Main Menu
Cyber Security
Ni8mare Vulnerability Threatens N8N Workflow Automation Platform
OwnCloud Urges Users to Implement Multi-factor Authentication for Enhanced Security
Navigating the Challenges of Fileless Malware in Cybersecurity
Microsoft Acknowledges Issues With Outlook Encryption Feature
Stalkerware Vendor’s Guilty Plea: A Rare Legal Victory in Consumer Spyware Prosecution
The Influence of Security Advice and Accountability in Cybersecurity
Chrome Extensions Masquerading as AITOPIA Pose Risk
Microsoft Alters Exchange Online User Email Limitations After Customer Pushback
European Space Agency Confronts Repeated Data Breaches with Legal Action
Generative AI Elevates Active Directory Password Attacks
Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
CISA Expands Catalog to Include New Vulnerabilities Exploited by Ransomware Groups
Kimwolf Botnet: A New Threat to Millions of Android Devices
Ledger Breach Due to Global-e Attack Compromises Customer Data
Russia-Aligned Threat Actor UAC-0184 Utilizes Viber to Target Ukrainian Military and Government
Sedgwick Breach Raises Concerns Over Security of Government Data Transfers
Brightspeed Experiences Large-Scale Data Breach Claimed by Crimson Collective
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
AI Agents Emerge as a Significant Challenge for Cybersecurity by 2026
Trump Orders Emcore to Divest Chip Manufacturing Assets
France Probes AI-Generated Sexual Deepfakes Targeting Women and Teens
Adobe ColdFusion Cyberattacks Surge During Holiday Period
British Security Researcher Earns Australia’s Prestigious Visa for Vulnerability Discovery
Ongoing Cryptocurrency Thefts Linked to 2022 LastPass Breach
Netflix Documentary Could Explore Crypto Crime: Part 2 Potential
OFAC Lifts Sanctions on Individuals Linked to Predator Spyware Consortium
Vulnerability in Totolink Range Extender Firmware Allows Unauthorized Access
Endpoint Security
Vulnerability in Totolink Range Extender Firmware Allows Unauthorized Access
Mitchell Langley January 8, 2026
Totolink range extenders are at risk due to a firmware bug that leads to unauthenticated root-level Telnet service, allowing potential device takeovers. Security researchers encourage ...
Vibe Hacking How AI is Transforming Cybercrime's Landscape
Cybersecurity
Vibe Hacking: How AI is Transforming Cybercrime’s Landscape
Andrew Doyle January 8, 2026
The evolution of cybercrime from skill-based activities to AI-driven "vibe hacking" is reshaping attack strategies. By utilizing AI tools, cybercriminals gain access to advanced capabilities ...
How Misconfigured Email Routing Opens the Door for Credential Theft
Blog
How Misconfigured Email Routing Opens the Door for Credential Theft
Gabby Lee January 8, 2026
Misconfigured email routing creates an opening for attackers using Phishing-as-a-Service platforms like Tycoon2FA to steal credentials. Such tactics enable attackers to replicate legitimate internal emails, ...
Logitech's macOS Applications Disrupted by Expired Code-Signing Certificate
Application Security
Logitech’s macOS Applications Disrupted by Expired Code-Signing Certificate
Andrew Doyle January 7, 2026
Logitech's macOS applications, Options+ and G Hub, faced functionality issues after their code-signing certificate expired, preventing users from launching the apps on Apple systems. This ...
Ni8mare Vulnerability Threatens N8N Workflow Automation Platform
Application Security
Ni8mare Vulnerability Threatens N8N Workflow Automation Platform
Mitchell Langley January 7, 2026
A critical vulnerability discovered in the N8N workflow automation platform enables remote, unauthenticated attackers to gain control over systems. Details emerge on this severe risk, ...
Black Cat's SEO Poisoning Tactics Target Software Downloaders
News
Black Cat’s SEO Poisoning Tactics Target Software Downloaders
Gabby Lee January 7, 2026
The Black Cat cybercrime group is leveraging fraudulent software download sites in a new SEO-driven attack campaign, delivering backdoor malware. The tactic involves SEO poisoning ...
OwnCloud Urges Users to Implement Multi-factor Authentication for Enhanced Security
Identity and Access Management
OwnCloud Urges Users to Implement Multi-factor Authentication for Enhanced Security
Andrew Doyle January 7, 2026
OwnCloud recommends multi-factor authentication to prevent unauthorized access to user data via compromised credentials. This security measure adds an essential layer, mitigating the risk of ...
Navigating the Challenges of Fileless Malware in Cybersecurity
Blog
Navigating the Challenges of Fileless Malware in Cybersecurity
Gabby Lee January 7, 2026
Fileless malware poses a significant challenge by leveraging existing tools within environments instead of standard files, making detection difficult for cybersecurity teams.
Microsoft Acknowledges Issues With Outlook Encryption Feature
Application Security
