Cyber Security
Cybersecurity
Critical Vulnerability in JavaScript Cryptography Library Poses Security Risk
A flaw in 'node-forge,' a widely-used cryptography library, allows attackers to craft valid-looking data, bypassing signature verification. Regular updates are recommended for mitigation.
Network Security
ShadowV2 Botnet Malware Exploits IoT Vulnerabilities in D-Link and TP-Link Devices
The ShadowV2, a new Mirai-based botnet, threatens IoT security by exploiting known vulnerabilities in devices from D-Link, TP-Link, and other vendors.
Data Security
Comcast’s $1.5 Million Settlement in Data Breach Incident with FCC
Comcast agrees to pay a $1.5 million fine to the Federal Communications Commission after a data breach by a vendor affected nearly 275,000 customers. The ...
Cybersecurity
RomCom Malware Exploits SocGholish to Deliver Mythic Agent
A U.S. civil engineering firm's security was compromised by RomCom malware in September 2025. Researchers at Arctic Wolf Labs discovered the attack's intricacies, including the ...
Cybersecurity
Second Wave of Shai-Hulud Supply Chain Attack Expands to Maven Ecosystem
The Shai-Hulud supply chain attack has advanced to the Maven ecosystem, compromising over 830 packages in the npm registry. It has now been linked to ...
Cybersecurity
ShadowV2 Botnet: A Test Run Amidst AWS Outage
ShadowV2, a Mirai-based botnet, exploited last October's AWS outage to infect IoT devices worldwide. Experts at Fortinet highlight this event as potentially laying the groundwork ...
Cybersecurity
South Korea’s Financial Sector Confronts a Sophisticated Supply Chain Attack
South Korea's financial sector has recently been hit by a sophisticated supply chain attack involving the deployment of Qilin ransomware. The attack showcases a combination ...
Cybersecurity
CodeRED Emergency Alert System Cyberattack Leaves US Regions Vulnerable
CodeRED's emergency alert system in several US towns faces a severe interruption following a cyberattack on its provider. Authorities grapple with communication difficulties amidst a ...
Identity and Access Management
Microsoft Alerts Users About FIDO2 Security Keys PIN Issue After Recent Windows Updates
Recent Windows updates have led to unexpected PIN prompts for users utilizing FIDO2 security keys. Microsoft identifies the issue affecting user sign-in and provides a ...
Cybersecurity
London Councils Face Cyberattack: Resident Data Potentially Compromised
Multiple London councils, including Kensington & Chelsea and Westminster, are grappling with a cyberattack that potentially compromised resident data. Authorities have launched an investigation, notifying ...
Cybersecurity
GSMA Warns of Rising Cybersecurity Costs Amid Fragmented Regulations
As mobile operators face evolving cyber threats, the GSMA emphasizes that fragmented and poorly designed laws increase compliance costs without effectively enhancing network security. By ...
Cybersecurity
Gainsight Data Breach: Company Downplays Impact
Gainsight CEO Chuck Ganapathi addressed a recent security breach involving their app integration with Salesforce, emphasizing that only a limited number of customers were impacted. ...
Cybersecurity
HashJack Attack Unveils a New Cybersecurity Vulnerability
HashJack is a newly discovered threat exploiting AI browser assistants by concealing harmful prompts in URLs, bypassing usual defenses. Cato Networks has labeled this method ...
Cybersecurity
AI Agent Security Firm Vijil Secures $17 Million to Enhance Platform
Vijil has announced securing $17 million to advance its AI-based cybersecurity platform. This funding aims to bolster the resilience and accelerate the deployment of its ...
Cybersecurity
Tor Introduces Counter Galois Onion Encryption for Improved Security
Tor has replaced its existing Tor1 relay encryption algorithm with the new Counter Galois Onion encryption design, offering enhanced security for circuit traffic. The update ...
Cybersecurity
Microsoft Exchange Online Outage: Customer Access Disrupted
Customers using Outlook desktop client face access issues as Microsoft investigates Exchange Online service outage. The disruption affects user experience, specifically for those relying on ...
Data Security
Delta Dental of Virginia Incident Exposes Personal and Health Information
Delta Dental of Virginia experienced a major data breach impacting 146,000 customers. Personal and health data, including Social Security numbers and ID numbers, were compromised ...
Cybersecurity
Vulnerabilities in Fluent Bit Cloud Logging Tool Pose Significant Security Risks
A series of vulnerabilities in Fluent Bit, a widely used open-source log collection tool, has raised significant security concerns. The vulnerabilities have left open doors ...
Data Security
SitusAMC Admits to Data Breach Impacting Client Information
SitusAMC revealed a data breach incident affecting customer data. The company provides services to top banks and lenders, making the event noteworthy for the financial ...
Cybersecurity
Amazon Web Services Confronts Service Failures: What Went Wrong and Lessons Learned
Amazon Web Services (AWS) recently made a groundbreaking move by admitting their mistakes and discontinuing services that failed to meet expectations. Delving into this decision ...
