Cyber Security
Cybersecurity
Echo Secures $35 Million Series A Funding to Advance Cybersecurity Tools
In a strategic move to enhance its cybersecurity platform, Echo has successfully raised $35 million in Series A funding. This milestone comes shortly after its ...
Cybersecurity
Verisoul Secures $8.8 Million to Enhance Fraud Prevention Technology
Verisoul has successfully raised $8.8 million in a bid to strengthen its fraud prevention technology. The funding will help enhance product development, boost go-to-market strategies, ...
News
Askul Ransomware Attack Leads to Compromise of 700,000 Records
The e-commerce and logistics firm Askul was targeted by RansomHouse in October, resulting in a data breach impacting 700,000 records, raising cybersecurity concerns.
Endpoint Security
Understanding Ransomware Attacks on Hypervisors: A Growing Threat
Ransomware groups target hypervisors to encrypt many virtual machines simultaneously, exploiting vulnerabilities in virtualized environments. Organizations must understand this evolving threat to protect their digital ...
News
Russian Hackers Shift Focus Toward Exploiting Misconfigurations
State-sponsored Russian threat actors are now targeting misconfigurations in critical infrastructure, moving away from zero-day vulnerabilities. This shift represents a significant change in their strategies ...
Cybersecurity
CISO Communities Provide a Tactical Edge for Cybersecurity Challenges
Closed CISO (Chief Information Security Officer) communities serve as pivotal platforms for secure information exchange, guidance, and support, providing a pressure-free environment away from critical ...
Cybersecurity
PDVSA’s Recent Cyberattack Reveals Vulnerabilities in Export Operations
PDVSA, Venezuela's state-owned oil giant, faced a severe cyberattack disrupting export operations over the weekend. The attack highlights vulnerabilities in the company's cybersecurity infrastructure, casting ...
News
Cryptocurrency Wallet Stealer Found in Malicious NuGet Package Typo
Researchers revealed a NuGet package, "Tracer.Fody.NLog," disguising as a popular .NET library, which concealed a cryptocurrency wallet stealer. Initially published in 2020, it remained undetected ...
Cybersecurity
Amazon’s Operation Disrupts GRU Hackers Targeting Cloud Infrastructure
Amazon's Threat Intelligence team successfully disabled operations related to Russian GRU hackers, focusing on customer cloud infrastructure security and thwarting espionage attempts.
Blog
From Open Source to OpenAI: Navigating the Evolution of Third-Party Risks
Explore how speed-driven development introduces new third-party risks. Understand how threat actors exploit vulnerabilities in open source libraries and AI-driven tools.
Identity and Access Management
AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
A cryptocurrency mining campaign targets AWS customers by exploiting stolen Identity and Access Management credentials. Detected by Amazon's GuardDuty, the attack uses novel persistence techniques ...
Cybersecurity
All I Want for Christmas is All of Your Data: SantaStealer Malware Spreads for the Holidays
A cybercriminal's holiday dream, SantaStealer, a new information-stealing malware, promises undetected operation on systems of high-profile targets, advertised on Telegram for $175 monthly.
Data Security
Texas Attorney General Sues Television Giants Over Data Privacy Concerns
The Texas Attorney General has taken legal action against five major television manufacturers, alleging violation of data privacy. The lawsuit accuses these companies of using ...
Cybersecurity
ECB Decision Causes Costly Delays for Bank of England’s Payment System Overhaul
The European Central Bank's (ECB) 2022 postponement of a new messaging standard forced the Bank of England to delay its payment system launch, incurring £23 ...
Information Security
Cyber Raid on Jaguar Land Rover: August Attack Leads to Theft of Sensitive Information
The August cyber raid on Jaguar Land Rover (JLR) had a dual impact, crippling factory operations and resulting in the theft of sensitive employee payroll ...
Application Security
Google Finds China and Iran Actors Exploiting React2Shell Flaws
Google has reported exploitation of the React2Shell vulnerability by five Chinese threat actor groups and Iranian operatives, aiming to deliver malware. This vulnerability, is becoming ...
CVE Vulnerability Alerts
Atlassian Publishes Security Patches for Critical Vulnerabilities in Multiple Products
Atlassian has released security updates targeting multiple vulnerabilities, including critical-severity issues in products like Apache Tika. One major flaw is an XML External Entity (XXE) ...
CVE Vulnerability Alerts
FreePBX Critical Vulnerability Enables Potential Authentication Bypass
FreePBX, an open-source private branch exchange (PBX) platform, has multiple security vulnerabilities. A critical flaw (CVE-2025-61675) allows authentication bypass under certain configurations.
Data Security
700Credit Data Breach Exposes Sensitive Information of 5.8 Million Individuals
700Credit, a prominent fintech company, reports a significant data breach where sensitive information of 5.8 million individuals has been compromised.
Application Security
Google Chrome Extension With Millions of Users May Be Compromising Privacy
The Urban VPN Proxy, trusted by over 6 million users on Google Chrome, is suspected of covertly harvesting data entered into AI chatbots. The extension ...
