Europe (FIC), Lille, France: April 1-2
More info
• GITEX AFRICA, Marrakesh, Morocco: April 14-16
More info
• GITEX ASIA, Singapore (Marina Bay Sands): April 23-25
More info
• GISEC, Dubai World Trade Center, Dubai, UAE: May 6-8
More info
• The Cyber Outstanding Security Performance Awards (Cyber OSPAs), May 8, London, UK
More info
• World AI Technology Expo UAE, Dubai, UAE: May 14-15, 2025
More info
• MaTeCC, Rabat, Morocco: June 7-9, 2025
(The third annual North Africa and beyond cybersecurity event, hosted by CyAN partner organisation École High-Tech.)
More info
Information Security News Latin American Orgs Face 40% More Attacks Than Global Average Dark Reading by Nate NelsonOrganisations in Latin America are experiencing a surge in cyberattacks, facing 40% more incidents than the global average. This alarming trend underscores the unique cybersecurity challenges in the …
Flaw found in stalkerware apps, exposing millions of people. Here’s how to find out if your phone is being spied uponBitdefender by Graham Cluley A significant security flaw discovered in stalkerware apps has exposed millions to potential spying, significantly compromising user privacy. This vulnerability allows …
Ghost Ransomware Targets Orgs in 70+ Countries
Dark Reading by Elizabeth Montalbano
Ghost ransomware continues to pose a significant threat globally, now targeting organisations in over 70 countries. This ransomware variant is particularly insidious due to its ability to encrypt data swiftly and demand ransoms, leading to severe disruptions across multiple sectors. The widespread nature of these attacks highlights the critical need for international cooperation in cybersecurity efforts. Enhanced preventive measures, including robust threat detection systems and regular cybersecurity training, are essential to safeguard against such advanced threats. The global community must prioritise sharing intelligence and best practices to develop more effective defences against ransomware attacks like Ghost.
Read more
SEC Rebrands Cryptocurrency Unit to Focus on Emerging Technologies
Cyberscoop by Derek B. Johnson
The Securities and Exchange Commission (SEC) has rebranded its cryptocurrency oversight unit, now focusing on emerging technologies to better address the evolving landscape of digital finance. This strategic shift aims to enhance the regulatory framework to accommodate new challenges and opportunities presented by blockchain and fintech innovations. By prioritising these areas, the SEC seeks to protect investors from emerging risks without stifling innovation. The rebranding initiative is part of a broader effort to adapt to rapid technological advancements, ensuring that the regulatory approach is proactive rather than reactive, helping maintain market integrity and investor trust in an increasingly digital world.
Read more
Russian Groups Target Signal Messenger in Spy Campaign
Dark Reading by Jai Vijayan
In a revealing development, Russian cyber groups have intensified their espionage efforts by targeting Signal, a widely trusted encrypted messaging app. This campaign aims to compromise secure communications, underscoring the vulnerabilities even in reputedly secure platforms. Such activities highlight the ongoing challenges in safeguarding privacy and information security in the face of state-sponsored cyber operations. The focus on Signal reflects a strategic move by these groups to intercept sensitive communications, demonstrating a significant escalation in cyber espionage tactics. This situation calls for heightened security measures and increased vigilance among users of encrypted services to protect against such sophisticated intrusions.
Read more
Critical Flaws in Mongoose Library Expose MongoDB to Data Thieves, Code Execution
The Register by Connor Jones
Recent findings have unveiled critical vulnerabilities in the Mongoose library, which significantly impact MongoDB databases by exposing them to data theft and unauthorised code execution. These flaws highlight the susceptibility of widely-used database systems to sophisticated cyberattacks, underscoring the necessity for immediate and comprehensive security updates. The potential for attackers to exploit these vulnerabilities poses severe risks to data integrity and system stability, emphasising the importance of rigorous security protocols and regular software audits to identify and mitigate such threats promptly. This incident serves as a crucial reminder for developers and database administrators to stay vigilant and proactive in maintaining the security of their database infrastructures.
Read more
Atlassian Patches Critical Vulnerabilities in Confluence, Crowd
SecurityWeek by Ionut Arghire
Atlassian has recently addressed critical vulnerabilities in its Confluence and Crowd software that posed significant security risks, potentially allowing unauthorised access and data breaches. The vulnerabilities could enable attackers to exploit these platforms, accessing sensitive information or disrupting service operations. Atlassian’s swift response with patches underscores the critical importance of maintaining up-to-date systems to safeguard digital assets. This incident highlights the ongoing need for companies to implement rigorous security measures, conduct regular vulnerability assessments, and ensure that all software components are under continuous scrutiny to prevent exploitation.
Read more
Energy CISO: Agencies Can’t Implement Zero Trust Alone
Cyberscoop by Derek B. Johnson
A prominent Energy sector CISO has highlighted the complexities involved in implementing zero trust security architectures, asserting that agencies cannot achieve this alone. This approach necessitates extensive collaboration across various sectors and disciplines to share expertise, resources, and best practices. The CISO emphasises that zero trust is not just a technical solution but a comprehensive strategy that requires ongoing adjustments and shared responsibilities. Such collaboration is essential for developing a robust framework that effectively addresses the sophisticated and evolving cyber threats facing today’s digital infrastructures.
Read more
UAE: Cyberattacks in Arabic Language on the Rise in Region, Says Top Cybersecurity Official
Khaleej Times by Waheed Abbas
According to a top UAE cybersecurity official, there has been a significant increase in cyberattacks conducted in Arabic across the region. This surge underscores the growing trend of localised cyber threats that exploit regional linguistic and cultural nuances. The official emphasises the need for tailored cybersecurity strategies that are responsive to the unique challenges posed by such targeted attacks. Enhancing capabilities in multilingual cybersecurity operations and developing region-specific defences are crucial for effectively countering these threats and protecting critical information infrastructures in the Middle East.