Microsoft Acknowledges Issues With Outlook Encryption Feature
Mitchell Langley January 7, 2026
A flaw in classic Outlook prevents users from opening encrypted emails, affecting security and efficiency. Microsoft outlines the known issue tied to this encryption feature, ...
Stalkerware Vendor's Guilty Plea A Rare Legal Victory in Consumer Spyware Prosecution
Cybersecurity
Stalkerware Vendor’s Guilty Plea: A Rare Legal Victory in Consumer Spyware Prosecution
Gabby Lee January 7, 2026
A significant legal breakthrough marks only the second successful prosecution of a consumer spyware vendor in over ten years by the US government, revealing complex ...
The Influence of Security Advice and Accountability in Cybersecurity
Blog
The Influence of Security Advice and Accountability in Cybersecurity
Andrew Doyle January 7, 2026
Security advice can often have minimal real-world consequences for those who deliver it but are not involved in its application. Understanding how accountability and responsibility ...
Chrome Extensions Masquerading as AITOPIA Pose Risk
Application Security
Chrome Extensions Masquerading as AITOPIA Pose Risk
Mitchell Langley January 7, 2026
Security analysts identified two harmful Chrome extensions, downloaded 900,000 times, masquerading as legitimate AITOPIA tools. These extensions extracted users' browser activity and personal data. Google’s ...
Microsoft Alters Exchange Online User Email Limitations After Customer Pushback
Cybersecurity
Microsoft Alters Exchange Online User Email Limitations After Customer Pushback
Mitchell Langley January 7, 2026
Microsoft has postponed its intended changes to Exchange Online, initially meant to restrict email recipients per message, following feedback from customers displeased by the limitations ...
European Space Agency Confronts Repeated Data Breaches with Legal Action
Data Security
European Space Agency Confronts Repeated Data Breaches with Legal Action
Gabby Lee January 7, 2026
A second major data breach in two weeks has put the European Space Agency in the midst of a cybersecurity crisis, prompting legal action. The ...
Generative AI Elevates Active Directory Password Attacks
Identity and Access Management
Generative AI Elevates Active Directory Password Attacks
Andrew Doyle January 7, 2026
Generative AI is revolutionizing password attacks on Active Directory, utilizing advanced algorithms to exploit weak passwords. Specops Software highlights how AI-driven techniques are increasing the ...
Phishers Pose as Booking.com to Compromise European Hotels
News
Phishers Pose as Booking.com to Compromise European Hotels
Mitchell Langley January 7, 2026
In a newly identified cybersecurity threat, attackers are imitating Booking.com to infiltrate European hotels. Employees are manipulated into installing malware under the guise of handling ...
Researchers Trap Scattered Lapsus$ Hunters in Honeypot
News
Researchers Trap Scattered Lapsus$ Hunters in Honeypot
Gabby Lee January 7, 2026
In an effort to better understand new hacking techniques, researchers have deployed honeypots—a deceptive cybersecurity strategy—to lure attackers from the Scattered Lapsus$ group. These controlled ...
Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
Cybersecurity
Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
Andrew Doyle January 7, 2026
A critical flaw in TOTOLINK EX200 allows remote attackers full control. Tracked as CVE-2025-65606, the vulnerability presents significant risks for users.
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
Application Security
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
Mitchell Langley January 7, 2026
Cybersecurity experts have discovered browser extensions that secretly exfiltrate conversations and browsing activities from ChatGPT and DeepSeek, exposing users to potential data compromises. Over 900,000 ...
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
Cybersecurity
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
Gabby Lee January 6, 2026
Google's latest Android security patch addresses the critical Dolby audio decoder vulnerability, CVE-2025-54957, originally discovered in October 2025. The issue was initially resolved in December ...
Vulnerability in Totolink Range Extender Firmware Allows Unauthorized Access
Endpoint Security
Vulnerability in Totolink Range Extender Firmware Allows Unauthorized Access
Mitchell Langley January 8, 2026
Microsoft Acknowledges Issues With Outlook Encryption Feature
Application Security
Microsoft Acknowledges Issues With Outlook Encryption Feature
Mitchell Langley January 7, 2026
Ledger Breach Due to Global-e Attack Compromises Customer Data
Data Security
Ledger Breach Due to Global-e Attack Compromises Customer Data
Andrew Doyle January 6, 2026
Gavin Webb's Role in the Takedown of LockBit Ransomware
News
Gavin Webb’s Role in the Takedown of LockBit Ransomware
Gabby Lee January 5, 2026