TOP CYBERSECURITY HEADLINES
This Week’s Security Spotlight
Identity and Access Management
AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
Understanding Ransomware Attacks on Hypervisors: A Growing Threat
Ransomware groups target hypervisors to encrypt many virtual machines simultaneously, exploiting vulnerabilities in virtualized environments. Organizations must understand this evolving threat to protect their digital ...
Russian Hackers Shift Focus Toward Exploiting Misconfigurations
State-sponsored Russian threat actors are now targeting misconfigurations in critical infrastructure, moving away from zero-day vulnerabilities. This shift represents a significant change in their strategies ...
CISO Communities Provide a Tactical Edge for Cybersecurity Challenges
Closed CISO (Chief Information Security Officer) communities serve as pivotal platforms for secure information exchange, guidance, and support, providing a pressure-free environment away from critical ...
PDVSA’s Recent Cyberattack Reveals Vulnerabilities in Export Operations
PDVSA, Venezuela's state-owned oil giant, faced a severe cyberattack disrupting export operations over the weekend. The attack highlights vulnerabilities in the company's cybersecurity infrastructure, casting ...
Cryptocurrency Wallet Stealer Found in Malicious NuGet Package Typo
Researchers revealed a NuGet package, "Tracer.Fody.NLog," disguising as a popular .NET library, which concealed a cryptocurrency wallet stealer. Initially published in 2020, it remained undetected ...
Amazon’s Operation Disrupts GRU Hackers Targeting Cloud Infrastructure
Amazon's Threat Intelligence team successfully disabled operations related to Russian GRU hackers, focusing on customer cloud infrastructure security and thwarting espionage attempts.
From Open Source to OpenAI: Navigating the Evolution of Third-Party Risks
Explore how speed-driven development introduces new third-party risks. Understand how threat actors exploit vulnerabilities in open source libraries and AI-driven tools.
AWS Customers Targeted in Cryptocurrency Mining Campaign Using Stolen IAM Credentials
A cryptocurrency mining campaign targets AWS customers by exploiting stolen Identity and Access Management credentials. Detected by Amazon's GuardDuty, the attack uses novel persistence techniques ...
All I Want for Christmas is All of Your Data: SantaStealer Malware Spreads for the Holidays
A cybercriminal's holiday dream, SantaStealer, a new information-stealing malware, promises undetected operation on systems of high-profile targets, advertised on Telegram for $175 monthly.
Texas Attorney General Sues Television Giants Over Data Privacy Concerns
The Texas Attorney General has taken legal action against five major television manufacturers, alleging violation of data privacy. The lawsuit accuses these companies of using ...
ECB Decision Causes Costly Delays for Bank of England’s Payment System Overhaul
The European Central Bank's (ECB) 2022 postponement of a new messaging standard forced the Bank of England to delay its payment system launch, incurring £23 ...
Cyber Raid on Jaguar Land Rover: August Attack Leads to Theft of Sensitive Information
The August cyber raid on Jaguar Land Rover (JLR) had a dual impact, crippling factory operations and resulting in the theft of sensitive employee payroll ...
Google Finds China and Iran Actors Exploiting React2Shell Flaws
Google has reported exploitation of the React2Shell vulnerability by five Chinese threat actor groups and Iranian operatives, aiming to deliver malware. This vulnerability, is becoming ...
Atlassian Publishes Security Patches for Critical Vulnerabilities in Multiple Products
Atlassian has released security updates targeting multiple vulnerabilities, including critical-severity issues in products like Apache Tika. One major flaw is an XML External Entity (XXE) ...
FreePBX Critical Vulnerability Enables Potential Authentication Bypass
FreePBX, an open-source private branch exchange (PBX) platform, has multiple security vulnerabilities. A critical flaw (CVE-2025-61675) allows authentication bypass under certain configurations.
700Credit Data Breach Exposes Sensitive Information of 5.8 Million Individuals
700Credit, a prominent fintech company, reports a significant data breach where sensitive information of 5.8 million individuals has been compromised.
Google Chrome Extension With Millions of Users May Be Compromising Privacy
The Urban VPN Proxy, trusted by over 6 million users on Google Chrome, is suspected of covertly harvesting data entered into AI chatbots. The extension ...
Phishing Attacks in 2026: Evolution Beyond Email and Its Implications
In 2025, phishing threats evolved beyond traditional email to include social platforms, browser-based attacks, and malicious search ads. Security teams must now grapple with emerging ...
Militant Groups Experiment With AI, Amplifying Threats
Extremist groups are leveraging AI technologies to enhance their propaganda efforts, according to recent insights. This trend points to a growing challenge in cybersecurity as ...
SoundCloud’s VPN Restrictions Lead to Access Denials for Users
Users attempting to access SoundCloud via VPN connections are encountering a 403 forbidden error, resulting in blocked access to the audio streaming platform. This issue ...