Cyber Security
Cybersecurity
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Syed Arslan
April 23, 2025
Varonis researchers reveal Cookie-Bite, a proof-of-concept Chrome extension attack that steals Azure Entra ID session cookies to bypass MFA and access Microsoft 365 services.
News
SK Telecom Malware Incident Targets USIM Customer Data
Andrew Doyle
April 23, 2025
SK Telecom has disclosed a malware attack that exposed sensitive USIM data, prompting swift containment, investigation, and enhanced security measures for its 34 million subscribers. ...
News
Baltimore City Public Schools Data Breach Impacts 25,000 Individuals After Ransomware Attack
Mitchell Langley
April 23, 2025
Baltimore City Public Schools confirms 25,000 people were impacted by a February ransomware attack that exposed sensitive employee and student information, including identification documents.
News
Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
Andrew Doyle
April 23, 2025
A zero-day flaw in Active! Mail is under active exploitation in Japan, affecting major providers and exposing data across enterprise, education, and government sectors.
Cybersecurity
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
Mitchell Langley
April 22, 2025
The Scallywag ad fraud network used WordPress plugins to generate 1.4 billion daily ad requests, monetizing piracy and redirect sites before being dismantled.
Cybersecurity
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Gabby Lee
April 22, 2025
The FBI warns of a scam where criminals impersonate IC3 officials, targeting prior fraud victims with false promises of fund recovery to steal financial information. ...
News
Abilene, Texas Shuts Down City Systems Following Cyberattack
Mitchell Langley
April 22, 2025
Abilene, Texas has taken key systems offline after a cyberattack. City services are disrupted but emergency response remains intact. Investigation and recovery efforts continue.
News
Google Confirms Sophisticated Phishing Attack Targeting Gmail Users Through DKIM and OAuth Abuse
Mitchell Langley
April 22, 2025
Google confirms a phishing campaign targeting Gmail users that abused DKIM and Google Sites to send spoofed legal requests and steal user credentials undetected.
News
Imaflex Inc. Data Breach Exposes Personal and Employment Data
Andrew Doyle
April 22, 2025
Imaflex Inc. Data Breach Exposes Personal and Employment Data: Legal Investigation Underway Imaflex Inc. has disclosed a data breach that exposed sensitive personal and employment-related ...
Cybersecurity Newsletter
This Week In Cybersecurity: March 3rd to 7th, 2025
Gabby Lee
April 21, 2025
This Week in Cybersecurity: Data Breaches, Ransomware, Threat Actors, Ransomware Protection and more!
Ransomware
Ransomware Victims on Dark Web – 04th March, 2025
Gabby Lee
April 21, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
News
MGM Resorts to Pay $45 Million in Data Breach Settlement Covering 2019 and 2023 Incidents
Mitchell Langley
April 21, 2025
MGM Resorts will pay $45 million to settle a lawsuit over data breaches in 2019 and 2023, offering up to $75 per affected individual.
News
Attackers Abuse Google OAuth in Sophisticated DKIM Replay Phishing Scheme
Andrew Doyle
April 21, 2025
Attackers exploited Google’s OAuth and DKIM signing process to send phishing emails that appeared authentic, bypassing traditional security checks and targeting unsuspecting recipients.
News
New Android Malware ‘SuperCard X’ Enables NFC Relay Attacks for Payment Card Theft
Mitchell Langley
April 21, 2025
A new Android malware called SuperCard X enables NFC relay attacks by stealing card data via fake banking support calls and emulating it on attacker ...
News
State-Backed Threat Actors Adopt ClickFix Social Engineering in Espionage Campaigns
Andrew Doyle
April 21, 2025
State-backed hackers from North Korea, Iran, and Russia are now using ClickFix, a social engineering method that tricks users into manually executing malware payloads.
News
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
Andrew Doyle
April 21, 2025
Interlock ransomware operators now use ClickFix attacks with fake IT tools to deploy malware, exfiltrate data, and encrypt systems, targeting corporate environments through social engineering. ...
News
Critical Security Flaw in Asus AiCloud Routers Prompts Urgent Firmware Update
Mitchell Langley
April 21, 2025
Asus urges immediate firmware updates after a critical security flaw in AiCloud routers is discovered, allowing unauthorized function execution via crafted remote requests.
Cybersecurity Newsletter
This Week In Cybersecurity: 14th April to 18th April
Andrew Doyle
April 18, 2025
Sure! Here's a 25-word excerpt summarizing the entire newsletter: **Widespread service outages, ransomware attacks, zero-day exploits, and data breaches impacted major platforms including Jira, Binance, ...
News
Ahold Delhaize Data Breach Confirmed After INC Ransomware Claims Responsibility
Andrew Doyle
April 18, 2025
Ahold Delhaize confirms data theft from U.S. systems after INC Ransom's cyberattack. Investigation continues as stolen files appear on a dark web extortion site.
