Cyber Security
News
U.S. and Indonesian Authorities Dismantle the Global Phishing Platform “W3LL”
The FBI and Indonesian authorities have dismantled the global phishing platform "W3LL" and arrested its alleged creator in the first joint enforcement...
News
Phony Root Certificate Scheme Puts Open Source Developers at Risk
Cyber attackers use Google-hosted pages to trick open source developers with fake credentials and take control.
Cybersecurity
Information Theft Revolutionized: No Local Decryption in This Security Threat
Storm infostealer bypasses local decryption in browsers, hijacks sessions and passwords.
Application Security
Booking.com Confirms Unauthorized Access Compromising User Data
Unauthorized access at Booking.com exposes user and reservation data, raising cybersecurity concerns.
Application Security
LinkedIn’s Browser Extension Draws Corporate Espionage Allegations
Examination of allegations linking LinkedIn's browser extension to corporate espionage conducted by Microsoft.
Application Security
OpenAI Responds to Supply Chain Attack Affecting macOS Security
OpenAI confronts potential compromise of macOS code signing certificate due to North Korean-linked Axios supply chain attack.
Cybersecurity
Juniper Networks Addresses Critical Junos OS Vulnerabilities
Remote exploitation of Junos OS flaw could lead to device takeover.
Application Security
GlassWorm Campaign Deploys New Zig Dropper to Target Developer IDEs
New Zig dropper in GlassWorm campaign targets IDEs, posing threats to developers.
News
LucidRook Malware Targets Taiwanese Universities and NGOs
Exploration of LucidRook, a Lua-based malware targeting NGOs and universities in Taiwan linked to UAT-10362.
Cybersecurity
UK Government Seeks Public Input on Radiofrequency Jammers to Shape Upcoming Legislation
Public views are invited on radiofrequency jammers to help shape laws targeting cybercrime devices.
Cybersecurity
$100 Million AI Initiative Targets Hidden Vulnerabilities in Open Source Software
Discover how $100 million in AI resources are being deployed to detect critical vulnerabilities in open source software through Project Glasswing.
Application Security
AI Browser Extensions Pose a Hidden Risk to Network Security
Exploring the overlooked risks AI browser extensions pose to network security.
Application Security
Critical Marimo Vulnerability Is Now Being Actively Exploited for Credential Theft
Marimo faces a severe RCE vulnerability allowing credential theft. Immediate action is crucial.
Cybersecurity
Cybercriminals Target Venice’s Flood Control Systems, Exposing Dangerous Gaps in Urban Security
Hackers have infiltrated Venice's crucial San Marco flood defenses, revealing vulnerabilities in operational technology.
CVE Vulnerability Alerts
Adobe Addresses Critical Flaw in Acrobat Reader with Emergency Updates
Adobe releases emergency patches to fix a critical flaw in Acrobat Reader actively exploited in the wild, CVE-2026-34621.
Application Security
Emerging Threats in Malware: Recent Developments in Software Vulnerabilities
New malicious npm packages, deceptive LNK files, and compromised servers illustrate evolving malware tactics.
Cybersecurity
U.S. Cybersecurity Agencies Warn of Rising Threats From Exposed Rockwell Automation PLCs
U.S. cybersecurity agencies warn of Iran-linked APTs exploiting exposed Rockwell PLCs, urging swift disconnection.
Application Security
CPUID Website Was Briefly Compromised to Spread Remote Access Trojan
Threat actors compromised the CPUID site for less than 24 hours, deploying a remote access trojan.
Cybersecurity
Atomic Stealer Exploits Script Editor in a New Attack Targeting macOS Users
Atomic Stealer malware targets macOS users, using Script Editor in campaigns exploiting ClickFix attack variations.
Cybersecurity
Chaos Malware Expands Its Reach to Cloud Deployments
Chaos malware is now targeting misconfigured cloud systems, moving beyond just routers and edge gear.
