Cyber Security
Cybersecurity
Apple Warns Users of Sophisticated Spyware Attacks Across Multiple Countries
Apple has warned users in over 150 countries of mercenary spyware attacks using zero-days and zero-click exploits, urging Lockdown Mode and emergency security assistance.
Cybersecurity
Microsoft to Roll Out Built-In Link Warnings for Teams Chats
Microsoft will roll out real-time malicious link warnings for Teams chats in September 2025, adding another security layer to protect enterprise users from phishing and ...
Cybersecurity
National Cyber Director Pushes for Aggressive Cyber Strategy to Shift Risk to Adversaries
National Cyber Director Sean Cairncross calls for a unified cyber strategy, urging CISA 2015 reauthorization, IT modernization, and stronger deterrence measures to shift risk onto ...
Cybersecurity
U.S. Sanctions Southeast Asian Cybercrime Networks That Stole $10 Billion from Americans
The U.S. Treasury sanctioned 19 Southeast Asian cybercrime networks tied to forced labor, trafficking, and scams that stole over $10 billion from Americans in 2024.
Cybersecurity
Temu Fined $2 Million for INFORM Consumers Act Violations
Temu will pay $2 million to settle FTC and DoJ claims it violated the INFORM Consumers Act by failing to disclose seller details and suspicious ...
Cybersecurity
NSW Health Data Breach Exposes Personal and Professional Records Of Nearly 600 Doctors
A major data privacy lapse has rattled the New South Wales (NSW) health system after confidential records of nearly 600 ...
Cybersecurity
Threat Actor Upgrades Docker API Attacks, Moves Toward Botnet Development
Attackers targeting exposed Docker APIs have upgraded their tools, enabling persistent access, lateral movement, and self-replication—laying the groundwork for a potential large-scale botnet campaign.
Cybersecurity
Dynatrace Confirms Customer Data Exposure in Salesforce Supply Chain Breach
Dynatrace confirmed customer data exposure in the Salesforce supply chain breach via Salesloft Drift, joining Cloudflare, Google, and others hit by the Scattered LapSus$ Hunters ...
Cybersecurity
Wealthsimple Data Breach Exposes Government IDs in Third-Party Attack
Wealthsimple confirmed a third-party data breach exposing account numbers, government IDs, and SINs of 30,000 clients. No funds stolen, but identity theft risks remain significant.
Cybersecurity
External Attack Surface Management: CISO’s Guide to Mitigating Risk Before It Strikes
External Attack Surface Management gives CISOs continuous visibility into internet-facing assets, prioritizes risks by context, and enables proactive remediation—shrinking exposure before attackers exploit vulnerabilities.
Cybersecurity
Salesloft Data Breach Exposes 700 Companies Through OAuth Token Attack
A major security breach at Salesloft has compromised sensitive information from more than 700 companies, marking one of the largest ...
Cybersecurity
U.S. Charges Ukrainian National for Administering Ransomware
The U.S. charged Ukrainian national Volodymyr Tymoshchuk for administering LockerGoga, MegaCortex, and Nefilim ransomware, linked to hundreds of corporate breaches and millions in damages worldwide.
Cybersecurity
Doctors Outraged After NSW Health Department Leaks Personal and Professional Data
NSW Health exposed passports, medical credentials, and IDs of nearly 600 doctors, sparking outrage and raising serious risks of identity theft, fraud, and professional impersonation.
Cybersecurity
Salt Typhoon Breach Exposes U.S. Telecom Wiretap Systems
Chinese-linked APT group Salt Typhoon infiltrated major U.S. telecom providers in 2024, compromising surveillance systems and metadata from millions of users. The breach exposed lawful ...
Cybersecurity
China Is Blurring the Lines Between Civilian AI and Military Power
China is merging civilian AI with military applications. Everyday tools like drones and voice apps are being leveraged by the PLA, according to a CSET ...
Cybersecurity
Rose Acre Farms Targeted in Alleged Lynx Ransomware Attack
Rose Acre Farms, America’s second-largest egg producer, was allegedly hit by Lynx ransomware, with attackers claiming encrypted data in a breach that threatens food supply ...
Cybersecurity
Lovesac Confirms Data Breach Following Ransomware Attack
Lovesac confirmed a ransomware-linked data breach impacting personal information. Attackers accessed systems in February 2025, with stolen data linked to the RansomHub ransomware group’s extortion ...
Cybersecurity
GhostAction Supply Chain Attack on GitHub Exposes 3,325 Secrets
The GhostAction supply chain attack on GitHub compromised 3,325 secrets, including npm, PyPI, AWS, and GitHub tokens, after attackers injected malicious workflows into 817 repositories.
Cybersecurity
Qantas Airways Reduces CEO’s Bonus Following July Data Breach
Qantas Airways reduced CEO Vanessa Hudson’s pay by $250,000 following a July cyber attack that exposed 4.5 million customer records, reflecting leadership accountability and strengthened ...
Cybersecurity
This Week In Cybersecurity: September 1–5, 2025
News Stories Jaguar Land Rover Cyberattack Severely Disrupts Production Systems Taken Offline Jaguar Land Rover halted operations after a cyberattack ...
