Main Menu
Cyber Security
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
SonicWall Traces 2023 Breach to State-Linked Threat Group Targeting Firewalls
U.K. Mobile Carriers to Block Number Spoofing in Major Anti-Fraud Network Upgrade
ALT5 Sigma Pursues Legal Action Following Insider Data Breach
Italian Newspaper Il Manifesto Exposes Reader Data in Massive Database Leak
Russian Hackers Exploit Hyper-V to Hide Malware in Linux Virtual Machines
Attackers Exploit Critical Plugin Flaw to Hijack Admin Access on 400,000+ WordPress Sites
Malicious Android Apps Garner 40 Million Downloads on Google Play, Zscaler Finds
Google’s November 2025 Android Security Update Fixes Critical Remote Code Execution Flaw
Swedish Privacy Regulator Launches Investigation Into Miljödata Cyberattack
Microsoft Plans to Retire Defender Application Guard for Office by 2027
Nikkei Slack Breach Exposes 17,000 Employees’ and Partners’ Data
Emergency WSUS Patch Breaks Hotpatching Function for Windows Server 2025 Systems
SleepyDuck Malware Poses Supply Chain Threat Through Fake VS Code Extension
How Device Code Phishing Abuses OAuth Flows on Google and Azure
Balancer Protocol Breached in $128 Million Attack on DeFi Pools
OpenAI Assistants API Abused in New Malware Campaign Leveraging Covert C2 Channel
Indian Government Issues High-Severity Warning for Google Chrome Users
South Korea’s Telecom Giants Grapple With Cyber Breaches and Executive Shakeups
Proton Warns of 300 Million Stolen Credentials Fueling Global Data Breach Crisis
University of Pennsylvania Data Breach Exposes 1.2 Million Donor Records
Open VSX Access Tokens Leaked, Allowing Malicious Extensions in Supply Chain Threat
Bronze Butler Exploited Zero-Day in Motex Lanscope to Deploy Gokcpdoor Malware
Google’s AI-Powered Search Signals the Return of Ads: What it Means for Security and Strategy
Reputation.com Data Leak Exposes 120 Million Internal Logs Containing Customer Session Data
Hackers Claim Breach of Viz Media Executive Account, Exfiltrating 250GB of Corporate Data
Russian Police Arrest Teenagers Behind Meduza Infostealer Operation
CISA and NSA Issue Joint Guidance to Secure Microsoft Exchange Servers
Former L3Harris Executive Admits to Selling Classified Cybersecurity Data to Russian Exploit Dealer
WhatsApp Enhances Security With Passkey-Enforced Encrypted Chat Backups
Cybersecurity
82 Percent of Financial-Services Organizations Suffered a Data Breach in the Last Year
Andrew Doyle November 6, 2025
A global survey found 82 percent of large financial-services organisations reported a data breach or leak in the past year, signalling pervasive cyber-risk across the ...
U.S. Sanctions North Korean Financial Network Over Cybercrime-Funded Weapons Program
News
U.S. Sanctions North Korean Financial Network Over Cybercrime-Funded Weapons Program
Mitchell Langley November 6, 2025
The U.S. Treasury has sanctioned eight North Korea-linked individuals and entities accused of laundering funds from cyberattacks to finance Pyongyang’s weapons programs. The move targets ...
Microsoft Store Adds Multi-App Install Support for Easier Windows 11 Deployments
Application Security
Microsoft Store Adds Multi-App Install Support for Easier Windows 11 Deployments
Gabby Lee November 6, 2025
Microsoft has added a new web-based feature to the Microsoft Store that lets users create a single installer for multiple apps. The enhancement simplifies deployments, ...
Malware Learns to Think Google Warns of AI-Powered Evasive Techniques
Cybersecurity
Malware Learns to Think: Google Warns of AI-Powered Evasive Techniques
Andrew Doyle November 6, 2025
Google has uncovered AI-driven malware capable of mutating its code during execution, evading traditional detection tools. By embedding machine learning models directly into payloads, attackers ...