Cybersecurity
ShadowV2 Botnet: A Test Run Amidst AWS Outage
TOP CYBERSECURITY HEADLINES
Cybersecurity
ShadowV2 Botnet: A Test Run Amidst AWS Outage
This Week’s Security Spotlight
Data Security
Harvard Experiences Data Breach via Vishing Attack
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
RomCom Malware Exploits SocGholish to Deliver Mythic Agent
A U.S. civil engineering firm's security was compromised by RomCom malware in September 2025. Researchers at Arctic Wolf Labs discovered the attack's intricacies, including the ...
Second Wave of Shai-Hulud Supply Chain Attack Expands to Maven Ecosystem
The Shai-Hulud supply chain attack has advanced to the Maven ecosystem, compromising over 830 packages in the npm registry. It has now been linked to ...
ShadowV2 Botnet: A Test Run Amidst AWS Outage
ShadowV2, a Mirai-based botnet, exploited last October's AWS outage to infect IoT devices worldwide. Experts at Fortinet highlight this event as potentially laying the groundwork ...
South Korea’s Financial Sector Confronts a Sophisticated Supply Chain Attack
South Korea's financial sector has recently been hit by a sophisticated supply chain attack involving the deployment of Qilin ransomware. The attack showcases a combination ...
CodeRED Emergency Alert System Cyberattack Leaves US Regions Vulnerable
CodeRED's emergency alert system in several US towns faces a severe interruption following a cyberattack on its provider. Authorities grapple with communication difficulties amidst a ...
Microsoft Alerts Users About FIDO2 Security Keys PIN Issue After Recent Windows Updates
Recent Windows updates have led to unexpected PIN prompts for users utilizing FIDO2 security keys. Microsoft identifies the issue affecting user sign-in and provides a ...
London Councils Face Cyberattack: Resident Data Potentially Compromised
Multiple London councils, including Kensington & Chelsea and Westminster, are grappling with a cyberattack that potentially compromised resident data. Authorities have launched an investigation, notifying ...
GSMA Warns of Rising Cybersecurity Costs Amid Fragmented Regulations
As mobile operators face evolving cyber threats, the GSMA emphasizes that fragmented and poorly designed laws increase compliance costs without effectively enhancing network security. By ...
Gainsight Data Breach: Company Downplays Impact
Gainsight CEO Chuck Ganapathi addressed a recent security breach involving their app integration with Salesforce, emphasizing that only a limited number of customers were impacted. ...
HashJack Attack Unveils a New Cybersecurity Vulnerability
HashJack is a newly discovered threat exploiting AI browser assistants by concealing harmful prompts in URLs, bypassing usual defenses. Cato Networks has labeled this method ...
AI Agent Security Firm Vijil Secures $17 Million to Enhance Platform
Vijil has announced securing $17 million to advance its AI-based cybersecurity platform. This funding aims to bolster the resilience and accelerate the deployment of its ...
Tor Introduces Counter Galois Onion Encryption for Improved Security
Tor has replaced its existing Tor1 relay encryption algorithm with the new Counter Galois Onion encryption design, offering enhanced security for circuit traffic. The update ...
Microsoft Exchange Online Outage: Customer Access Disrupted
Customers using Outlook desktop client face access issues as Microsoft investigates Exchange Online service outage. The disruption affects user experience, specifically for those relying on ...
Delta Dental of Virginia Incident Exposes Personal and Health Information
Delta Dental of Virginia experienced a major data breach impacting 146,000 customers. Personal and health data, including Social Security numbers and ID numbers, were compromised ...
Vulnerabilities in Fluent Bit Cloud Logging Tool Pose Significant Security Risks
A series of vulnerabilities in Fluent Bit, a widely used open-source log collection tool, has raised significant security concerns. The vulnerabilities have left open doors ...
SitusAMC Admits to Data Breach Impacting Client Information
SitusAMC revealed a data breach incident affecting customer data. The company provides services to top banks and lenders, making the event noteworthy for the financial ...
Amazon Web Services Confronts Service Failures: What Went Wrong and Lessons Learned
Amazon Web Services (AWS) recently made a groundbreaking move by admitting their mistakes and discontinuing services that failed to meet expectations. Delving into this decision ...
Defensive Strategies Against New ClickFix Ransomware Tactics
ClickFix ransomware now employs deceptive Windows Update animations to mislead users. This article explores the ClickFix attack evolution, detection innovations, and proactive user protection strategies ...
ClickFix Attacks Use Poisoned PNG Files to Deliver Malicious Code
A novel ClickFix attack method leverages fake Windows update prompts and malformed PNG files to deploy infostealer malware. This campaign seeks to exploit user trust ...
Harvard Experiences Data Breach via Vishing Attack
Harvard's Alumni Affairs systems fell victim to a sophisticated vishing attack, compromising sensitive data such as emails, phone numbers, and biographical details. This breach highlights ...