Infosecurity Magazine
@InfosecurityMag
Followers
242K
Following
3K
Media
13K
Statuses
70K
The only magazine dedicated to the strategy and technology of information security, delivering critical business and technical information for IT professionals.
London and New York
Joined April 2009
At the Infosecurity Magazine Enterprise Risk Virtual Summit on Nov 12, join our panel of experts for an inside look at the real risks behind AI adoption 🎟️ Register free: https://t.co/Lbn5FK2JoL 🎙️Gisela Hinojosa, veteran pentester and Research Lead at Cobalt
1
5
6
Many organizations are inadvertently creating critical security vulnerabilities by misconfiguring their SaaS environments, especially with the rise of agentic AI Read @salesforce's article on how to close the gap between InfoSec and SaaS platforms: https://t.co/98b3udhZ9V
0
0
1
NCSC Plugs Gap in Cyber-Deception Guidance
infosecurity-magazine.com
The National Cyber Security Centre has released new learnings from a cyber deception pilot
0
0
0
Hired to Hack: Protecting Your Business from Remote Recruitment Scams
infosecurity-magazine.com
Remote hiring brings global talent and hidden risks. Learn how fake identities and covert operatives infiltrate companies, and what HR and security teams can do to prevent financial and legal fallout
0
0
2
ICO Fines LastPass £1.2m After 2022 Breach
infosecurity-magazine.com
The UK’s data protection regulator has fined password manager provider LastPass £1.2m after 2022 data breach
0
0
1
South Korean Police Raid Coupang Over Data Breach as CEO Resigns
infosecurity-magazine.com
The Coupang South Korean unit's response will be spearheaded by an executive based in the US
0
1
1
OpenAI Enhances Defensive Models to Mitigate Cyber-Threats
infosecurity-magazine.com
OpenAI has reported a surge in performance as GPT-5.1-Codex-Max reaching 76% in capability assessments, and warned of upcoming cyber-risks
0
0
0
Malware Discovered in 19 Visual Studio Code Extensions
infosecurity-magazine.com
A new campaign involving 19 malicious Visual Studio Code extensions used a legitimate npm package to embed malware in dependency folders
0
5
4
Scam-Busting FCA Firm Checker Tool Given Cautious Welcome
infosecurity-magazine.com
Experts say a new Firm Checker tool from the FCA won’t move the dial on fraud but is a step in the right direction
0
2
0
Google Releases Critical Chrome Security Update to Address Three Zero-Days
infosecurity-magazine.com
Google has released a Chrome security update to fix three zero-day vulnerabilities, including a high-severity flaw with an active exploit
0
3
4
“Cyber Tax” Warning as Two-Fifths of SMBs Raise Prices After Breach
infosecurity-magazine.com
New ITRC research finds 81% of US small businesses suffered a data or security breach in the past year
1
1
4
Almost 60% of organizations admit having “critical or significant” skills shortages, up from 44% in 2024, a new report from @ISC2 has revealed. Read the full story here: https://t.co/DaVs01J1fw
1
0
2
ClickFix Social Engineering Sparks Rise of CastleLoader Attacks
infosecurity-magazine.com
A new malware campaign has been identified using a Python-based delivery system to deploy CastleLoader malware
0
1
3
Pro-Russia Hackers Target US Critical Infrastructure in New Wave
infosecurity-magazine.com
Pro-Russia hacktivist groups have been observed exploiting exposed virtual network computing connections to breach OT systems
0
2
3
With NIS2 expanding its scope and tightening cybersecurity requirements, many organisations are now facing far more rigorous expectations around risk management. @specopssoftware’s latest article breaks down how organisations can lay the groundwork for long-term, proactive cyber
0
0
1
Google Fixes Zero Click Gemini Enterprise Flaw That Exposed Corporate Data
infosecurity-magazine.com
The flaw, dubbed ‘GeminiJack,’ exploits the trust boundary between user-controlled content in data sources and the AI model’s instruction processing
0
1
2
Log4Shell Downloaded 40 Million Times in 2025
infosecurity-magazine.com
Sonatype has claimed that 13% of Log4j versions downloaded this year were vulnerable to the legacy critical Log4Shell bug
0
1
4
Microsoft Fixes Three Zero-Days in Final Patch Tuesday of 2025
infosecurity-magazine.com
December’s Patch Tuesday sees the release of patches for over 50 CVEs including three zero-days
0
1
3
React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics
infosecurity-magazine.com
Sysdig has found sophisticated malicious campaigns exploiting React2Shell that delivered EtherRAT and suggested North Korean hackers’ involvement
0
2
3
Malicious VS Code Extensions Deploy Advanced Infostealer
infosecurity-magazine.com
Two malicious Visual Studio Code extensions, Bitcoin Black and Codo AI, have been observed harvesting sensitive user data
0
0
0
DeadLock Ransomware Uses BYOVD to Evade Security Measures
infosecurity-magazine.com
Cisco Talos has detected new tactics from a financially motivated actor using DeadLock ransomware
0
1
3