Flux RSS

The FBI wants to hear from gamers who have downloaded Steam titles containing malware

An issue with the Companies House website has put the personal and corporate information of millions at risk

A new law enforcement operation against phishing and ransomware operators led to the takedown of 45,000 malicious IP addresses

Operation Lightning sees international law enforcement partners shut down ‘SocksEscort,’ a major malicious proxy service used by cybercriminals worldwide

If you're in the middle of applying for a planning or zoning permit, there is some unwelcome news: cyber-criminals have found a way to exploit the bureaucratic tedium of the process against you. Read more in my article on the Fortra blog.

PixRevolution Android trojan hijacks Brazil’s PIX payments in real time using accessibility abuse

The critical vulnerability affecting both cloud and self-hosted n8n instances requires no authentication or even n8n account to be exploited

CISA issued urgent directive as attackers exploit Cisco SD-WAN flaw granting admin access to networks

Signal, the encrypted messaging app trusted by security-savvy users around the world, has confirmed that hackers have managed to takeover accounts - with government officials and journalists among those being targeted. Read more in my article on the Hot for Security blog.

The ICO has fined Police Scotland after it shared the entire contents of a victim’s phone with her alleged attacker

The pro-Iran Handala group claims to have wiped 200,000 systems in destructive wiper malware attack on US firm Stryker

A Wikipedia security engineer accidentally wakes a dormant JavaScript worm that hadn't stirred since 2024 - and within minutes, giant woodpecker images are plastered across the internet's favourite encyclopaedia. Meanwhile, a crypto contractor hired to help the US Marshals manage seized digital assets allegedly decides to help himself to $46 million of it - and then brags about it on a recorded Telegram call. Plus: Graham champions Asterix, Trisha discovers the fantasy novels of Robin Hobb, and someone called "Lick" ends up in the nick. All this, and much more, in episode 458 of the "Smashing Security" podcast with cybersecurity veteran Graham Cluley, and special guest Tricia Howard.

French small and medium businesses remained the organizations most targeted by ransomware in 2025

Infosecurity Europe 2026 reveals its keynote line-up, featuring Jason Fox, Shlomo Kramer, Cynthia Kaiser and more, with sessions on AI, cloud security and post quantum threats

LeakyLooker flaws in Google Looker Studio let attackers run cross-tenant SQL attacks on cloud data

Over 250 legitimate websites, including news outlets and a US Senate candidate’s official webpage, been compromised to infect visitors with infostealers, warn Rapid7 researchers

BlackSanta malware targets HR staff with fake resumes, kills EDR and steals system data

Palo Alto Networks’ Unit 42 has developed a successful attack to bypass safety guardrails in popular generative AI tools

Check Point data shows attack volumes are growing much faster in the UK than worldwide

March Patch Tuesday sees Microsoft release updates for 79 flaws