Read more
ASIO Boss Warns Australian Critical Infrastructure Systems ‘Routinely’ Mapped
itNews by Ry Crozier
The head of ASIO has sounded an alarming warning that Australian critical infrastructures are “routinely” surveyed and mapped by foreign entities, revealing a constant threat to national security across vital sectors like energy, telecommunications, and finance. This systematic surveillance highlights severe vulnerabilities that could be exploited in cyberattacks, potentially crippling Australia’s essential services. The revelation calls for an urgent reassessment of the nation’s cybersecurity strategies to safeguard against such intrusions, emphasising the need for strengthened defences and greater awareness of the tactics used by potential adversaries.
Read more
Tech Investment Firm Insight Partners Discloses Data Breach
Cybersecurity Dive by Rob Wright
Insight Partners, a prominent technology investment firm, recently disclosed a significant data breach, underscoring the persistent cyber threats facing the financial sector. This breach not only exposes sensitive investor data but also calls into question the firm’s data security measures, potentially impacting investor confidence and financial stability. The incident highlights the critical need for enhanced cybersecurity protocols and continuous monitoring within the investment community to protect against sophisticated, evolving threats that target financial assets.
Read more
Tech Investment Firm Insight Partners Discloses Data Breach
Cybersecurity Dive by Rob Wright
Insight Partners, a prominent technology investment firm, recently disclosed a significant data breach, underscoring the persistent cyber threats facing the financial sector. This breach not only exposes sensitive investor data but also calls into question the firm’s data security measures, potentially impacting investor confidence and financial stability. The incident highlights the critical need for enhanced cybersecurity protocols and continuous monitoring within the investment community to protect against sophisticated, evolving threats that target financial assets.
Read more
Australian Children Easily Bypass Social Media Age Limits, eSafety Shows
itNews
A recent investigation by Australia’s eSafety Commissioner has uncovered that children are easily bypassing social media age restrictions, raising significant concerns about their exposure to harmful content and interactions. This loophole in digital age verification systems undermines parental controls and highlights a broader issue of online safety for minors. The findings suggest a pressing need for social media platforms to implement more robust and effective age verification processes to ensure a safer online environment for young users, protecting them from early exposure to inappropriate content.
Read more
North Korea Stealing Cryptocurrency With JavaScript Implant
ISMG Data Breach Today by Prajeet Nair
North Korea’s cyber operatives have escalated their financial warfare tactics by deploying a sophisticated JavaScript implant to steal cryptocurrency. This tactic involves infiltrating cryptocurrency exchanges and individual wallets to siphon funds covertly, leveraging vulnerabilities in web applications. The strategy highlights North Korea’s adeptness in adapting to cybersecurity landscapes to bolster its economic sanctions-stricken regime. This ongoing threat underscores the urgent need for enhanced security measures in the burgeoning cryptocurrency market, urging stakeholders to prioritise advanced defensive technologies and rigorous compliance checks to safeguard assets.
Read more
The 50-Year-Old Law That Could Stop DOGE in Its Tracks—Maybe
Wired by Eric Geller
The legality of cryptocurrencies like DOGE is under threat from a 50-year-old U.S. law that could dramatically alter the landscape of digital currencies. This law, originally enacted to regulate traditional securities, may now apply to cryptocurrencies, raising substantial compliance and operational challenges for crypto entities. The potential enforcement could stymie innovation and hinder the growth of the digital economy, sparking a crucial debate among policymakers, legal experts, and industry stakeholders about the balance between regulation and innovation in the evolving financial technology sector.
Read more
Clinical Trial Database Exposes 1.6M Records to Web
ISMG Data Breach Today by Marianne Kolbasuk McGee
A massive data breach in a clinical trial database has exposed over 1.6 million patient records, revealing a critical vulnerability in the healthcare sector’s data management systems. This breach compromised sensitive health information, including medical histories and personal identifiers, which could have severe consequences for patient privacy and trust in medical research institutions. The incident underscores the urgent need for robust cybersecurity measures in the healthcare industry, emphasising the necessity of implementing more stringent access controls, regular security audits, and comprehensive data encryption to protect patient information from such vulnerabilities.
Read more
Thousands Rescued from Illegal Scam Compounds in Myanmar as Thailand Launches Huge Crackdown
The Guardian by Leila Goldstein
In a pivotal international law enforcement operation, thousands have been rescued from illegal scam operations based in Myanmar, with simultaneous crackdowns in Thailand. These actions shed light on the severe issue of digital exploitation and the global extent of cybercrime, where vulnerable individuals are deceived by fraudulent job offers and coerced into cyber scams. These incidents reveal the urgent need for enhanced international cooperation and stronger cybersecurity measures to address the cross-border nature of digital fraud and human trafficking effectively. Strengthening global legal and security frameworks is crucial to dismantling these networks and ensuring justice.
Read more
Attackers Exploit Palo Alto Zero-Day Authentication Bypass
ISMG Data Breach Today by Mathew J. Schwartz
A newly discovered zero-day vulnerability in Palo Alto’s network security devices is being actively exploited, allowing attackers to bypass authentication protocols. This critical flaw exposes enterprise networks to unauthorised access and potential data theft, highlighting the escalating challenges in securing network infrastructure against sophisticated cyber threats. The rapid identification and disclosure of this exploit underscore the need for constant vigilance and prompt patching practices in the cybersecurity community to mitigate risks and protect sensitive information.
Read more
Warning: Tunnel of Love Leads to Scams
Dark Reading by Kristina Beek
A recent surge in scams originating from so-called “Tunnel of Love” online dating schemes has cybersecurity experts on high alert. These scams, which often start on legitimate dating platforms, lure individuals into fraudulent romantic engagements to extort money. The tactics include catfishing, where scammers use fake profiles to form emotional connections with victims. This trend underscores the importance of cybersecurity awareness in personal interactions online, urging users to verify identities and be skeptical of too-good-to-be-true romantic propositions.
