ESET researchers have discovered two as-yet undocumented Windows variants of SprySOCKS, a previously Linux-only backdoor reportedly used by FishMonger, the group believed to be operated by a Chinese contractor named I‑SOON. While we initially discovered the malware samples on VirusTotal,… Read More "FishMonger’s arsenal upgraded: SprySOCKS for Windows"
Threat actors are delivering malware from phishing pages hosted on legitimate ChatGPT domains, Push Security has warned. The vendor claimed that hackers are abusing ChatGPT’s code-rendering feature to build pages spoofing the brand. These redirect victims to a fake download page… Read More "Attackers Abuse Shared Content for ChatGPT Phishing Campaign"
A Russian state-linked worm has been observed hiding its components inside a little-used Windows file feature, allowing it to spread across Ukrainian networks while leaving almost no trace on infected machines. According to new analysis from Sekoia, the worm is… Read More "FSB Group Gamaredon Hides Worm in Windows Data Streams"
The SEG players it ranked itself against this year includes Mimecast, Proofpoint, Hornetsecurity, Trend Micro, Iron Port (Cisco), Barracuda, and FireEye (Trellix); ICES companies include Abnormal, Checkpoint Harmony, Cisco, DarkTrace, KnowBe4 Defend, Tessian, and Trend Micro. Redmond reported that Defender… Read More "Microsoft says you don’t need another email security tool; experts say, not so fast"
Offerings of fully autonomous security operations centers (SOCs) are flourishing on the cybersecurity market and trigger anxiety about a future with empty desks. In reality, however, top security vendors exhibiting at Infosecurity Europe 2026 actually agree on one thing: AI… Read More "AI SOCs Will Still Need SOC Analysts, Security Vendors Say"
Cyber-attacks can have a significant impact on the most critical services which society relies on, and it is vital cybersecurity teams are prepared to respond when it happens. In Spring 2025, UK retailers Co-op and Marks & Spencer were both… Read More "Infosecurity Europe: Tabletop to Test Response to Major Cyber-Attack"
A critical flaw in the open-source AI platform Flowise has been disclosed, along with working proof-of-concept (PoC) code, allowing an attacker to take over a server when a logged-in user simply imports a malicious workflow file. According to new analysis… Read More "Critical Flowise Flaw Gives Attackers Full Server Control"
President Trump on Friday signed National Security Presidential Memorandum-12 (NSPM-12) to bolster the cybersecurity of National Security Systems (NSS). NSS includes the most sensitive computer systems in the US, used for the processing of classified information and for military and… Read More "White House Issues Memo to Bolster NSS Cybersecurity"
A malicious npm dependency linked to an AI-assisted code commit has been found stealing sensitive data and exposing crypto wallets. According to researchers at ReversingLabs, the package, disguised as a validation tool, enabled attackers to exfiltrate secrets from infected environments… Read More "Malicious npm Dependency Linked to AI Assisted Commit Targets Crypto W"
California Water Service (Cal Water) is investigating recent hacking claims by the Iran-linked threat actor Handala, which published several gigabytes of data it allegedly stole from the utility’s systems. Cal Water, one of the largest investor-owned water utilities in the… Read More "Cal Water Investigating Iranian Hackers’ Claims"