Gootloader Resurfaces After Hiatus, Leveraging SEO Poisoning to Spread Malware
News
Gootloader Resurfaces After Hiatus, Leveraging SEO Poisoning to Spread Malware
Mitchell Langley November 6, 2025
The Gootloader malware gang has resurfaced after months of inactivity, reviving its signature SEO poisoning attacks. By manipulating search results to distribute malicious downloads through ...
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
Data Security
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
Gabby Lee November 6, 2025
Hyundai AutoEver America is now investigating a data breach that led to unauthorized access to sensitive personal information belonging to ...
SonicWall Traces 2023 Breach to State-Linked Threat Group Targeting Firewalls
Application Security
SonicWall Traces 2023 Breach to State-Linked Threat Group Targeting Firewalls
Gabby Lee November 6, 2025
SonicWall has attributed its 2023 security breach to a suspected state-sponsored APT group that accessed firewall configuration backups. While no personal data was exposed, the ...
CISA Warns of Ongoing Exploitation of Critical CentOS Web Panel Flaw
CVE Vulnerability Alerts
CISA Warns of Ongoing Exploitation of Critical CentOS Web Panel Flaw
Mitchell Langley November 6, 2025
CISA has warned of active exploitation of a critical flaw (CVE-2022-44877) in CentOS Web Panel, allowing unauthenticated remote code execution. Administrators are urged to patch ...
U.K. Mobile Carriers to Block Number Spoofing in Major Anti-Fraud Network Upgrade
Information Security
U.K. Mobile Carriers to Block Number Spoofing in Major Anti-Fraud Network Upgrade
Gabby Lee November 6, 2025
The U.K. is launching a nationwide crackdown on phone scams as major mobile carriers partner with GCHQ to deploy anti-spoofing technology that blocks fake U.K. ...
ALT5 Sigma Pursues Legal Action Following Insider Data Breach
Cybersecurity
ALT5 Sigma Pursues Legal Action Following Insider Data Breach
Gabby Lee November 6, 2025
ALT5 Sigma Corp has sued a former consultant for unauthorized data access, citing potential operational harm and reinforcing insider threat management as a key governance ...
Italian Newspaper Il Manifesto Exposes Reader Data in Massive Database Leak
Cybersecurity
Italian Newspaper Il Manifesto Exposes Reader Data in Massive Database Leak
Andrew Doyle November 6, 2025
Il Manifesto exposed millions of user logs and subscriber emails through an unsecured database, revealing politically sensitive reader data and analytics without password protection or ...
SquareX Named SINET16 Innovator for Browser Detection and Response
News
SquareX Named SINET16 Innovator for Browser Detection and Response
Gabby Lee November 5, 2025
PALO ALTO, Calif., November 5, SquareX, a pioneer in the Browser Detection and Response (BDR) space, announced it has been ...
Rhysida Ransomware Gang Exploits Bing Ads to Spread Malware
News
Rhysida Ransomware Gang Exploits Bing Ads to Spread Malware
Gabby Lee November 5, 2025
Rhysida ransomware is spreading malware via malicious Bing ads targeting Microsoft Teams, Zoom, and PuTTY users while abusing code-signing certificates to evade detection and appear ...
Russian Hackers Exploit Hyper-V to Hide Malware in Linux Virtual Machines
Cybersecurity
Russian Hackers Exploit Hyper-V to Hide Malware in Linux Virtual Machines
Andrew Doyle November 5, 2025
Russian hackers used Hyper-V to deploy a hidden Linux VM hosting custom malware, bypassing typical endpoint detection and enabling stealthy long-term access in target networks.
Attackers Exploit Critical Plugin Flaw to Hijack Admin Access on 400,000+ WordPress Sites
Application Security
Attackers Exploit Critical Plugin Flaw to Hijack Admin Access on 400,000+ WordPress Sites
Gabby Lee November 5, 2025
A zero-day flaw in the Post SMTP WordPress plugin—installed on over 400,000 sites—is under active exploitation, allowing attackers to hijack admin accounts via a misconfigured ...