Read more
If You Dread a Microsoft Teams Invite, Just Wait Until It Turns Out to Be a Russian Phish
The Register by Jessica Lyons
In a concerning development, cybercriminals are using fake Microsoft Teams invitations, purportedly from Russian sources, to conduct sophisticated phishing attacks. These scams exploit the platform’s credibility to deceive users into clicking malicious links that compromise their credentials and install malware. This method highlights a disturbing trend of using popular corporate communication tools to facilitate cyber crimes, reflecting a strategic pivot by attackers to exploit trust and routine in daily business operations. Organisations are urged to intensify their email and communication security protocols and educate their staff about the dangers of unsolicited invitations, particularly those mimicking legitimate business tools.
Read more
Musk-Linked Group Offered $5M for Proof of Voter Fraud – And Came Up with Nothing
The Guardian by Brendan Fischer and Emma Steiner
Despite a $5 million bounty offered by a group linked to Elon Musk for proof of voter fraud, recent investigations have come up empty-handed. This lack of evidence highlights the challenges in substantiating claims of electoral misconduct, which often circulate widely on social media and other platforms. The episode serves as a case study in the potential for misinformation to influence public opinion and the importance of critical scrutiny in the evaluation of such claims. As election integrity continues to be a hot-button issue, this scenario underscores the need for transparent and rigorous verification processes to maintain trust in democratic systems.
Read more
Critical PostgreSQL Bug Tied to Zero-Day Attack on US Treasury
The Register by Connor Jones
A zero-day attack on the U.S. Treasury has been linked to a critical vulnerability in PostgreSQL, an open-source database system. This exploit allowed unauthorised data access and manipulation, exposing sensitive governmental financial data. The breach not only raises concerns about the security of critical national infrastructure but also calls into question the adequacy of current cybersecurity measures in protecting such essential systems. The incident has prompted an urgent review of security protocols and the implementation of more robust defense mechanisms to prevent future breaches.
Read more
Salt Typhoon Targeting Old Cisco Vulnerabilities in Fresh Telecom Hacks
SecurityWeek by Ionut Arghire
The Salt Typhoon cyber-attack campaign has been exploiting old vulnerabilities in Cisco equipment to launch sophisticated attacks on global telecom providers. By leveraging these dated security flaws, attackers are gaining unauthorised access to network systems, highlighting significant lapses in patch management and risk assessment in the telecom sector. This series of attacks underscores the critical need for ongoing maintenance, timely updates, and comprehensive security audits to shield essential communications infrastructure from evolving cyber threats.
Read more
2 Charged Over Alleged New IRA Terrorism Activity Linked to Cops’ Spilled Data
The Register by Connor Jones
Two individuals have been charged in relation to terrorist activities linked to the New IRA, following a breach where sensitive police data was exposed. This incident not only compromised law enforcement integrity but also demonstrated the severe risks of data leakage in exacerbating political violence. The breach has heightened concerns about data security within public institutions and the potential for such information to fuel unlawful activities, prompting a call for tighter security measures and more stringent data handling protocols to prevent misuse of sensitive information.
Read more
Chinese Spies Suspected of ‘Moonlighting’ as Tawdry Ransomware Crooks
The Register by Jessica Lyons
Recent intelligence reports indicate that Chinese spies are suspected of engaging in ransomware attacks, ostensibly ‘moonlighting’ to supplement state espionage activities with lucrative cybercrime. These allegations suggest a troubling convergence of state-sponsored espionage and criminal financial gain, raising significant cybersecurity concerns on a global scale. The involvement of state actors in ransomware attacks complicates international cybersecurity dynamics, demanding a reassessment of threat models and a bolstered defensive posture among nations and corporations to address these sophisticated hybrid threats effectively.
Read more
whoAMI Attacks Give Hackers Code Execution on Amazon EC2 Instances
BleepingComputer by Bill Toulas
The discovery of the whoAMI exploit on Amazon’s EC2 service has revealed a critical vulnerability allowing hackers to execute arbitrary code on affected instances. This exploit, by bypassing traditional security measures, grants attackers potentially unfettered access to the cloud-based resources, posing severe risks to data integrity and system functionality. The breach underscores the necessity for continuous vigilance, regular security assessments, and immediate patch implementations in cloud services to protect against such sophisticated threats that compromise user data and undermine trust in cloud infrastructure.
Read more
EU’s Disinformation Code Moves Closer to Becoming DSA Benchmark
TechCrunch by Natasha Lomas
The European Union is taking significant steps to combat the spread of online disinformation by proposing to incorporate its voluntary Disinformation Code directly into the Digital Services Act (DSA). This legislative move aims to impose stricter legal obligations on major tech platforms, requiring them to actively and effectively control the dissemination of false information. By transitioning from a voluntary to a mandatory framework, the EU seeks to strengthen the accountability of digital platforms in maintaining information integrity, ensuring a more resilient digital environment against the pervasive challenge of disinformation.
Read more
Massive IoT Data Breach Exposes 2.7 Billion Records, Including Wi-Fi Passwords
Cyber Security News by Guru Baran
In one of the largest security breaches to date, over 2.7 billion records from numerous IoT devices were compromised, exposing critical data including Wi-Fi passwords and device functionalities. This massive breach not only highlights the vulnerabilities inherent in IoT devices but also underscores the challenges of securing interconnected systems. The exposed data can potentially enable unauthorised access to personal and corporate networks, illustrating the urgent need for robust security protocols and real-time threat monitoring to protect against sophisticated cyber-attacks targeting IoT ecosystems.
Read more
Elon Musk’s DOGE Leaks Classified Govt Information to Entire World, Intel Officers Blame ’25-Year-Old Programmers…’
Hindustan Times by Shweta Kukreti
In a surprising turn of events, Elon Musk’s involvement with the cryptocurrency DOGE has led to unintended leaks of classified government information through blockchain vulnerabilities. This incident has prompted intense scrutiny from intelligence officials who blame the oversight on inexperienced programmers handling sensitive data. The breach raises serious questions about the security measures and regulatory oversight necessary in the rapidly evolving digital currency space, highlighting the risks of combining cutting-edge technology with critical data without stringent security checks.
