Main Menu
Cyber Security
OWASP’s Agentic AI Top 10 Highlights Emerging Security Threats
Korean Air Data Breach Exposes Thousands of Employee Records via KC&D Hack
Why Cybersecurity is Critical to Vendor Risk Management
Sax Accounting Firm’s Year-long Investigation Exposes Data Breach Affecting 220,000
Arrest Linked to KMSAuto Malware Campaign That Hit 2.8 Million Systems
Trust Wallet Compromise Results in $7 Million Loss from Crypto Accounts
Ex-Coinbase Support Agent in India Arrested for Involvement in Data Theft
Spotify Disables User Accounts to Combat Massive Data Scraping
Ubisoft’s Rainbow Six Siege Breach Enables Hackers to Exploit Internal Systems
Hackers Breach Condé Nast Systems, Exposing WIRED Subscriber Data
Malicious NPM Package ‘Lotusbail’ Targets WhatsApp Credentials
LangChain Core Critical Vulnerability: Risks for Data Security and LLM Integrity
Cyber Espionage Campaign Involving a China-Linked APT Utilizing DNS Poisoning
Aflac Confirms Data Breach Impacting Over 22 Million Customers
Trust Wallet Urges Users to Update Chrome Extension Due to Security Incident
Active Exploitation of FortiOS SSL VPN Vulnerability CVE-2020-12812
Ripple Effects of the 2022 LastPass Data Breach: Cryptocurrency at Stake
U.S. Government Seizes Web3 Ads Panel Domain Linked to Cybercrime
Fraudulent Investment Scheme Nomani Expands Beyond Facebook
Microsoft Enhances Codebase Security by Transitioning to Rust with AI Assistance
U.S. SEC Accuses Firms of Orchestrating Cryptocurrency Fraud Worth Over $14 Million
AI Vulnerabilities Identified by Researchers in Eurostar’s Chatbot
Critical Patch Alert: MongoDB Urges Immediate Update to Prevent RCE Attacks
Italy’s AGCM Fines Apple €98.6 Million Over Alleged App Tracking Transparency Misuse
Passwd Offers Secure Credential Management for Google Workspace Users
Operation Sentinel: INTERPOL’s Comprehensive Cybercrime Crackdown Across Africa
ServiceNow Acquires Armis for $7.75 Billion, Boosting Cybersecurity Capabilities
WebRAT Malware Utilizing GitHub for Malicious Distribution
n8n Automation Platform Faces Severe Security Issue
Dangerous Chrome Extensions: Phantom Shuttle Targets Sensitive Data
Coupang to Distribute $1.17 Billion in Vouchers Following Data Breach
Cybersecurity
Coupang to Distribute $1.17 Billion in Vouchers Following Data Breach
Gabby Lee December 29, 2025
Coupang addresses a data breach affecting 33.7 million users by issuing $1.17 billion in vouchers, aiming to restore trust and mitigate the breach impacts.
Renewed Exploitation of FortiOS Two-Factor Authentication Bypass
CVE Vulnerability Alerts
Renewed Exploitation of FortiOS Two-Factor Authentication Bypass
Mitchell Langley December 29, 2025
Fortinet has flagged a resurgence in the exploitation of CVE-2020-12812, a vulnerability in FortiOS that allows attackers to bypass two-factor authentication. This poses significant risks ...
Lovely Extortion Group Claims Massive Data Breach at Conde Nast
News
Lovely Extortion Group Claims Massive Data Breach at Conde Nast
Gabby Lee December 29, 2025
The extortion threat to Conde Nast by the criminal group, Lovely, emphasizes the vulnerability of major publishers to cyberattacks. Lovely claims to have unauthorized access ...
Ransomware Attack Disrupts Operations at Romania's Oltenia Energy Complex During Christmas
Cybersecurity
Ransomware Attack Disrupts Operations at Romania’s Oltenia Energy Complex During Christmas
Andrew Doyle December 29, 2025
Oltenia Energy Complex, Romania's primary coal-based energy producer, faced a ransomware attack on the second day of Christmas, severely impacting its IT infrastructure and highlighting ...
