The National Cyber Security Centre has issued an alert to critical national infrastructure providers, urging them to act now to protect against “severe” cyber threats.

The alert comes following coordinated cyber-attacks which targeted Poland’s energy infrastructure with malware in December.

Jonathon Ellison OBE has urged CNI operators that they must act now to ensure they can respond to any similar campaigns targeting the UK.

“Cyber-attacks disrupting everyday essential services may sound far-fetched, but we know it’s not,” he said.

https://www.infosecurity-magazine.com/news/ncsc-warning-severe-cyberattacks/

#cybersecurity

Analysis by Symantec and Carbon Black Threat Hunter Team has concluded that the cybercriminals behind PureRAT are using AI tools to write scripts and code. One of the reasons for this conclusion is that sections of the code powering PureRAT contain emojis.

“Many AIs have a tendency to insert emojis in code comments because they’ve been trained using data from social platforms such as Reddit,” researchers said.

(Write-up by me for Infosecurity Magazine)

https://www.infosecurity-magazine.com/news/emojis-in-purerats-code/

#cybersecurity #malware

So, about VoidLink, the sophisticated Linux malware which came to light last week. Researchers have spent more time examining it and they've concluded that rather than being developed by a crack team of cyber criminals... it was developed largely by AI.

(Helped along with prompts from one person.)

"VoidLink demonstrates that the long-awaited era of sophisticated AI-generated malware has likely begun,” said the Check Point Software Research.

“In the hands of individual experienced threat actors or malware developers, AI can build sophisticated, stealthy and stable malware frameworks that resemble those created by sophisticated and experienced threat groups.”

Write-up by me for Infosecurity Magazine.

(I only had to self-edit myself twice after I typed VoidLink as Voidsent - a type of monster from Final Fantasy XIV...)

https://www.infosecurity-magazine.com/news/voidlink-linux-malware-built-using/

#cybersecurity

Are cybercriminals shifting towards cutting out the middle-man in ransomware attacks? That is, why bother encrypting a whole network when you can just steal the data and demand payment from that alone?

An increasing number of cybercriminals are relying on data theft alone to extort ransom payments out of victims, a new research paper by Symantec has warned.

Analysis of data leak sites suggests that there were almost 1500 incidents that relied on data theft alone for extortion attacks in 2025. The figure for 2024 was only 28.

“While attacks involving encrypting ransomware remain as prevalent as ever and still pose a threat, the advent of new types of encryptionless attacks adds another degree of risk."

https://www.infosecurity-magazine.com/news/hackers-shun-encryption-in-favour/

#cybersecurity

The Microsoft Digital Crimes Unit has just announced the take down and seizure of infrastructure used by RedVDS, which has been used to conduct phishing and BEC attacks which have cost victims millions.

One thing I find particularly interesting about this announcement is how Microsoft praises the victims of some of these campaigns for coming forward: therefore helping the investigation and disruption of the cybercriminal infrastructure.

“Their cooperation made this action possible and will help protect future victims. Falling victim to a scam should never carry stigma... Every report helps dismantle networks like RedVDS and brings us closer to stopping cybercrime at scale."

Some of the most well-received features I've ever written have been interviews with CISOs at organisations which have fallen victim to cybercrime. I understand why people don't want to talk about it: but talking about those lessons learns can really help others!

#cybersecurity

https://www.infosecurity-magazine.com/news/criminal-subscription-service/

A quick one from me on what Trellix describes as surge in browser-in-the-browser attacks to steal Facebook passwords.

No, I'm not quite sure why one of the phishing lures claims that YOU have infringed copyright by sharing the music of *checks paper* Lewis Capaldi either.

https://www.infosecurity-magazine.com/news/phishing-scams-exploit-browser/

#cybersecurity

Phishing attacks and cyber fraud have overtaken ransomware as the top cybersecurity concern of business leaders, according to the World Economic Forum’s Global Cybersecurity Outlook for 2026. 👀

“As cyber risks become more interconnected and consequential, cyber-enabled fraud has emerged as one of the most disruptive forces in the digital economy, undermining trust, distorting markets and directly affecting people’s lives,” said Jeremy Jurgens, managing director, World Economic Forum.

(Write-up by me)

https://www.infosecurity-magazine.com/news/fraud-overtakes-ransomware-as-top/

#cybersecurity

A surge in phishing attacks which exploit email routing settings and misconfigured domain spoofing protections to spoof domains and make malicious emails appear as if they were sent from within the organization are targeting Microsoft 365 accounts.

Microsoft Threat Intelligence has warned that the attacks are themed around phoney messages from HR departments and IT security teams and are being deployed in attempts to steal login credentials.

While the attack vector isn’t new, Microsoft said there’s been a significant rise in attacks deploying these techniques since May 2025 and they’re commonly used in conjunction with phishing-as-a-service kits like Typhoon2FA.

(By me for Infosecurity Mag)

https://www.infosecurity-magazine.com/news/phishing-exploits-misconfigured/

#cybersecurity #phishing

The rising use of generative AI tools like LLMs in the workplace is increasing the risk of cyber-security violations as organizations struggle to keep tabs on how employees are using them - especially if they're using their personal accounts. (By me)

https://www.infosecurity-magazine.com/news/personal-llm-accounts-drive-shadow/

#cybersecurity #AI