Read more
Network Security Tool Defects Are Endemic, Eroding Enterprise Defense
Cybersecurity Dive by Matt Kapko
Recent analysis reveals that defects in network security tools are not just common but endemic, posing significant threats to enterprise defences. This troubling trend suggests that the very tools enterprises rely on to protect their digital assets are often themselves vulnerable to exploitation. The situation calls for a heightened focus on the integrity and robustness of cybersecurity products, advocating for rigorous testing, transparent vulnerability disclosures, and continuous updates to stay ahead of attackers who exploit these weaknesses to breach corporate networks.
Read more
The Pangu Team—iOS Jailbreak and Vulnerability Research Giant: A Member of i-SOON’s Exploit-Sharing Network
Natto Thoughts (Substack: Eugenio Benincasa)
The Pangu Team, renowned for their breakthroughs in iOS jailbreaking, is intricately linked with the i-SOON exploit-sharing network, revealing a complex web of interactions between security researchers and the shadowy world of cyber exploit trading. This involvement illustrates how tools designed for security testing can be repurposed into weapons in cyber warfare, challenging the ethical boundaries of cybersecurity practices. The disclosure of such connections calls for a balanced approach in security research, advocating for responsible disclosure and regulatory oversight to prevent misuse of security exploits that could otherwise enhance cyber resilience.
Read more
The Psychological Warfare of Weakening Encryption
PrivID (Substack)
The deliberate weakening of encryption protocols is emerging as a sophisticated form of psychological warfare in cyber operations, aimed at diminishing trust in digital systems and sowing doubt among users about the privacy and security of their online data. This tactic extends beyond technical sabotage, affecting the psychological comfort that encryption provides to users of digital services. The broader implications for privacy rights and national security are profound, necessitating a vigorous defense of strong encryption standards to maintain confidence in digital infrastructure and protect against both cyber threats and manipulative tactics that aim to undermine societal trust.
Read more
Ransomware: The $270 Billion Beast Shaping Cybersecurity—Insights from Cyentia’s Latest Report
Tripwire by Kirsten Doyle
According to a recent report by Cyentia, the global cost of ransomware is projected to reach $270 billion by 2024, signifying its dramatic impact on businesses worldwide. This figure reflects not only the direct costs associated with paying ransoms but also the extensive operational disruptions, loss of customer trust, and long-term reputation damage. The study highlights the increasing sophistication of ransomware attacks and the crucial need for organisations to invest in proactive defense strategies, comprehensive backup solutions, and employee training to mitigate the risk of these costly cyber threats.
Read more
Cybersecurity Pros Are Preparing for a New Adversary: AI Agents
Fortune by Christian Vasquez
The emergence of artificial intelligence as a significant threat in cybersecurity marks a pivotal shift in the digital threat landscape. AI-driven attacks are becoming increasingly sophisticated, capable of learning and adapting to defensive measures, making them especially challenging to detect and neutralise. This new era of cyber threats calls for an urgent reevaluation of current security protocols. Cybersecurity professionals must integrate advanced AI technologies into their defensive strategies, developing systems that not only detect but also predict potential attacks using AI. Emphasising innovation in AI-driven security solutions will be critical to defend against these evolving threats, ensuring that defensive measures are as dynamic and adaptable as the AI agents they are designed to combat.
Read more
The Pacific Needs Greater Cyber Resilience as Malicious Actors Break into Networks
ASPI The Strategist by Blake Johnson, Fitriani and Jocelinn Kang
The strategic importance of cybersecurity in the Pacific region is becoming increasingly apparent as malicious actors target vulnerable network systems. A collaborative effort among nations in the Pacific, supported by policy recommendations from think tanks like ASPI, is crucial for building a robust cyber defense mechanism that can withstand the growing threats. This initiative aims to enhance regional cyber resilience by sharing resources, intelligence, and best practices, fostering a cooperative environment that bolsters security against cyber threats and promotes sustainable digital growth.
Read more
Roundtable: Is DOGE Flouting Cybersecurity for US Data?
Dark Reading by Becky Bracken
A recent roundtable discussion by cybersecurity experts has raised serious concerns about whether the cryptocurrency DOGE is compromising U.S. data security. The debate centres on DOGE’s handling of sensitive information and compliance with cybersecurity norms, which appears increasingly lax or overlooked in the rush to capitalise on the crypto boom. Experts argue that without stringent regulatory oversight and adherence to robust cybersecurity protocols, DOGE could inadvertently expose user data to cyber threats, potentially leading to significant breaches of personal and national security. This roundtable has sparked a broader conversation about the need for enhanced regulatory frameworks for cryptocurrencies to ensure they do not become a liability to national security.
Read more
Open Source AI Models: Perfect Storm for Malicious Code, Vulnerabilities
Dark Reading by Robert Lemos
The proliferation of open source AI models presents a dual-edged sword for cybersecurity. While these models promote innovation and accessibility in technology, they also open doors for malicious use, such as embedding hidden vulnerabilities or malicious code. The widespread availability of powerful AI tools enables cybercriminals to harness advanced technologies to orchestrate attacks with increased precision and stealth. This scenario demands a heightened awareness and proactive approach from cybersecurity communities to rigorously evaluate and secure open source AI projects, ensuring that these tools are used to fortify security defences rather than undermine them.
Read more
4 Ways to Bring Cybersecurity into Your Community
Security Intelligence by Jennifer Gregory
Amidst rising digital threats, the importance of integrating cybersecurity awareness and practices into community settings has never been more crucial. Effective community engagement strategies, such as local workshops, school programs, and public awareness campaigns, can play a pivotal role in building a more informed public capable of recognising and responding to cyber threats. This grassroots approach not only enhances individual resilience but also strengthens the collective security posture of communities, making it harder for cyber threats to penetrate at a local level.
Read more
Highlights from Last Week’s Cybersecurity Research by evisec – CRD #17
CyAN Member and evisec CEO Henry Röigas
Highlights from the latest cybersecurity research sources by evisec:
• There are positive signs from crypto transaction data: ransomware payments are down. “The data shows that even though more ransomware events occurred in H2 2024 (measured by the number of victims listed on leak sites), fewer organizations – less than half – chose to pay.”