OWASP’s Agentic AI Top 10 Highlights Emerging Security Threats
Cybersecurity
OWASP’s Agentic AI Top 10 Highlights Emerging Security Threats
Gabby Lee December 29, 2025
OWASP introduces vulnerabilities impacting AI systems, emphasizing agent tool attacks. Koi Security's assessments illustrate real incidents linked to this list.
Korean Air Data Breach Exposes Thousands of Employee Records via KC&D Hack
Data Security
Korean Air Data Breach Exposes Thousands of Employee Records via KC&D Hack
Mitchell Langley December 29, 2025
Korean Air encountered a significant data security breach affecting thousands of employees following an attack on its supplier, Korean Air Catering & Duty-Free, leading to ...
Why Cybersecurity Is Critical to Vendor Risk Management
Blog
Why Cybersecurity is Critical to Vendor Risk Management
Gabby Lee December 29, 2025
As organizations rely more on third-party vendors, cybersecurity has become central to vendor risk management. Understanding evolving supply-chain threats, assessing vendor security posture, and implementing ...
Sax Accounting Firm's Year-long Investigation Exposes Data Breach Affecting 220,000
Information Security
Sax Accounting Firm’s Year-long Investigation Exposes Data Breach Affecting 220,000
Gabby Lee December 29, 2025
Sax, a major US accounting firm, has disclosed a data breach affecting over 220,000 clients, revealing vulnerabilities in their data security systems after a protracted ...
Arrest Linked to KMSAuto Malware Campaign That Hit 2.8 Million Systems
Cybersecurity
Arrest Linked to KMSAuto Malware Campaign That Hit 2.8 Million Systems
Andrew Doyle December 29, 2025
Authorities arrest a Lithuanian individual suspected of deploying clipboard-stealer malware through KMSAuto, impacting 2.8 million computers. The tool, camouflaged as a utility for unauthorized Windows ...
Trust Wallet Compromise Results in $7 Million Loss from Crypto Accounts
Data Security
Trust Wallet Compromise Results in $7 Million Loss from Crypto Accounts
Mitchell Langley December 29, 2025
Trust Wallet users suffer a $7M loss after a targeted attack on the browser extension impacts 3,000 crypto addresses just before Christmas.
Ex-Coinbase Support Agent in India Arrested for Involvement in Data Theft
Data Security
Ex-Coinbase Support Agent in India Arrested for Involvement in Data Theft
Gabby Lee December 29, 2025
A former Coinbase agent in India was detained for aiding hackers to infiltrate company databases, allowing unlawful access to sensitive client data.
Spotify Disables User Accounts to Combat Massive Data Scraping
Data Security
Spotify Disables User Accounts to Combat Massive Data Scraping
Andrew Doyle December 29, 2025
Spotify took action against data scraping by deactivating accounts after Anna’s Archive released data on 86 million songs from its platform.
Ubisoft's Rainbow Six Siege Breach Enables Hackers to Exploit Internal Systems
Application Security
Ubisoft’s Rainbow Six Siege Breach Enables Hackers to Exploit Internal Systems
Mitchell Langley December 28, 2025
Rainbow Six Siege faces a security breach allowing hackers to manipulate in-game systems, impacting player bans and economic balance, compromising integrity.
Hackers Breach Condé Nast Systems, Exposing WIRED Subscriber Data
Cybersecurity
Hackers Breach Condé Nast Systems, Exposing WIRED Subscriber Data
Gabby Lee December 28, 2025
A hacker claims responsibility for a breach at Condé Nast, exposing over 2.3 million WIRED subscriber records. The attacker threatens to release up to 40 ...
Malicious NPM Package ‘Lotusbail’ Targets WhatsApp Credentials
Application Security
Malicious NPM Package ‘Lotusbail’ Targets WhatsApp Credentials
Gabby Lee December 28, 2025
The malicious NPM package ‘Lotusbail’ covertly stole WhatsApp credentials through a backdoor. With more than 56,000 downloads over a six-month period, it emphasized the need ...
LangChain Core Critical Vulnerability Risks for Data Security and LLM Integrity
Application Security
LangChain Core Critical Vulnerability: Risks for Data Security and LLM Integrity
Andrew Doyle December 28, 2025
Critical LangChain Core flaw may enable data theft and LLM response manipulation, impacting system security and integrity.
