Infosecurity Magazine

Fake AI Assistants in Google Chrome Web Store Steal Passwords and Spy on Emails

Hundreds of thousands of users have downloaded malicious AI extensions masquerading as ChatGPT, Gemini, Grok and others, warn ...
Infosecurity Magazine

Munich Security Conference: Cyber Threats Lead G7 Risk Index, Disinformation Ranks Third

G7 countries ranked cyber-attacks as the top risk, while BICS members placed cyber threats only as the eighth most pressing ...
Infosecurity Magazine

NCSC Issues Warning Over “Severe” Cyber-Attacks Targeting Critical National Infrastructure

The National Cyber Security Centre (NCSC) has issued an alert to critical national infrastructure (CNI) providers, urging ...
Infosecurity Magazine

World Leaks Ransomware Group Adds Stealthy, Custom Malware ‘RustyRocket’ to Attacks

Accenture Cybersecurity warns over difficult to detect, “sophisticated toolset” being deployed as part of extortion campaigns ...
Infosecurity Magazine

New Zero-Click Flaw in Claude Desktop Extensions, Anthropic Declines Fix

Security researchers from LayerX identified a new flaw in 50 Claude Desktop Extensions that could lead to unauthorized remote ...
Infosecurity Magazine

New Mobile Spyware ZeroDayRAT Targets Android and iOS

A new mobile spyware operation known as ZeroDayRAT has been documented targeting both Android and iOS devices. The ...
Infosecurity Magazine

Researchers Find 40,000+ Exposed OpenClaw Instances

Widespread misconfiguration of popular AI assistant OpenClaw means many instances are exposed to the public-facing internet, ...
Infosecurity Magazine

Time to Exploit Plummets as N-Day Flaws Dominate

The time between vulnerability disclosure and exploitation has plunged 94% over the past five years as threat actors weaponize so-called “n-days,” according to a new Flashpoint study.
Infosecurity Magazine

Microsoft Fixes Six Zero Day Vulnerability in February Patch Tuesday

CVE-2026-21525 is a denial-of-service vulnerability affecting the Windows Remote Access Connection Manager. “Exploitation is local, requires no privileges, and does not rely on user interaction,” ...
Infosecurity Magazine

Social Media Platforms Earn Billions from Scam Ads

“Scam ads erode trust among social media users through advertising fake products with attractive deals or investment ...
Infosecurity Magazine

Malicious Commands in GitHub Codespaces Enable RCE

A set of attack vectors in GitHub Codespaces have been uncovered that enable remote code execution (RCE) by opening a ...