Malicious Android Apps Garner 40 Million Downloads on Google Play, Zscaler Finds
Application Security
Malicious Android Apps Garner 40 Million Downloads on Google Play, Zscaler Finds
Mitchell Langley November 4, 2025
Zscaler has uncovered a massive Android malware campaign distributing malicious apps through Google Play, amassing over 40 million downloads. The apps, posing as legitimate tools, ...
Google’s November 2025 Android Security Update Fixes Critical Remote Code Execution Flaw
Application Security
Google’s November 2025 Android Security Update Fixes Critical Remote Code Execution Flaw
Andrew Doyle November 4, 2025
Google’s November 2025 Android security bulletin fixes a critical remote code execution flaw in the Android System component that could allow network-based compromise without user ...
Swedish Privacy Regulator Launches Investigation Into Miljödata Cyberattack
Data Security
Swedish Privacy Regulator Launches Investigation Into Miljödata Cyberattack
Mitchell Langley November 4, 2025
Sweden’s privacy watchdog has launched a GDPR investigation into Miljödata after a major breach exposed sensitive health and employment records of 1.5 million people. The ...
Europol Busts €600M Crypto Fraud and Laundering Network
News
Europol Busts €600M Crypto Fraud and Laundering Network
Andrew Doyle November 4, 2025
Europol has arrested nine suspects accused of running a €600 million cryptocurrency fraud and laundering network spanning multiple countries. The operation, coordinated across Spain and ...
Microsoft Plans to Retire Defender Application Guard for Office by 2027
Application Security
Microsoft Plans to Retire Defender Application Guard for Office by 2027
Gabby Lee November 4, 2025
Microsoft will retire Defender Application Guard for Office beginning February 2026, with full end-of-support by December 2027. The move marks a strategic shift toward cloud-based ...
U.S. Sanctions North Korean Financial Network Over Cybercrime-Funded Weapons Program
News
U.S. Sanctions North Korean Financial Network Over Cybercrime-Funded Weapons Program
Mitchell Langley November 6, 2025
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
Data Security
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
Gabby Lee November 6, 2025
Apache Disputes Akira Ransomware Claims Against OpenOffice Project
News
Apache Disputes Akira Ransomware Claims Against OpenOffice Project
Mitchell Langley November 4, 2025
Conti Ransomware Associate Oleksii Lytvynenko Charged After U.S. Extradition
News
Conti Ransomware Associate Oleksii Lytvynenko Charged After U.S. Extradition
Andrew Doyle November 2, 2025

TOP CYBERSECURITY HEADLINES

Gootloader Resurfaces After Hiatus, Leveraging SEO Poisoning to Spread Malware
News
Gootloader Resurfaces After Hiatus, Leveraging SEO Poisoning to Spread Malware
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
Data Security
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
SonicWall Traces 2023 Breach to State-Linked Threat Group Targeting Firewalls
Application Security
SonicWall Traces 2023 Breach to State-Linked Threat Group Targeting Firewalls
CISA Warns of Ongoing Exploitation of Critical CentOS Web Panel Flaw
CVE Vulnerability Alerts
CISA Warns of Ongoing Exploitation of Critical CentOS Web Panel Flaw

This Week’s Security Spotlight

Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
Data Security
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
Gabby Lee November 6, 2025
Malicious Android Apps Garner 40 Million Downloads on Google Play, Zscaler Finds
Application Security
Malicious Android Apps Garner 40 Million Downloads on Google Play, Zscaler Finds
Mitchell Langley November 4, 2025
OpenAI Assistants API Abused in New Malware Campaign Leveraging Covert C2 Channel
Application Security
OpenAI Assistants API Abused in New Malware Campaign Leveraging Covert C2 Channel
Gabby Lee November 3, 2025
University of Pennsylvania Data Breach Exposes 1.2 Million Donor Records
Data Security
University of Pennsylvania Data Breach Exposes 1.2 Million Donor Records
Andrew Doyle November 2, 2025
More In News
Trending
CoPhish Exploit via Microsoft Copilot: OAuth Token Theft Exposes Trusted Domains
Moroccan Cybercriminals Employ Advanced Deception to Steal Gift Cards
11 Types of Social Engineering Attacks and How to Prevent Them
Co-Op Reports $107 Million Loss After Scattered Spider Cyberattack