TOP CYBERSECURITY HEADLINES

Ni8mare Vulnerability Threatens N8N Workflow Automation Platform
Application Security
Ni8mare Vulnerability Threatens N8N Workflow Automation Platform
Black Cat's SEO Poisoning Tactics Target Software Downloaders
News
Black Cat’s SEO Poisoning Tactics Target Software Downloaders
OwnCloud Urges Users to Implement Multi-factor Authentication for Enhanced Security
Identity and Access Management
OwnCloud Urges Users to Implement Multi-factor Authentication for Enhanced Security
Microsoft Acknowledges Issues With Outlook Encryption Feature
Application Security
Microsoft Acknowledges Issues With Outlook Encryption Feature

This Week’s Security Spotlight

Chrome Extensions Masquerading as AITOPIA Pose Risk
Application Security
Chrome Extensions Masquerading as AITOPIA Pose Risk
Mitchell Langley January 7, 2026
European Space Agency Confronts Repeated Data Breaches with Legal Action
Data Security
European Space Agency Confronts Repeated Data Breaches with Legal Action
Gabby Lee January 7, 2026
Sedgwick Breach Raises Concerns Over Security of Government Data Transfers
Data Security
Sedgwick Breach Raises Concerns Over Security of Government Data Transfers
Andrew Doyle January 6, 2026
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
Information Security
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
Gabby Lee January 6, 2026
More In News
Trending
Silver Fox Exploits Tax Lures in India to Spread ValleyRAT
Grubhub Users Face Sophisticated Phishing Scam Promising Bitcoin Payouts
Feds Seize Database Targeting $28 Million Bank Account Theft
Arrests in Nigeria Reveal Cyberattack Links to Raccoon0365 and Microsoft 365

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Palo Alto Networks Uncovers 194,000-Domain Smishing Campaign Linked to “Smishing Triad”
October 28, 2025
Podcasts
Coveware Reports Historic Drop in Ransomware Payments: Only 23% of Victims Paid in Q3 2025
October 28, 2025
Podcasts
Firefox Add-Ons Must Declare Data Collection—or Be Rejected
October 28, 2025