• MITRE ATT&CK analysis reveals that, “93% of malicious actions in 2024 leveraged the top ten MITRE ATT&CK techniques. This finding clearly reinforces the need for security teams to prioritize defenses against the most prevalent threats.”
• Old CVEs dominate OT security incidents: “Manufacturing remains the most targeted and compromised industry, accounting for nearly 90% of network-internal exploit attempts observed by the company.” Adding that, “continued reliance on legacy systems in OT networks is a key enabler of these exploitations.”
For more insights, explore the latest Cybersecurity Research Digest.
Read more
The Augmented CISO: How AI is Transforming Cybersecurity Compliance
CyAN Blog by CyAN Member, Gilles Chevillon
Gilles Chevillon expertly explores the transformative impact of AI on the role of Chief Information Security Officers (CISOs). As AI integrates into cybersecurity, it revolutionises compliance frameworks by automating risk assessments and enforcing regulatory standards. Chevillon emphasises the balance CISOs must maintain: leveraging AI to enhance security postures while addressing challenges such as ensuring ethical AI use, maintaining accountability, and preventing biases in automated systems. His analysis stresses the necessity for CISOs to adapt to these technological advancements to stay ahead in cybersecurity management.
Read more
Behind the Posts: How I Identify My Top 10 Cyber Threat Groups Each Week
CyAN Member, Dan Elliott
Dan Elliot offers a comprehensive analysis of the methodologies used to identify and rank the top ten cyber threat groups each week. He delves into the integration of advanced analytics, real-time intelligence, and the strategic gathering of cybercrime data. Elliot highlights how this robust approach aids in understanding the evolving tactics and motivations of threat actors, from state-sponsored units to independent ransomware gangs. The process, underpinned by collaborative international intelligence sharing and cutting-edge technology, is crucial for anticipating and mitigating cyber threats effectively. His insights emphasise the importance of adaptability and proactive defense in cybersecurity strategies.
Read more
Cybersecurity Developments in the Caribbean: Regional Collaboration and Strategic Growth
CyAN Blog by Dale Connell
Dale Connell explores the crucial cybersecurity challenges and advancements within the Caribbean. He discusses the importance of regional collaboration to enhance cyber defences against increasing threats that target key economic sectors. Through policy reforms and capacity building, Connell emphasises the need for a robust framework that supports public-private partnerships and leverages international expertise. His narrative advocates for strategic investments in cybersecurity education and infrastructure to fortify the Caribbean against cyber-attacks and ensure regional digital resilience.
Read more
Navigating the New Digital Landscape: EU’s Bold Move Against Disinformation
Kim Chandler McDonald
Kim Chandler McDonald provides an in-depth analysis of the European Union’s approach to combating disinformation through the Digital Services Act. She evaluates how new regulations aim to enforce stricter content moderation without compromising free speech. McDonald discusses the delicate balance required to manage disinformation while protecting democratic freedoms and the operational challenges tech companies face under these new laws. Her critique highlights the need for transparency and adaptability in policy-making to effectively address the complexities of online misinformation in a rapidly evolving digital environment.
Read more
• CyAN Members Shakil Khan and Prabhat Pathak are speaking on the Cloud DevOps, Security Compliance & Operational Excellence in the Age of AI panel at SaaS.Connect 2025 on February 23 at the PSG Convention Center, Coimbatore, India. They’ll be exploring:
• CyAN Member Edward Farrell, CEO of Mercury Information Security Services, is leading a session on Introduction to Threat Modelling at CyberCon Canberra 2025! This year’s theme, Transform to Evolve, highlights the need for cybersecurity professionals to adapt and innovate in a rapidly changing digital world.
Join Edward and other top cybersecurity leaders shaping Australia’s cyber agenda: Register here.
• We are thrilled to announce the election of the new board members for CyAN! Congratulations to:
• Breaking the Cycle: Combating Online IBSA for a Safer Digital Experience (Webinar) – March 6th (EST 6AM, CET 12PM, AEST 10PM)
Register here
• CyAN APAC: The Geopolitical Impacts of Cyber Threats: From Espionage to Influence
Keynote by Dan Elliot, March 12, Peoplebank, Sydney
Register here
Information Security News Joint Letter on the UK Government’s use of Investigatory Powers Act to attack End-to-End EncryptionGlobal Encryption Coalition by Ryan Polk The Global Encryption Coalition is actively opposing the UK government’s utilisation of the Investigatory Powers Act to erode end-to-end encryption, asserting that …
Information Security News Thai authorities detain four Europeans in ransomware crackdown Cyberscoop by Greg OttoIn a coordinated operation, Thai authorities arrested four European nationals in Phuket, suspected of orchestrating Phobos ransomware attacks. The individuals allegedly extorted approximately $16 million in Bitcoin from over 1,000 victims …
TSA’s Airport Facial-Recog Tech Faces Audit Probe
The Register by Brandon Vigliarolo
The U.S. Transportation Security Administration’s (TSA) facial recognition program is under audit by the Government Accountability Office (GAO) due to concerns over privacy, data security, and potential biases. The audit will assess how biometric data is collected, stored, and shared, and whether passengers can meaningfully opt out. Critics warn of surveillance overreach and hacking risks, while TSA argues the technology improves security and efficiency. The findings could impact future airport screening policies and the broader use of facial recognition in public spaces.
🔗 Read More
XE Group Cybercrime Gang Moves from Credit Card Skimming to Zero-Day Exploits
SecurityWeek by Ryan Naraine
The XE Group, a long-standing cybercrime syndicate, has shifted tactics from credit card skimming to exploiting zero-day vulnerabilities, targeting unpatched software in enterprise environments. Security researchers report that the group is now leveraging undisclosed flaws to gain initial access, escalating their operations to ransomware and espionage. This move highlights a broader trend of financially motivated threat actors abandoning low-level fraud in favour of more lucrative, high-impact cyberattacks. Organisations are urged to prioritise patching, threat intelligence, and zero-trust security models to mitigate risks.