TOP CYBERSECURITY HEADLINES
Application Security
Booking.com Confirms Unauthorized Access Compromising User Data
Application Security
LinkedIn’s Browser Extension Draws Corporate Espionage Allegations
Application Security
OpenAI Responds to Supply Chain Attack Affecting macOS Security
This Week’s Security Spotlight
Application Security
OpenAI Responds to Supply Chain Attack Affecting macOS Security
Application Security
New Bypass Technique Bypasses Apple’s AI Safeguards
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
Booking.com Confirms Unauthorized Access Compromising User Data
Unauthorized access at Booking.com exposes user and reservation data, raising cybersecurity concerns.
LinkedIn’s Browser Extension Draws Corporate Espionage Allegations
Examination of allegations linking LinkedIn's browser extension to corporate espionage conducted by Microsoft.
OpenAI Responds to Supply Chain Attack Affecting macOS Security
OpenAI confronts potential compromise of macOS code signing certificate due to North Korean-linked Axios supply chain attack.
Juniper Networks Addresses Critical Junos OS Vulnerabilities
Remote exploitation of Junos OS flaw could lead to device takeover.
GlassWorm Campaign Deploys New Zig Dropper to Target Developer IDEs
New Zig dropper in GlassWorm campaign targets IDEs, posing threats to developers.
LucidRook Malware Targets Taiwanese Universities and NGOs
Exploration of LucidRook, a Lua-based malware targeting NGOs and universities in Taiwan linked to UAT-10362.
UK Government Seeks Public Input on Radiofrequency Jammers to Shape Upcoming Legislation
Public views are invited on radiofrequency jammers to help shape laws targeting cybercrime devices.
$100 Million AI Initiative Targets Hidden Vulnerabilities in Open Source Software
Discover how $100 million in AI resources are being deployed to detect critical vulnerabilities in open source software through Project Glasswing.
AI Browser Extensions Pose a Hidden Risk to Network Security
Exploring the overlooked risks AI browser extensions pose to network security.
Critical Marimo Vulnerability Is Now Being Actively Exploited for Credential Theft
Marimo faces a severe RCE vulnerability allowing credential theft. Immediate action is crucial.
Cybercriminals Target Venice’s Flood Control Systems, Exposing Dangerous Gaps in Urban Security
Hackers have infiltrated Venice's crucial San Marco flood defenses, revealing vulnerabilities in operational technology.
Adobe Addresses Critical Flaw in Acrobat Reader with Emergency Updates
Adobe releases emergency patches to fix a critical flaw in Acrobat Reader actively exploited in the wild, CVE-2026-34621.
Emerging Threats in Malware: Recent Developments in Software Vulnerabilities
New malicious npm packages, deceptive LNK files, and compromised servers illustrate evolving malware tactics.
U.S. Cybersecurity Agencies Warn of Rising Threats From Exposed Rockwell Automation PLCs
U.S. cybersecurity agencies warn of Iran-linked APTs exploiting exposed Rockwell PLCs, urging swift disconnection.
CPUID Website Was Briefly Compromised to Spread Remote Access Trojan
Threat actors compromised the CPUID site for less than 24 hours, deploying a remote access trojan.
Atomic Stealer Exploits Script Editor in a New Attack Targeting macOS Users
Atomic Stealer malware targets macOS users, using Script Editor in campaigns exploiting ClickFix attack variations.
Chaos Malware Expands Its Reach to Cloud Deployments
Chaos malware is now targeting misconfigured cloud systems, moving beyond just routers and edge gear.
APT28 Deploys PRISMEX Malware Against Ukraine and Its Allies
Russian APT28 exploits spear-phishing in Ukraine with a novel malware, PRISMEX, harnessing advanced steganography and COM hijacking.
Seven Vulnerabilities Patched in OpenSSL, Several Enabling DoS Attacks
OpenSSL patches seven vulnerabilities, with several posing serious Denial of Service attack risks alongside a notable data leakage flaw.
U.S. Agencies Given Four Days to Patch Critical Ivanti EPMM Vulnerability
CISA mandates U.S. agencies to patch critical Ivanti EPMM vulnerability within four days as active exploitation continues.