Cyber Espionage Campaign Involving a China-Linked APT Utilizing DNS Poisoning (1)
Cybersecurity
Cyber Espionage Campaign Involving a China-Linked APT Utilizing DNS Poisoning
Mitchell Langley December 28, 2025
Kaspersky has attributed a China-linked advanced persistent threat group with a DNS poisoning technique to deploy the MgBot backdoor for cyber espionage in Türkiye, China, ...
Aflac Confirms Data Breach Impacting Over 22 Million Customers
Data Security
Aflac Confirms Data Breach Impacting Over 22 Million Customers
Gabby Lee December 28, 2025
A data breach at Aflac has exposed sensitive personal information of over 22 million customers. The company confirmed detecting unusual activities on its systems in ...
Grubhub Users Face Sophisticated Phishing Scam Promising Bitcoin Payouts
News
Grubhub Users Face Sophisticated Phishing Scam Promising Bitcoin Payouts
Mitchell Langley December 28, 2025
Grubhub customers received deceptive messages, seemingly from a company email, promising tenfold bitcoin returns. This scam misled users into transferring cryptocurrency to a specific wallet.
Trust Wallet Urges Users to Update Chrome Extension Due to Security Incident
Application Security
Trust Wallet Urges Users to Update Chrome Extension Due to Security Incident
Gabby Lee December 28, 2025
Trust Wallet experienced a critical security breach affecting its Google Chrome extension, leading to losses of approximately $7 million. Users are urged to update to ...
Coupang to Distribute $1.17 Billion in Vouchers Following Data Breach
Cybersecurity
Coupang to Distribute $1.17 Billion in Vouchers Following Data Breach
Gabby Lee December 29, 2025
Korean Air Data Breach Exposes Thousands of Employee Records via KC&D Hack
Data Security
Korean Air Data Breach Exposes Thousands of Employee Records via KC&D Hack
Mitchell Langley December 29, 2025
Ransomware Attack Disrupts Operations at Romania's Oltenia Energy Complex During Christmas
Cybersecurity
Ransomware Attack Disrupts Operations at Romania’s Oltenia Energy Complex During Christmas
Andrew Doyle December 29, 2025
MacSync Malware Distributed via Signed Swift Application
News
MacSync Malware Distributed via Signed Swift Application
Andrew Doyle December 22, 2025

TOP CYBERSECURITY HEADLINES

Ransomware Attack Disrupts Operations at Romania's Oltenia Energy Complex During Christmas
Cybersecurity
Ransomware Attack Disrupts Operations at Romania’s Oltenia Energy Complex During Christmas
OWASP’s Agentic AI Top 10 Highlights Emerging Security Threats
Cybersecurity
OWASP’s Agentic AI Top 10 Highlights Emerging Security Threats
Korean Air Data Breach Exposes Thousands of Employee Records via KC&D Hack
Data Security
Korean Air Data Breach Exposes Thousands of Employee Records via KC&D Hack
Sax Accounting Firm's Year-long Investigation Exposes Data Breach Affecting 220,000
Information Security
Sax Accounting Firm’s Year-long Investigation Exposes Data Breach Affecting 220,000

This Week’s Security Spotlight

Malicious NPM Package ‘Lotusbail’ Targets WhatsApp Credentials
Application Security
Malicious NPM Package ‘Lotusbail’ Targets WhatsApp Credentials
Gabby Lee December 28, 2025
n8n Automation Platform Faces Severe Security Issue
Application Security
n8n Automation Platform Faces Severe Security Issue
Mitchell Langley December 24, 2025
Nissan Cyberattack Hackers Compromise Red Hat GitLab Instances
Data Security
Nissan Cyberattack: Hackers Compromise Red Hat GitLab Instances
Gabby Lee December 24, 2025
Microsoft Teams Outage Affects Thousands of Users Trying to Send Messages
Application Security
Microsoft Teams Outage Affects Thousands of Users Trying to Send Messages
Mitchell Langley December 22, 2025
More In News
Trending
Phishing Attacks by Operation ForumTroll in Russia: A Closer Look at October 2025 Campaign
Phishing Attacks in 2026: Evolution Beyond Email and Its Implications
Email Scam Exploits PayPal’s Subscriptions Billing Feature
New Wave of Phishing Kits Target Credential Theft at Scale