🔗 Read More
1-Click Phishing Campaign Targets High-Profile X Accounts
Dark Reading by Elizabeth Montalbano
A new phishing campaign is compromising high-profile X (formerly Twitter) accounts through a one-click attack, bypassing traditional credential theft methods. Victims, including journalists, celebrities, and corporate brands, are tricked into clicking malicious links that instantly hijack their accounts. Attackers then use these accounts for scams, misinformation, and crypto fraud. Experts warn that multi-factor authentication alone may not prevent this attack, urging users to verify all communications and scrutinise links before clicking, as social media remains a prime battleground for cyber threats.
🔗 Read More
DeepSeek AI Tools Impersonated by Infostealer Malware on PyPI
BleepingComputer by Bill Toulas
Cybercriminals are impersonating DeepSeek AI tools on the Python Package Index (PyPI) to distribute infostealer malware, targeting developers and researchers. These malicious packages, once installed, steal credentials, exfiltrate sensitive data, and install backdoors into infected systems. The attack underscores ongoing software supply chain threats, as open-source repositories remain a prime target for abuse. Security experts recommend verifying maintainers, auditing dependencies, and using automated tools to detect rogue packages before they compromise development environments.
🔗 Read More
Elon Musk’s Doge Team Granted ‘Full Access’ to Federal Payment System
The Guardian by Ed Pilkington
Concerns over centralisation and oversight are mounting after reports revealed that Elon Musk’s Doge team was given full access to the U.S. federal payment system. Critics warn that such consolidation of power could create significant security and accountability risks, particularly with Musk’s history of controversial decision-making. While the move is framed as a step toward efficiency, regulators and lawmakers are now questioning how this level of access was granted and what safeguards, if any, are in place to prevent misuse or vulnerabilities in critical government financial infrastructure.
🔗 Read More
Privacy Commissioner Warns the ‘John Smiths’ of the World Can Acquire ‘Digital Doppelgangers’
The Register by Simon Sherwood
Australia’s Privacy Commissioner has raised alarms about how easily individuals can assume false digital identities using personal data scraped from the internet. With AI-powered fraud techniques evolving, impersonation attacks are becoming more common. Criminals can now create ‘digital doppelgangers’ to bypass authentication measures, defraud businesses, or manipulate online reputation. This warning underscores the need for stronger identity verification standards, better consumer awareness, and policy changes to curb the abuse of publicly available personal data for nefarious purposes.
🔗 Read More
Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware
The Hacker News by Ravie Lakshmanan
A notorious cybercriminal group dubbed ‘Crazy Evil’ is intensifying its attacks on cryptocurrency users, deploying a trifecta of malware—StealC, AMOS, and Angel Drainer. These threats work together to hijack digital wallets, steal credentials, and drain funds from unsuspecting users. The rise of these sophisticated malware strains highlights the increasing risks in the crypto space, where decentralised finance platforms and individual investors remain prime targets. Experts warn that without robust security practices and improved scam awareness, crypto holders will continue to be lucrative prey for cybercriminals.
🔗 Read More
FBI Attacks ‘The Manipulaters’ As Hackers Impact 17 Million Americans
Forbes by Davey Winder
The FBI has launched a major crackdown on a cybercriminal group known as ‘The Manipulaters,’ responsible for breaching sensitive records of 17 million Americans. This operation marks a significant step in tackling large-scale data theft, with the hackers accused of running sophisticated phishing campaigns and credential-stuffing attacks. The FBI’s intervention highlights the growing threat of mass-scale identity fraud and the urgent need for better consumer protection against cybercriminals leveraging automated attack methods to compromise vast amounts of personal data.
🔗 Read More
Gilmore Girls Fans Nabbed as Eurocops Dismantle Two Major Cybercrime Forums
The Register by Connor Jones
European law enforcement has dismantled two major cybercrime forums, leading to multiple arrests—including individuals who oddly identified as Gilmore Girls fans. The sites facilitated data breaches, malware distribution, and stolen data sales, making them prime hubs for cybercriminal activity. This operation highlights the increasing effectiveness of international law enforcement in taking down illicit online marketplaces and reinforces the importance of cross-border collaboration in tackling cyber threats.
🔗 Read More
AI Tools Used for Child Sexual Abuse Images Targeted in Home Office Crackdown
The Guardian by Michael Savage
The UK Home Office is intensifying efforts to combat AI-generated child sexual abuse images, a growing concern in the digital age. Generative AI tools now allow criminals to create illegal material at scale, evading traditional detection methods. The crackdown signals a push for tighter regulation and proactive enforcement to prevent AI from being exploited by predators. With technology evolving faster than legislation, experts warn that more comprehensive frameworks are needed to keep up with the risks AI poses in the wrong hands.
🔗 Read More
Google Says Hackers Abuse Gemini AI to Empower Their Attacks
BleepingComputer by Bill Toulas
Threat actors linked to China and Iran are leveraging Google’s Gemini AI to improve their hacking techniques, generating malicious scripts and refining phishing campaigns. This revelation amplifies concerns about AI being weaponised to enhance cyber threats, raising difficult questions about restricting access to advanced AI models. With cybersecurity experts calling for stronger guardrails, tech companies face growing pressure to develop AI tools that balance innovation with security, preventing them from becoming tools of cyber warfare.
🔗 Read More
A Man Stalked a Professor for Six Years. Then He Used AI Chatbots to Lure Strangers to Her Home
The Guardian by Katie McQue
A man who stalked a professor for six years escalated his harassment by using AI chatbots to impersonate her online and lure strangers to her home. The case illustrates how AI can be weaponised for harassment, fraud, and identity theft, pushing the need for legal protections and AI safeguards. While chatbots offer convenience and efficiency, their potential for abuse remains a serious concern, raising ethical questions about responsibility when AI is misused in harmful ways. Stronger AI governance is needed to prevent similar incidents.