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Palo Alto Networks Uncovers 194,000-Domain Smishing Campaign Linked to “Smishing Triad”
October 28, 2025
Podcasts
Coveware Reports Historic Drop in Ransomware Payments: Only 23% of Victims Paid in Q3 2025
October 28, 2025
Podcasts
Firefox Add-Ons Must Declare Data Collection—or Be Rejected
October 28, 2025

Cyber Security News

Cybersecurity
82 Percent of Financial-Services Organizations Suffered a Data Breach in the Last Year
November 6, 2025
Microsoft Store Adds Multi-App Install Support for Easier Windows 11 Deployments
Application Security
Microsoft Store Adds Multi-App Install Support for Easier Windows 11 Deployments
November 6, 2025
Malware Learns to Think Google Warns of AI-Powered Evasive Techniques
Cybersecurity
Malware Learns to Think: Google Warns of AI-Powered Evasive Techniques
November 6, 2025
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
Data Security
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
November 6, 2025
SonicWall Traces 2023 Breach to State-Linked Threat Group Targeting Firewalls
Application Security
SonicWall Traces 2023 Breach to State-Linked Threat Group Targeting Firewalls
November 6, 2025
U.K. Mobile Carriers to Block Number Spoofing in Major Anti-Fraud Network Upgrade
Information Security
U.K. Mobile Carriers to Block Number Spoofing in Major Anti-Fraud Network Upgrade
November 6, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Malware Learns to Think: Google Warns of AI-Powered Evasive Techniques
November 6, 2025
Google has uncovered AI-driven malware capable of mutating its code during execution, evading traditional detection tools. By embedding machine learning models directly into payloads, attackers ...
Gootloader Resurfaces After Hiatus, Leveraging SEO Poisoning to Spread Malware
November 6, 2025
The Gootloader malware gang has resurfaced after months of inactivity, reviving its signature SEO poisoning attacks. By manipulating search results to distribute malicious downloads through ...
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
November 6, 2025
Hyundai AutoEver America is now investigating a data breach that led to unauthorized access to sensitive personal information belonging to employees and contractors. The automotive ...
SonicWall Traces 2023 Breach to State-Linked Threat Group Targeting Firewalls
November 6, 2025
SonicWall has attributed its 2023 security breach to a suspected state-sponsored APT group that accessed firewall configuration backups. While no personal data was exposed, the ...
CISA Warns of Ongoing Exploitation of Critical CentOS Web Panel Flaw
November 6, 2025
CISA has warned of active exploitation of a critical flaw (CVE-2022-44877) in CentOS Web Panel, allowing unauthenticated remote code execution. Administrators are urged to patch ...
U.K. Mobile Carriers to Block Number Spoofing in Major Anti-Fraud Network Upgrade
November 6, 2025
The U.K. is launching a nationwide crackdown on phone scams as major mobile carriers partner with GCHQ to deploy anti-spoofing technology that blocks fake U.K. ...
ALT5 Sigma Pursues Legal Action Following Insider Data Breach
November 6, 2025
ALT5 Sigma Corp has sued a former consultant for unauthorized data access, citing potential operational harm and reinforcing insider threat management as a key governance ...
Italian Newspaper Il Manifesto Exposes Reader Data in Massive Database Leak
November 6, 2025
Il Manifesto exposed millions of user logs and subscriber emails through an unsecured database, revealing politically sensitive reader data and analytics without password protection or ...
SquareX Named SINET16 Innovator for Browser Detection and Response
November 5, 2025
PALO ALTO, Calif., November 5, SquareX, a pioneer in the Browser Detection and Response (BDR) space, announced it has been named a SINET16 Innovator for ...
Rhysida Ransomware Gang Exploits Bing Ads to Spread Malware
November 5, 2025
Rhysida ransomware is spreading malware via malicious Bing ads targeting Microsoft Teams, Zoom, and PuTTY users while abusing code-signing certificates to evade detection and appear ...
Russian Hackers Exploit Hyper-V to Hide Malware in Linux Virtual Machines
November 5, 2025
Russian hackers used Hyper-V to deploy a hidden Linux VM hosting custom malware, bypassing typical endpoint detection and enabling stealthy long-term access in target networks.