Cyber Security News

Vulnerability in Totolink Range Extender Firmware Allows Unauthorized Access
Endpoint Security
Vulnerability in Totolink Range Extender Firmware Allows Unauthorized Access
January 8, 2026
Vibe Hacking How AI is Transforming Cybercrime's Landscape
Cybersecurity
Vibe Hacking: How AI is Transforming Cybercrime’s Landscape
January 8, 2026
Logitech's macOS Applications Disrupted by Expired Code-Signing Certificate
Application Security
Logitech’s macOS Applications Disrupted by Expired Code-Signing Certificate
January 7, 2026
Ni8mare Vulnerability Threatens N8N Workflow Automation Platform
Application Security
Ni8mare Vulnerability Threatens N8N Workflow Automation Platform
January 7, 2026
OwnCloud Urges Users to Implement Multi-factor Authentication for Enhanced Security
Identity and Access Management
OwnCloud Urges Users to Implement Multi-factor Authentication for Enhanced Security
January 7, 2026
Navigating the Challenges of Fileless Malware in Cybersecurity
Blog
Navigating the Challenges of Fileless Malware in Cybersecurity
January 7, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Logitech’s macOS Applications Disrupted by Expired Code-Signing Certificate
January 7, 2026
Logitech's macOS applications, Options+ and G Hub, faced functionality issues after their code-signing certificate expired, preventing users from launching the apps on Apple systems. This ...
Ni8mare Vulnerability Threatens N8N Workflow Automation Platform
January 7, 2026
A critical vulnerability discovered in the N8N workflow automation platform enables remote, unauthenticated attackers to gain control over systems. Details emerge on this severe risk, ...
Black Cat’s SEO Poisoning Tactics Target Software Downloaders
January 7, 2026
The Black Cat cybercrime group is leveraging fraudulent software download sites in a new SEO-driven attack campaign, delivering backdoor malware. The tactic involves SEO poisoning ...
OwnCloud Urges Users to Implement Multi-factor Authentication for Enhanced Security
January 7, 2026
OwnCloud recommends multi-factor authentication to prevent unauthorized access to user data via compromised credentials. This security measure adds an essential layer, mitigating the risk of ...
Navigating the Challenges of Fileless Malware in Cybersecurity
January 7, 2026
Fileless malware poses a significant challenge by leveraging existing tools within environments instead of standard files, making detection difficult for cybersecurity teams.
Microsoft Acknowledges Issues With Outlook Encryption Feature
January 7, 2026
A flaw in classic Outlook prevents users from opening encrypted emails, affecting security and efficiency. Microsoft outlines the known issue tied to this encryption feature, ...
Stalkerware Vendor’s Guilty Plea: A Rare Legal Victory in Consumer Spyware Prosecution
January 7, 2026
A significant legal breakthrough marks only the second successful prosecution of a consumer spyware vendor in over ten years by the US government, revealing complex ...
The Influence of Security Advice and Accountability in Cybersecurity
January 7, 2026
Security advice can often have minimal real-world consequences for those who deliver it but are not involved in its application. Understanding how accountability and responsibility ...
Chrome Extensions Masquerading as AITOPIA Pose Risk
January 7, 2026
Security analysts identified two harmful Chrome extensions, downloaded 900,000 times, masquerading as legitimate AITOPIA tools. These extensions extracted users' browser activity and personal data. Google’s ...
Microsoft Alters Exchange Online User Email Limitations After Customer Pushback
January 7, 2026
Microsoft has postponed its intended changes to Exchange Online, initially meant to restrict email recipients per message, following feedback from customers displeased by the limitations ...
European Space Agency Confronts Repeated Data Breaches with Legal Action
January 7, 2026
A second major data breach in two weeks has put the European Space Agency in the midst of a cybersecurity crisis, prompting legal action. The ...
Generative AI Elevates Active Directory Password Attacks
January 7, 2026
Generative AI is revolutionizing password attacks on Active Directory, utilizing advanced algorithms to exploit weak passwords. Specops Software highlights how AI-driven techniques are increasing the ...
Phishers Pose as Booking.com to Compromise European Hotels
January 7, 2026
In a newly identified cybersecurity threat, attackers are imitating Booking.com to infiltrate European hotels. Employees are manipulated into installing malware under the guise of handling ...
Researchers Trap Scattered Lapsus$ Hunters in Honeypot
January 7, 2026
In an effort to better understand new hacking techniques, researchers have deployed honeypots—a deceptive cybersecurity strategy—to lure attackers from the Scattered Lapsus$ group. These controlled ...
Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
January 7, 2026
A critical flaw in TOTOLINK EX200 allows remote attackers full control. Tracked as CVE-2025-65606, the vulnerability presents significant risks for users.
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
January 7, 2026
Cybersecurity experts have discovered browser extensions that secretly exfiltrate conversations and browsing activities from ChatGPT and DeepSeek, exposing users to potential data compromises. Over 900,000 ...
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
January 6, 2026
Google's latest Android security patch addresses the critical Dolby audio decoder vulnerability, CVE-2025-54957, originally discovered in October 2025. The issue was initially resolved in December ...
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
January 6, 2026
Threat actors have been exploiting a command injection vulnerability identified in out-of-support D-Link DSL router models. The flaw allows remote execution of malicious commands, compromising ...
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
January 6, 2026
NordVPN denied allegations of a breach on its Salesforce development servers, clarifying that the accessed data was from a third-party test platform's dummy data.
CISA Expands Catalog to Include New Vulnerabilities Exploited by Ransomware Groups
January 6, 2026
The CISA KEV catalog now logs 1,484 vulnerabilities, after adding 24 new entries tied to ransomware exploits, signaling significant cybersecurity challenges.
Logitech’s macOS Applications Disrupted by Expired Code-Signing Certificate
Ni8mare Vulnerability Threatens N8N Workflow Automation Platform
Black Cat’s SEO Poisoning Tactics Target Software Downloaders
OwnCloud Urges Users to Implement Multi-factor Authentication for Enhanced Security
Navigating the Challenges of Fileless Malware in Cybersecurity
Microsoft Acknowledges Issues With Outlook Encryption Feature
Stalkerware Vendor’s Guilty Plea: A Rare Legal Victory in Consumer Spyware Prosecution
The Influence of Security Advice and Accountability in Cybersecurity
Chrome Extensions Masquerading as AITOPIA Pose Risk
Microsoft Alters Exchange Online User Email Limitations After Customer Pushback
European Space Agency Confronts Repeated Data Breaches with Legal Action
Generative AI Elevates Active Directory Password Attacks
Phishers Pose as Booking.com to Compromise European Hotels
Researchers Trap Scattered Lapsus$ Hunters in Honeypot
Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
CISA Expands Catalog to Include New Vulnerabilities Exploited by Ransomware Groups