Category: Privacy/Governance Feed

The FBI has detected indicators of malware targeting end-of-life routers associated with Anyproxy and 5Socks proxy services – Read More  –  

PowerSchool said its customers had been hit by new extortion demands using data stolen in a previous attack, despite attacker claims the data had been deleted – Read More  –  

Cyber incidents targeting OT in US critical infrastructure have prompted renewed federal action – Read More  –  

New LOSTKEYS malware has been identified and linked to COLDRIVER by GTIG, stealing files and system data in targeted attacks – Read More  –  

The data dump will likely shed light on LockBit’s recent activity and help law enforcement trace cryptocurrency transactions – Read More  –  

DigiCert survey finds only 5% of global businesses are using post-quantum cryptography – Read More  –  

The UK government is set to prioritize increasing the number of UK organizations who are Cyber Essentials certified over the coming year – Read More  –  

The UK government unveiled two new assessment schemes to boost confidence in the security of products and services during CYBERUK – Read More  –  

Researchers spot in-the-wild exploits of Samsung MagicInfo despite recent patch – Read More  –  

Organizations can start defending against deepfakes now, before efficient detectors are available – Read More  –  

Security researchers at Aon have discovered a threat actor who bypassed SentinelOne EDR protection to deploy Babuk ransomware – Read More  –  

Inferno Drainer returns, stealing millions from crypto wallets through phishing on Discord – Read More  –  

NCSC CEO Richard Horne said the cyber agency has managed twice as many nationally significant cyber incidents in the period from September 2024 to May 2025 – Read More  –  

A prolific DDoS-for-hire network has been dismantled by Polish authorities as part of a coordinated international crackdown – Read More  –  

The UK government has announced that it will be replace its current SMS verification system with passkeys by the end of 2025 – Read More  –  

The Israeli spyware maker must pay $444,719 in compensatory damages to Meta and $167.25m in punitive damages – Read More  –  

UK government minister Pat McFadden said during CYBERUK that the incidents affecting M&S, Co-op and Harrods show that cybersecurity is a necessity – Read More  –  

Marsh says ransomware drove cyber insurance claims to second highest on record in 2024 – Read More  –  

Half of UK firms have over 10 cyber positions unfilled, according to Cisco – Read More  –  

The Alvin Independent School District in Texas has notified over 47,000 individuals affected by a data breach exposing sensitive personal information – Read More  –  

Global smishing campaigns linked to Chinese cybercriminals escalate with Smishing Triad’s new tools and techniques – Read More  –  

Individuals allegedly linked to the DragonForce cybercriminal syndicate have claimed the attack on the three UK retailers – Read More  –  

Prolific PhaaS operation Darcula uses Magic Cat software to steal over 800,000 cards in a seven-month period – Read More  –  

The National Cyber Security Centre has published advice for retailers while the Co-op admits customer data was stolen – Read More  –  

Ireland’s data protection watchdog accuses the Chinese social media giant of violating GDPR with transfers of European users’ data to China – Read More  –  

Comparitech observed a significant decline in ransomware attacks in April, partly as a result of the RansomHub gang “going dark” – Read More  –  

The US Cybersecurity and Infrastructure Security Agency has added two flaws affecting SonicWall products to its catalog of Known Exploited Vulnerabilities – Read More  –  

NSC’s Alexei Bulazel said that failing to robustly respond to constant Chinese intrusions into critical infrastructure is in itself “escalatory” – Read More  –  

FIDO Alliance found an uptick in awareness and takeup of passkeys as an alternative method to passwords – Read More  –  

UK retailers including Harrods, M&S, and the Co-op are under a surge of cyber-attacks that may be linked by a common supplier or shared technological vulnerability – Read More  –  

Anthropic has found its Claude chatbot is being used for automated political messaging, enabling AI-driven influence campaigns – Read More  –  

Concerned about the fate of sensitive genetic information, the ICO and OPC have demanded that 23andMe prioritize customer data protection throughout its bankruptcy process – Read More  –  

A large-scale phishing campaign using DarkWatchman and Sheriff malware has been observed targeting companies in Russia and Ukraine – Read More  –  

Bitdefender highlighted the growing use of subscription scams, in which victims are lured by adverts into recurring payments for fake products – Read More  –  

Alongside its new Meta AI app, Facebook’s parent company launched several new products to help secure open-source AI applications – Read More  –  

The ICO has decided not to fine the British Library for a 2023 ransomware breach – Read More  –  

The FBI has released details of 42,000 phishing domains associated with the LabHost operation, in order to help the security community – Read More  –  

The impact of the advancement in quantum computing on cybersecurity will be a key focus at this year’s Infosecurity Europe event – Read More  –  

RansomHub refines extortion strategy amid RaaS market fractures, expanding affiliate recruitment – Read More  –  

Microsoft has announced plans to expand cloud and AI infrastructure in the EU, increasing data center capacity by 40% by 2027 – Read More  –  

The Co-op stores, quick commerce operations and funeral homes are trading as usual – Read More  –  

Kristi Noem said the Trump administration is introducing reforms to ensure CISA is focusing on the core security functions it was created for – Read More  –  

The legislation mandates a probe into foreign-made routers to identify risks for US national security – Read More  –  

JPMorgan’s CISO has argued that SaaS apps represent a growing risk to businesses, “quietly enabling cyber attackers” – Read More  –  

The French government has criticized Russia’s APT28 group for attacking 12 entities in a long-running espionage campaign – Read More  –  

New WordPress malware disguised as a plugin gives attackers persistent access and injects malicious code enabling administrative control – Read More  –  

A new ransomware campaign is automating LockBit deployment via the Phorpiex botnet, according to Cybereason – Read More  –  

Administrators of a Telegram channel named CoderSharp have been advertising Gremlin Stealer since March 2025 – Read More  –  

Dvuln researchers highlighted the growing impact of infostealers on the cybercrime landscape, enabling attackers to bypass traditional defenses – Read More  –  

Google claims 19% more zero-day bugs were exploited in 2024 than 2022 as threat actors focus on security products – Read More  –