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Palo Alto Networks Uncovers 194,000-Domain Smishing Campaign Linked to “Smishing Triad”
October 28, 2025
Podcasts
Coveware Reports Historic Drop in Ransomware Payments: Only 23% of Victims Paid in Q3 2025
October 28, 2025
Podcasts
Firefox Add-Ons Must Declare Data Collection—or Be Rejected
October 28, 2025

Cyber Security News

Coupang to Distribute $1.17 Billion in Vouchers Following Data Breach
Cybersecurity
Coupang to Distribute $1.17 Billion in Vouchers Following Data Breach
December 29, 2025
Renewed Exploitation of FortiOS Two-Factor Authentication Bypass
CVE Vulnerability Alerts
Renewed Exploitation of FortiOS Two-Factor Authentication Bypass
December 29, 2025
Ransomware Attack Disrupts Operations at Romania's Oltenia Energy Complex During Christmas
Cybersecurity
Ransomware Attack Disrupts Operations at Romania’s Oltenia Energy Complex During Christmas
December 29, 2025
OWASP’s Agentic AI Top 10 Highlights Emerging Security Threats
Cybersecurity
OWASP’s Agentic AI Top 10 Highlights Emerging Security Threats
December 29, 2025
Korean Air Data Breach Exposes Thousands of Employee Records via KC&D Hack
Data Security
Korean Air Data Breach Exposes Thousands of Employee Records via KC&D Hack
December 29, 2025
Why Cybersecurity Is Critical to Vendor Risk Management
Blog
Why Cybersecurity is Critical to Vendor Risk Management
December 29, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Ransomware Attack Disrupts Operations at Romania’s Oltenia Energy Complex During Christmas
December 29, 2025
Oltenia Energy Complex, Romania's primary coal-based energy producer, faced a ransomware attack on the second day of Christmas, severely impacting its IT infrastructure and highlighting ...
OWASP’s Agentic AI Top 10 Highlights Emerging Security Threats
December 29, 2025
OWASP introduces vulnerabilities impacting AI systems, emphasizing agent tool attacks. Koi Security's assessments illustrate real incidents linked to this list.
Korean Air Data Breach Exposes Thousands of Employee Records via KC&D Hack
December 29, 2025
Korean Air encountered a significant data security breach affecting thousands of employees following an attack on its supplier, Korean Air Catering & Duty-Free, leading to ...
Why Cybersecurity is Critical to Vendor Risk Management
December 29, 2025
As organizations rely more on third-party vendors, cybersecurity has become central to vendor risk management. Understanding evolving supply-chain threats, assessing vendor security posture, and implementing ...
Sax Accounting Firm’s Year-long Investigation Exposes Data Breach Affecting 220,000
December 29, 2025
Sax, a major US accounting firm, has disclosed a data breach affecting over 220,000 clients, revealing vulnerabilities in their data security systems after a protracted ...
Arrest Linked to KMSAuto Malware Campaign That Hit 2.8 Million Systems
December 29, 2025
Authorities arrest a Lithuanian individual suspected of deploying clipboard-stealer malware through KMSAuto, impacting 2.8 million computers. The tool, camouflaged as a utility for unauthorized Windows ...
Trust Wallet Compromise Results in $7 Million Loss from Crypto Accounts
December 29, 2025
Trust Wallet users suffer a $7M loss after a targeted attack on the browser extension impacts 3,000 crypto addresses just before Christmas.
Ex-Coinbase Support Agent in India Arrested for Involvement in Data Theft
December 29, 2025
A former Coinbase agent in India was detained for aiding hackers to infiltrate company databases, allowing unlawful access to sensitive client data.
Spotify Disables User Accounts to Combat Massive Data Scraping
December 29, 2025
Spotify took action against data scraping by deactivating accounts after Anna’s Archive released data on 86 million songs from its platform.
Ubisoft’s Rainbow Six Siege Breach Enables Hackers to Exploit Internal Systems
December 28, 2025
Rainbow Six Siege faces a security breach allowing hackers to manipulate in-game systems, impacting player bans and economic balance, compromising integrity.