News
Legends International Confirms Data Breach Following Cyberattack in November 2024
Mitchell Langley
April 18, 2025
Legends International disclosed a data breach affecting venue visitors and employees after a November 2024 cyberattack. The breach involved unauthorized access and data exfiltration.
News
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
Andrew Doyle
April 21, 2025
TOP CYBERSECURITY HEADLINES
SECURITYWEEK INDUSTRY EXPERTS
Cybersecurity
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Syed Arslan
April 23, 2025
News
Baltimore City Public Schools Data Breach Impacts 25,000 Individuals After Ransomware Attack
Mitchell Langley
April 23, 2025
News
Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
Andrew Doyle
April 23, 2025
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Threat Actors
- Threat Detection Tools
- Uncategorized
Active! Mail Zero-Day RCE Vulnerability Exploited in Ongoing Attacks on Japanese Organizations
April 23, 2025
A zero-day flaw in Active! Mail is under active exploitation in Japan, affecting major providers and exposing data across enterprise, education, and government sectors.
The Second Scam: FBI Warns of IC3 Impersonators Targeting Fraud Victims
April 22, 2025
The FBI has issued a stark warning about a growing scam targeting individuals who’ve already been victimized. In this episode, we unpack how fraudsters are ...
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
April 22, 2025
The Scallywag ad fraud network used WordPress plugins to generate 1.4 billion daily ad requests, monetizing piracy and redirect sites before being dismantled.
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
April 22, 2025
The FBI warns of a scam where criminals impersonate IC3 officials, targeting prior fraud victims with false promises of fund recovery to steal financial information. ...
Abilene, Texas Shuts Down City Systems Following Cyberattack
April 22, 2025
Abilene, Texas has taken key systems offline after a cyberattack. City services are disrupted but emergency response remains intact. Investigation and recovery efforts continue.
Imaflex Inc. Data Breach Exposes Personal and Employment Data
April 22, 2025
Imaflex Inc. Data Breach Exposes Personal and Employment Data: Legal Investigation Underway Imaflex Inc. has disclosed a data breach that exposed sensitive personal and employment-related ...
Google Confirms Sophisticated Phishing Attack Targeting Gmail Users Through DKIM and OAuth Abuse
April 22, 2025
Google confirms a phishing campaign targeting Gmail users that abused DKIM and Google Sites to send spoofed legal requests and steal user credentials undetected.
Evil Corp (UNC2165): The Russian Syndicate Behind Global Cyber Chaos
April 22, 2025
Evil Corp, a prolific Russian cybercrime syndicate, deploys sophisticated malware and ransomware, targeting diverse sectors globally, including healthcare and finance, for financial gain and potential ...
This Week In Cybersecurity: March 3rd to 7th, 2025
April 21, 2025
This Week in Cybersecurity: Data Breaches, Ransomware, Threat Actors, Ransomware Protection and more!
Ransomware Victims on Dark Web – 10th March, 2025
April 21, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Ransomware Victims on Dark Web – 04th March, 2025
April 21, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Ransomware Victims on Dark Web – 05th March, 2025
April 21, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Ransomware Victims on Dark Web – 06th March, 2025
April 21, 2025
This report summarizes recent ransomware attacks across various sectors, detailing the victims, threat actors, and available information on the incidents. Due to the nature of ...
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
April 21, 2025
Secure your Remote Desktop Protocol (RDP) with these essential tips. Learn how to mitigate risks and protect your systems from cyberattacks targeting RDP vulnerabilities.
Attackers Abuse Google OAuth in Sophisticated DKIM Replay Phishing Scheme
April 21, 2025
Attackers exploited Google’s OAuth and DKIM signing process to send phishing emails that appeared authentic, bypassing traditional security checks and targeting unsuspecting recipients.
MGM Resorts to Pay $45 Million in Data Breach Settlement Covering 2019 and 2023 Incidents
April 21, 2025
MGM Resorts will pay $45 million to settle a lawsuit over data breaches in 2019 and 2023, offering up to $75 per affected individual.
State-Backed Threat Actors Adopt ClickFix Social Engineering in Espionage Campaigns
April 21, 2025
State-backed hackers from North Korea, Iran, and Russia are now using ClickFix, a social engineering method that tricks users into manually executing malware payloads.
New Android Malware ‘SuperCard X’ Enables NFC Relay Attacks for Payment Card Theft
April 21, 2025
A new Android malware called SuperCard X enables NFC relay attacks by stealing card data via fake banking support calls and emulating it on attacker ...
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
April 21, 2025
Interlock ransomware operators now use ClickFix attacks with fake IT tools to deploy malware, exfiltrate data, and encrypt systems, targeting corporate environments through social engineering. ...
Critical Security Flaw in Asus AiCloud Routers Prompts Urgent Firmware Update
April 21, 2025
Asus urges immediate firmware updates after a critical security flaw in AiCloud routers is discovered, allowing unauthorized function execution via crafted remote requests.