Flux RSS

Credential theft soared in the second half of 2025, thanks in part to the industrialization of infostealer malware and AI-enabled social engineering.

When technical expertise meets clear communication, cybersecurity teams thrive. Learn how to foster trust and collaboration across diverse working groups.

Ransomware actors are ditching Cobalt Strike in favor of native Windows tools, as payment rates hit record lows and data theft surges.

In an unsuccessful phishing attack, threat actors leveraged trusted brands and domains to try to redirect a C-suite executive at Outpost24 to give up his credentials.

In a recent attack, the group showcased stealthier cross-network activity, thanks to its use of a new BYOVD technique and other tools.

Researchers uncovered an extensive cyber espionage campaign that used novel backdoors and familiar evasion techniques to maintain persistent access to regional targets.

Dozens of updated, malicious GlassWorm extensions have infested Open VSX, threatening software development supply chains.

Discover how Franz Regul, former CISO for the Paris 2024 Olympics, tackled unique cybersecurity challenges to protect the Games from evolving threats.

A social engineering campaign impersonating PayPal and Amazon uses customer support interactions to acquire sensitive info.

The excitement around Cisco's latest SD-WAN bugs has inspired some light fraud, misunderstandings, and overlooked potential hazards.

Threat actors target nonprofits due to security gaps and highly coveted information, but a lack of sufficient data makes it difficult to grasp the entire picture.

Extract from the CSSF Newsletter No 302 – March 2026

To consolidate all of our security intelligence and news in one location, we have migrated Naked Security to the Sophos News platform. Categories: Naked Security

It took six months for notifications to start, and we still don't know exactly what went down... but here's our advice on what to do. Categories: Naked Security Tags: data breach, MDR, Mom's Meals, PurFoods, ransomre, Ransomware

Latest episode - listen now! Full transcript inside... Categories: Naked Security Tags: cybercrime, hacking, IoT, TP-LINK, WinRAR

Imagine if you clicked on a harmless-looking image, but an unknown application fired up instead... Categories: Naked Security

Cryptography isn't just about secrecy. You need to take care of authenticity (no imposters!) and integrity (no tampering!) as well. Categories: Naked Security Tags: cryptography, Tapo, TP-LINK

WYSIWYG is short for "what you see is what you get". Except when it isn't... Categories: Naked Security Tags: Airplane Mode, data leakage, iPhone, WYSIWYG

Celebrating the true crypto bros. Listen now (full transcript available). Categories: Naked Security Tags: cybercrime, hacking, scams

Apps on your iPhone must come from the App Store. Except when they don't... we explain what to look out for. Categories: Naked Security Tags: FBI, MDM, pig butchering, romance scam, SCAM, TestFlight