Author: Admin

Agentic AI and AI tools that connect to each other without human oversight pose increasing security risks according to experts at Infosecurity Europe. Agentic AI, or AI agents, operate with a high degree of autonomy. An agentic system might choose the AI model it uses, pass data or results to another AI tool, or even take a decision without human approval. Agentic AI systems operate at a quicker pace than earlier-generation systems based on large…

A widespread phishing campaign spoofing Booking.com has been observed targeting the hospitality industry with malicious emails that trick recipients into downloading malware, according to researchers at Cofense Intelligence. These attacks use a deceptive CAPTCHA system known as ClickFix, which coaxes victims into running malicious scripts on their Windows devices. Malware Surge Tied to Booking.com Spoofs Active since November 2024, the campaign peaked in March 2025, accounting for 47% of its total activity. Emails impersonating Booking.com were…

The recent cyber-attacks on UK retail companies, such as Marks & Spencer, Co-op and Harrods, are a “wake-up call” for the retail sector and beyond, according to Sunil Patel, Information Security Officer at British fashion brand River Island. Speaking at Infosecurity Europe 2025 on June 3, Patel said the techniques used by the threat group linked to the hacks, Scattered Spider, were “elegant and subtle, but not as complicated as we imagine.” “A combination of social engineering – potential…

A large-scale operation planting malicious code in open-source projects on GitHub has been uncovered by cybersecurity researchers. The scheme, centered on a developer using the alias ischhfd83, involves over 130 backdoored repositories disguised as malware tools or game cheats. A Booby-Trapped Malware Toolkit The investigation began when a Sophos customer queried the safety of a GitHub-hosted project called Sakura RAT. While the tool itself appeared broken, researchers found it contained a hidden backdoor, targeted not…

ISO 27001 Controls – A guide to implementing and auditing Bridget Kenyon is the CISO (chief information security officer) for SSCL. She’s also been on the ISO editing team for ISMS (information security management system) standards since 2006, and has served as lead editor for ISO/IEC 27001:2022 and ISO/IEC 27014:2020.   Bridget is also a member of the UK Advisory Council for (ISC)2, and a Fellow of the Chartered Institute of Information Security.  She’s also been a PCI DSS QSA…