Attackers Exploit Critical Plugin Flaw to Hijack Admin Access on 400,000+ WordPress Sites
November 5, 2025
A zero-day flaw in the Post SMTP WordPress plugin—installed on over 400,000 sites—is under active exploitation, allowing attackers to hijack admin accounts via a misconfigured ...
Malicious Android Apps Garner 40 Million Downloads on Google Play, Zscaler Finds
November 4, 2025
Zscaler has uncovered a massive Android malware campaign distributing malicious apps through Google Play, amassing over 40 million downloads. The apps, posing as legitimate tools, ...
Google’s November 2025 Android Security Update Fixes Critical Remote Code Execution Flaw
November 4, 2025
Google’s November 2025 Android security bulletin fixes a critical remote code execution flaw in the Android System component that could allow network-based compromise without user ...
Swedish Privacy Regulator Launches Investigation Into Miljödata Cyberattack
November 4, 2025
Sweden’s privacy watchdog has launched a GDPR investigation into Miljödata after a major breach exposed sensitive health and employment records of 1.5 million people. The ...
Europol Busts €600M Crypto Fraud and Laundering Network
November 4, 2025
Europol has arrested nine suspects accused of running a €600 million cryptocurrency fraud and laundering network spanning multiple countries. The operation, coordinated across Spain and ...
Microsoft Plans to Retire Defender Application Guard for Office by 2027
November 4, 2025
Microsoft will retire Defender Application Guard for Office beginning February 2026, with full end-of-support by December 2027. The move marks a strategic shift toward cloud-based ...
Apache Disputes Akira Ransomware Claims Against OpenOffice Project
November 4, 2025
The Apache Software Foundation has denied claims by the Akira ransomware gang that it breached the Apache OpenOffice project and stole 23GB of data. ASF’s ...
Nikkei Slack Breach Exposes 17,000 Employees’ and Partners’ Data
November 4, 2025
Japanese media giant Nikkei has disclosed a Slack data breach exposing personal information of over 17,000 employees and partners. The incident, discovered in October 2023 ...
Critical React Native NPM Vulnerability Enables Cross-Platform Command Execution
November 4, 2025
A critical flaw in a popular React Native NPM package, CVE-2025-11953, enables arbitrary code execution on Windows, macOS, and Linux, threatening CI/CD pipelines.
Malware Learns to Think: Google Warns of AI-Powered Evasive Techniques
Gootloader Resurfaces After Hiatus, Leveraging SEO Poisoning to Spread Malware
Hyundai AutoEver America Data Breach Exposes Employee and Contractor PII
SonicWall Traces 2023 Breach to State-Linked Threat Group Targeting Firewalls
CISA Warns of Ongoing Exploitation of Critical CentOS Web Panel Flaw
U.K. Mobile Carriers to Block Number Spoofing in Major Anti-Fraud Network Upgrade
ALT5 Sigma Pursues Legal Action Following Insider Data Breach
Italian Newspaper Il Manifesto Exposes Reader Data in Massive Database Leak
SquareX Named SINET16 Innovator for Browser Detection and Response
Rhysida Ransomware Gang Exploits Bing Ads to Spread Malware
Russian Hackers Exploit Hyper-V to Hide Malware in Linux Virtual Machines
Attackers Exploit Critical Plugin Flaw to Hijack Admin Access on 400,000+ WordPress Sites
Malicious Android Apps Garner 40 Million Downloads on Google Play, Zscaler Finds
Google’s November 2025 Android Security Update Fixes Critical Remote Code Execution Flaw
Swedish Privacy Regulator Launches Investigation Into Miljödata Cyberattack
Europol Busts €600M Crypto Fraud and Laundering Network
Microsoft Plans to Retire Defender Application Guard for Office by 2027
Apache Disputes Akira Ransomware Claims Against OpenOffice Project
Nikkei Slack Breach Exposes 17,000 Employees’ and Partners’ Data
Critical React Native NPM Vulnerability Enables Cross-Platform Command Execution