🔗 Read More
DeepSeek Jailbreak Reveals Its Entire System Prompt
Dark Reading by Nate Nelson
A jailbreak of China’s DeepSeek AI has revealed its internal system prompt, exposing operational secrets and potential security gaps. This discovery raises concerns about AI transparency, adversarial exploitation, and the ease with which these models can be manipulated. As governments and companies race to develop more powerful AI, security vulnerabilities like this highlight the risks of inadequate safeguards. The leak also underscores the challenges of maintaining AI integrity, as unauthorised modifications could be used to manipulate outputs for malicious purposes.
🔗 Read More
Bill Requiring Federal Contractors to Have Vulnerability Disclosure Policies Gets House Redo
Cyber Scoop by Matt Bracken
The Strengthening Cybersecurity for the [US] Federal Government Act is back on the table, mandating that all federal contractors implement vulnerability disclosure policies (VDPs). These policies ensure that security flaws are reported and addressed before they can be exploited by attackers. With rising cyber threats targeting government suppliers, lawmakers argue that the bill will close critical security gaps and enforce consistent standards across agencies. The legislation aligns with broader federal efforts to tighten cybersecurity compliance, reducing risks in sectors handling sensitive data and critical infrastructure. If passed, contractors will need to proactively identify and mitigate vulnerabilities to retain government contracts.
🔗 Read More
Even the US Government Can Fall Victim to Cryptojacking
FedScoop by Rebecca Heilweil & Tim Starks
A new report reveals that even US government networks have been compromised by cryptojacking—where hackers hijack computing resources to mine cryptocurrency. These attacks exploit vulnerabilities in cloud infrastructure, slowing operations and increasing costs. The incidents demonstrate how financially motivated cybercriminals are shifting tactics, using low-profile attacks to generate passive income. Experts warn that cryptojacking is an underreported but growing concern, urging organisations to monitor for unusual CPU usage and unauthorised mining scripts.
🔗 Read More
Indian Tech Giant Tata Technologies Hit by Ransomware Attack
BleepingComputer by Bill Toulas
Indian IT giant Tata Technologies was hit by a ransomware attack, disrupting operations across multiple regions. The breach underscores the persistent threat of ransomware to enterprises, particularly those in critical supply chains. Cybercriminals continue to target major corporations with financially motivated extortion schemes, demanding hefty ransoms for decryption keys. This incident reinforces the need for robust incident response plans, improved cybersecurity training, and resilient backup strategies to mitigate operational disruptions and financial losses.
🔗 Read More
Italy Blocks Access to the Chinese AI Application DeepSeek to Protect Users’ Data
SecurityWeek via Associated Press
Citing data protection concerns, Italy has blocked access to China’s DeepSeek AI, joining a growing list of nations scrutinising AI-powered services over potential privacy violations. The decision underscores global apprehension about how AI applications handle and store user data, with fears of mass surveillance and regulatory breaches fueling stricter policies. As AI continues to evolve, more governments are expected to implement preemptive bans and security reviews to protect citizens from opaque AI-driven data collection.
🔗 Read More
US, Dutch Authorities Disrupt Pakistani Hacking Shop Network
SecurityWeek by Ionut Arghire
Authorities in the US and the Netherlands have taken down a Pakistani cybercriminal network involved in hacking and online fraud. The operation marks a significant victory in the fight against transnational cybercrime, demonstrating the importance of intelligence-sharing in dismantling illicit digital operations. With cybercriminal networks operating across borders, these joint efforts are becoming increasingly essential in tackling sophisticated cyber threats that impact governments, businesses, and individuals worldwide.
🔗 Read More
US Healthcare Provider Data Breach Impacts 1 Million Patients
BleepingComputer by Sergiu Gatlan
A major healthcare provider in the US has suffered a data breach affecting over one million patients. The breach exposed sensitive medical records, putting personal and financial information at risk. Healthcare remains a prime target for cybercriminals due to the high value of patient data on the black market. This latest attack underscores the urgent need for stronger cybersecurity measures in the sector, as well as better regulatory enforcement to ensure patient data is properly protected from increasingly sophisticated cyber threats.
🔗 Read More
Once-Secret Treasury Memos Detail Agency Response to SolarWinds Hack
Bloomberg by Jason Leopold
Recently declassified Treasury Department memos reveal internal discussions and responses to the SolarWinds cyberattack, one of the largest espionage campaigns in history. The documents show how officials scrambled to assess the damage and mitigate risks after discovering that Russian hackers had infiltrated multiple federal agencies. The memos highlight gaps in federal cybersecurity preparedness and the challenges of responding to nation-state attacks at scale. This insight into government decision-making underscores the ongoing need for improved threat detection and rapid response frameworks.
🔗 Read More
FDA, CISA Warn About Vulnerabilities in Patient Health Monitors
Cybersecurity Dive by Nick Paul Taylor
The FDA and CISA have issued a joint advisory about security flaws in several widely used patient monitoring devices. These vulnerabilities could allow attackers to access or disrupt medical devices, potentially putting patients’ lives at risk. As healthcare technology becomes increasingly connected, the risk of cyberattacks targeting medical devices grows. The advisory urges manufacturers to address security gaps proactively and stresses the importance of regulatory oversight in ensuring patient safety in an era of digital health transformation.
🔗 Read More
WhatsApp Says It Disrupted Spyware Campaign Aimed at Reporters, Civil Society
CyberScoop by Tim Starks
WhatsApp has disrupted a sophisticated spyware campaign targeting journalists and civil society members, reportedly linked to the Israeli firm Paragon. The attackers used zero-click exploits, meaning victims could be infected without taking any action. This case highlights the ongoing threat of commercial spyware and the risks posed to activists and reporters. While WhatsApp has bolstered its security, the persistence of these attacks underscores the need for broader legislative action against spyware vendors and stronger international cooperation to combat digital surveillance abuses.
