Infosecurity Magazine

Google API Keys Quietly Gain Access to Gemini on Android Devices

A flaw in Google's API key system has reportedly exposed mobile applications to unintended access to its Gemini AI platform.
Infosecurity Magazine

Anthropic Launches Project Glasswing to Use AI to Find and Fix Critical Software Vulnerabilities

Anthropic launches Project Glasswing, using its Claude Mythos Preview AI to autonomously identify and fix undiscovered ...
Infosecurity Magazine

US Thwarts DNS Hijacking Network Controlled by Russian APT28 Hackers

The FBI deployed a method to unplug US-based routers compromised by APT28 from the threat actor’s malicious network ...
Infosecurity Magazine

Critical Vulnerability in Ninja Forms Exposes WordPress Sites

A critical arbitrary file upload vulnerability in Ninja Forms – File Upload Plugin has been identified, exposing thousands of ...
Infosecurity Magazine

Claude Discovers Apache ActiveMQ Bug Hidden for 13 Years

Horizon3.ai chief architect, Naveen Sunkavally, explained in a blog post, published on April 7, that remote code execution ...
Infosecurity Magazine

Iran‑Backed Threat Actors Hit US CNI Providers via Internet‑Facing OT Assets

A Cybersecurity and Infrastructure Security Agency (CISA) advisory on April 7 said the threat actors were targeting ...
Infosecurity Magazine

Russian APT28 Hackers Hijack Routers to Steal Credentials, UK Security Agency Warns

Newly identified malicious campaigns are linked to virtual private servers modified by APT28 to operate as malicious DNS ...
Infosecurity Magazine

GPU Rowhammer Attack Enables Privilege Escalation and Full System Compromise

A new GPU-based Rowhammer attack capable of escalating privileges to a full system compromise has been demonstrated by ...
Infosecurity Magazine

Storm-1175 Exploits Flaws in High-Velocity Medusa Attacks

A prolific cybercrime group has been weaponizing n-day and zero-day exploits in high-tempo Medusa ransomware attacks over the ...
Infosecurity Magazine

Fortinet Releases Emergency Patch After FortiClient EMS Bug Is Exploited

Fortinet customers have been urged to update their FortiClient Enterprise Management Server (EMS) products after the vendor ...
Infosecurity Magazine

How Security Leaders Can Safeguard Against Vibe Coding Security Risks

Infosecurity outlines key recommendations for CISOs and security teams to implement safeguards for AI-assisted coding ...
Infosecurity Magazine

Hackers Hijack Axios npm Package to Spread RATs

Threat actors hijacked the popular npm package axios to spread RAT malware after compromising an open‑source maintainer’s ...