Hackers Breach Condé Nast Systems, Exposing WIRED Subscriber Data
December 28, 2025
A hacker claims responsibility for a breach at Condé Nast, exposing over 2.3 million WIRED subscriber records. The attacker threatens to release up to 40 ...
Malicious NPM Package ‘Lotusbail’ Targets WhatsApp Credentials
December 28, 2025
The malicious NPM package ‘Lotusbail’ covertly stole WhatsApp credentials through a backdoor. With more than 56,000 downloads over a six-month period, it emphasized the need ...
LangChain Core Critical Vulnerability: Risks for Data Security and LLM Integrity
December 28, 2025
Critical LangChain Core flaw may enable data theft and LLM response manipulation, impacting system security and integrity.
Cyber Espionage Campaign Involving a China-Linked APT Utilizing DNS Poisoning
December 28, 2025
Kaspersky has attributed a China-linked advanced persistent threat group with a DNS poisoning technique to deploy the MgBot backdoor for cyber espionage in Türkiye, China, ...
Aflac Confirms Data Breach Impacting Over 22 Million Customers
December 28, 2025
A data breach at Aflac has exposed sensitive personal information of over 22 million customers. The company confirmed detecting unusual activities on its systems in ...
Grubhub Users Face Sophisticated Phishing Scam Promising Bitcoin Payouts
December 28, 2025
Grubhub customers received deceptive messages, seemingly from a company email, promising tenfold bitcoin returns. This scam misled users into transferring cryptocurrency to a specific wallet.
Trust Wallet Urges Users to Update Chrome Extension Due to Security Incident
December 28, 2025
Trust Wallet experienced a critical security breach affecting its Google Chrome extension, leading to losses of approximately $7 million. Users are urged to update to ...
Active Exploitation of FortiOS SSL VPN Vulnerability CVE-2020-12812
December 28, 2025
Fortinet has identified ongoing exploitation of the five-year-old FortiOS SSL VPN flaw CVE-2020-12812, revealing it poses significant risks in specific configurations.
Ripple Effects of the 2022 LastPass Data Breach: Cryptocurrency at Stake
December 28, 2025
Weak master passwords from 2022's LastPass breach are being exploited to compromise cryptocurrency assets, implicating Russian cybercriminal involvement, according to TRM Labs.
CISA Issues Urgent Advisory on Digiever NVRs Due to Known Exploited Vulnerability
December 28, 2025
CISA has highlighted CVE-2023-52163, a vulnerability in Digiever NVRs, for active exploitation, advising immediate update and security precautions.
Ransomware Attack Disrupts Operations at Romania’s Oltenia Energy Complex During Christmas
OWASP’s Agentic AI Top 10 Highlights Emerging Security Threats
Korean Air Data Breach Exposes Thousands of Employee Records via KC&D Hack
Why Cybersecurity is Critical to Vendor Risk Management
Sax Accounting Firm’s Year-long Investigation Exposes Data Breach Affecting 220,000
Arrest Linked to KMSAuto Malware Campaign That Hit 2.8 Million Systems
Trust Wallet Compromise Results in $7 Million Loss from Crypto Accounts
Ex-Coinbase Support Agent in India Arrested for Involvement in Data Theft
Spotify Disables User Accounts to Combat Massive Data Scraping
Ubisoft’s Rainbow Six Siege Breach Enables Hackers to Exploit Internal Systems
Hackers Breach Condé Nast Systems, Exposing WIRED Subscriber Data
Malicious NPM Package ‘Lotusbail’ Targets WhatsApp Credentials
LangChain Core Critical Vulnerability: Risks for Data Security and LLM Integrity
Cyber Espionage Campaign Involving a China-Linked APT Utilizing DNS Poisoning
Aflac Confirms Data Breach Impacting Over 22 Million Customers
Grubhub Users Face Sophisticated Phishing Scam Promising Bitcoin Payouts
Trust Wallet Urges Users to Update Chrome Extension Due to Security Incident
Active Exploitation of FortiOS SSL VPN Vulnerability CVE-2020-12812
Ripple Effects of the 2022 LastPass Data Breach: Cryptocurrency at Stake
CISA Issues Urgent Advisory on Digiever NVRs Due to Known Exploited Vulnerability