🔗 Read More
Cyber Insights 2025: Quantum and the Threat to Encryption
SecurityWeek by Kevin Townsend
Quantum computing is advancing faster than anticipated, posing a serious threat to modern encryption standards. Experts warn that once quantum systems reach a certain threshold, they could break widely used cryptographic protections, exposing sensitive data across industries. Governments and cybersecurity researchers are racing to develop quantum-resistant encryption, but adoption lags behind the technology’s rapid development. Organisations must begin assessing their cryptographic resilience now to avoid a future where quantum-powered cyberattacks render current security frameworks obsolete.
🔗 Read More
What Does It Mean to Build in Security from the Ground Up?
The Register by Larry Peterson
Despite years of warnings, many organisations still treat security as an afterthought, bolting it on at the end rather than integrating it from the start. This reactive approach leaves systems vulnerable and increases costs when security flaws must be patched later. The article explores why businesses continue to prioritise convenience, speed, and usability over cybersecurity and the risks this poses. With increasing cyber threats, regulatory demands, and consumer expectations, companies must shift towards proactive security strategies to build resilient, trustworthy digital ecosystems.
🔗 Read More
5 Risk Factors from Supply Chain Interdependencies in a Complex Cybersecurity Landscape
World Economic Forum by Akhilesh Tuteja
Cybercriminals are increasingly exploiting supply chain vulnerabilities to infiltrate organisations, making third-party risks a major security concern. From compromised software dependencies to unvetted suppliers, businesses are often unaware of weak links in their supply chains. This article breaks down the top five risk factors contributing to supply chain insecurity and offers practical strategies to mitigate them. As cybercriminal tactics grow more sophisticated, companies must implement stronger security assessments, enforce compliance standards, and build resilience into their vendor ecosystems to prevent costly breaches.
🔗 Read More
CISO Stature Gains Traction as Global Cyber Risk Escalates
Cybersecurity Dive by David Jones
Once relegated to back-office IT roles, Chief Information Security Officers (CISOs) are now gaining prominence in boardrooms as cyber threats escalate. The rise in ransomware attacks, regulatory scrutiny, and the increasing financial stakes of breaches have made cybersecurity a core business concern. But with increased influence comes heightened expectations—CISOs must now balance risk management, compliance, and business strategy while justifying security investments to executives. This article explores how the CISO role is evolving, the challenges they face, and what businesses must do to support them in protecting their digital assets.
🔗 Read More
Can AI & the Cyber Trust Mark Rebuild Endpoint Confidence?
Dark Reading by Chris “CT” Thomas
AI-driven cybersecurity solutions are becoming essential in the fight against increasingly complex cyber threats. However, concerns around transparency, reliability, and adversarial manipulation of AI models remain. This analysis examines whether initiatives like the Cyber Trust Mark can provide the assurances needed to rebuild confidence in endpoint security. As cybercriminals experiment with AI-powered attacks, security teams must evaluate whether AI defences can keep up. The piece explores the potential of AI in securing enterprise environments while addressing the challenges of bias, explainability, and resistance to adversarial manipulation.
🔗 Read More
Third-Party Delegation: Striking the Balance Between Risk, Trust, and Control
IT Security Guru by Kirsten Doyle
Delegating access to third parties is essential in modern business operations, but it comes with significant risks. Unauthorised access, poor security hygiene, and lack of oversight can lead to devastating breaches. This article explores how companies can establish strong third-party risk management frameworks to mitigate threats while maintaining operational efficiency. By striking the right balance between trust and control, organisations can ensure secure collaborations without exposing themselves to unnecessary vulnerabilities.
🔗 Read More
State Data Privacy Regulators Are Coming. What Story Will You Tell Them?
Dark Reading by Becky Bracken
As data privacy regulators increase enforcement actions, businesses need to be ready to justify how they collect, store, and use customer data. This article explores the evolving regulatory landscape and the steps companies must take to align with new compliance expectations. Transparency, accountability, and ethical data management are now non-negotiable, with organisations expected to demonstrate responsible data stewardship. The ability to articulate a strong compliance narrative can mean the difference between building consumer trust and facing regulatory penalties. With governments worldwide strengthening privacy laws, companies that fail to prepare risk costly fines, reputational damage, and legal battles.
🔗 Read More
The Hidden Cyber Risks Lurking in Supply Chains: What Every Business Leader Needs to Know
Kim Chandler McDonald
CyAN Global VP Kim Chandler McDonald examines the increasing dangers of AI-driven harassment, including deepfake manipulation, cyberstalking, and automated abuse. Highlighting real-world cases where AI tools have been weaponised, disproportionately targeting women and vulnerable groups, her article calls for urgent regulatory action and proactive industry collaboration to mitigate these risks. Kim stresses that AI developers must embed protective measures from the outset rather than attempting to address harm retroactively.
🔗 Read More
AI Global Everything, Dubai, UAE: February 4-6
🔗 Event Details
Breaking the Cycle: Combating Online IBSA for a Safer Digital Experience Webinar, March 6
(EST 6AM, CET 12PM, AEST 10PM)
🔗 Event Details
CyAN APAC: The Geopolitical Impacts of Cyber Threats: From Espionage to Influence Keynote by Dan Elliot, March 12
Location: Peoplebank, Sydney (Save the date, general release tickets available soon!)
GITEX AFRICA, Marrakesh, Morocco: April 14-16
🔗 Event Details
GITEX ASIA: Singapore (Marina Bay Sands) April 23-25
🔗 Event Details
GISEC: Dubai World Trade Center, Dubai, UAE: May 6-8
🔗 Event Details
The Cyber Outstanding Security Performance Awards (Cyber OSPAs), May 8, London, UK
🔗 Event Details
MaTeCC: Rabat, Morocco, June 7-9, 2025
(The third annual North Africa and beyond cybersecurity event, hosted by CyAN partner organisation École High-Tech.)
🔗 Event Details
Information Security News: US Cyber Agency’s Future Role in Elections Remains Murky Under the Trump Administration Security Week via Associated PressThe role of the US Cybersecurity and Infrastructure Security Agency (CISA) in safeguarding elections is increasingly uncertain under the Trump administration. While CISA played a …