TOP CYBERSECURITY HEADLINES
This Week’s Security Spotlight
Cybersecurity
This Week In Cybersecurity: September 1–5, 2025
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Detection Tools
U.S. Sanctions Southeast Asian Cybercrime Networks That Stole $10 Billion from Americans
The U.S. Treasury sanctioned 19 Southeast Asian cybercrime networks tied to forced labor, trafficking, and scams that stole over $10 billion from Americans in 2024.
Temu Fined $2 Million for INFORM Consumers Act Violations
Temu will pay $2 million to settle FTC and DoJ claims it violated the INFORM Consumers Act by failing to disclose seller details and suspicious ...
Threat Actor Upgrades Docker API Attacks, Moves Toward Botnet Development
Attackers targeting exposed Docker APIs have upgraded their tools, enabling persistent access, lateral movement, and self-replication—laying the groundwork for a potential large-scale botnet campaign.
NSW Health Data Breach Exposes Personal and Professional Records Of Nearly 600 Doctors
A major data privacy lapse has rattled the New South Wales (NSW) health system after confidential records of nearly 600 medical staff — including 67 ...
Wealthsimple Data Breach Exposes Government IDs in Third-Party Attack
Wealthsimple confirmed a third-party data breach exposing account numbers, government IDs, and SINs of 30,000 clients. No funds stolen, but identity theft risks remain significant.
Dynatrace Confirms Customer Data Exposure in Salesforce Supply Chain Breach
Dynatrace confirmed customer data exposure in the Salesforce supply chain breach via Salesloft Drift, joining Cloudflare, Google, and others hit by the Scattered LapSus$ Hunters ...
External Attack Surface Management: CISO’s Guide to Mitigating Risk Before It Strikes
External Attack Surface Management gives CISOs continuous visibility into internet-facing assets, prioritizes risks by context, and enables proactive remediation—shrinking exposure before attackers exploit vulnerabilities.
Salesloft Data Breach Exposes 700 Companies Through OAuth Token Attack
A major security breach at Salesloft has compromised sensitive information from more than 700 companies, marking one of the largest enterprise incidents linked to OAuth ...
U.S. Charges Ukrainian National for Administering Ransomware
The U.S. charged Ukrainian national Volodymyr Tymoshchuk for administering LockerGoga, MegaCortex, and Nefilim ransomware, linked to hundreds of corporate breaches and millions in damages worldwide.
Doctors Outraged After NSW Health Department Leaks Personal and Professional Data
NSW Health exposed passports, medical credentials, and IDs of nearly 600 doctors, sparking outrage and raising serious risks of identity theft, fraud, and professional impersonation.
Salt Typhoon Breach Exposes U.S. Telecom Wiretap Systems
Chinese-linked APT group Salt Typhoon infiltrated major U.S. telecom providers in 2024, compromising surveillance systems and metadata from millions of users. The breach exposed lawful ...
China Is Blurring the Lines Between Civilian AI and Military Power
China is merging civilian AI with military applications. Everyday tools like drones and voice apps are being leveraged by the PLA, according to a CSET ...
Rose Acre Farms Targeted in Alleged Lynx Ransomware Attack
Rose Acre Farms, America’s second-largest egg producer, was allegedly hit by Lynx ransomware, with attackers claiming encrypted data in a breach that threatens food supply ...
Lovesac Confirms Data Breach Following Ransomware Attack
Lovesac confirmed a ransomware-linked data breach impacting personal information. Attackers accessed systems in February 2025, with stolen data linked to the RansomHub ransomware group’s extortion ...
GhostAction Supply Chain Attack on GitHub Exposes 3,325 Secrets
The GhostAction supply chain attack on GitHub compromised 3,325 secrets, including npm, PyPI, AWS, and GitHub tokens, after attackers injected malicious workflows into 817 repositories.
Qantas Airways Reduces CEO’s Bonus Following July Data Breach
Qantas Airways reduced CEO Vanessa Hudson’s pay by $250,000 following a July cyber attack that exposed 4.5 million customer records, reflecting leadership accountability and strengthened ...
The “s1ngularity” Attack: How Hackers Hijacked Nx and Leaked Thousands of Repositories
In late August 2025, the open-source software ecosystem was rocked by a sophisticated two-phase supply chain attack, now known as “s1ngularity.” The incident began when ...
Canadian Investment Giant Wealthsimple Hit by Vendor Compromise
Wealthsimple, one of Canada’s largest online investment platforms, has confirmed a data breach that exposed the sensitive information of fewer than 1% of its three ...
FireCompass Raises $20M to Scale AI-Powered Offensive Security
In a year when cybercrime is projected to cost the world over $10.5 trillion, FireCompass has emerged as one of the most closely watched AI-driven ...
CVE-2025-42957: Active Exploits Target SAP S/4HANA Systems
A newly uncovered critical vulnerability, tracked as CVE-2025-42957, is sending shockwaves through the enterprise technology world. Affecting all SAP S/4HANA deployments, both on-premise and in ...