Main Menu
Cyber Security
Klopatra Android RAT Masquerades as IPTV and VPN App, Drains Banking Devices across Europe
Allianz Life Confirms July Breach Exposed SSNs for Nearly 1.5 Million People
Axonius Identities Review 2025: Unified IAM, Governance & Security
11 Types of Social Engineering Attacks and How to Prevent Them
Cain and Abel: The Classic Cybersecurity Tool for Password Recovery and Network Testing
UK Government Backs Jaguar Land Rover With £1.5 Billion Loan Guarantee After Cyberattack
Harrods Suffers New Data Breach Exposing 430,000 Customer Records
Friends of NRA Posts Mailing List Online, Exposing Nearly 10,000 Supporter Records
How to Enable Kernel-mode Hardware-Enforced Stack Protection in Windows 11
Medusa Ransomware Claims Comcast Data Haul; $1.2M Extortion Demand Posted
Spacecom Breach Claims Questioned Amid Hacktivist Group’s Bold Assertions
Asahi Group Suspends Operations After Cyberattack Disrupts Japanese Headquarters
WestJet Notifies U.S. Travelers After June Data Breach
Microsoft Warns of New XCSSET macOS Malware Variant Targeting Xcode Devs
Maryland Department of Transportation Confirms Data Loss in Rhysida Ransomware Attack
Co-Op Reports $107 Million Loss After Scattered Spider Cyberattack
Texas Compliance Vendor Exposes 40K+ Sensitive DOT Records in S3 Leak
ICO Fines U.K. Energy Firms £550K for Unlawful Robo Marketing Calls
UK Arrests Suspect in Ransomware Attack That Disrupted European Airports
Dark Web Monitoring Guide for CISOs: Turning Shadows into Signals
Legislative Shifts in Cybersecurity: Analyzing the Impact of EU and UK Cyber Laws
Cisco ASA 5500-X Devices Under Attack: U.S. CISA Issues Emergency Directive
Teen Suspect in Scattered Spider Casino Hacks Allegedly Holds $1.8M Bitcoin
AI-Driven Zero-Day Attacks: Preparing for the Autonomous Cyber Threat Era
Black Arrow Cyber Threat Intelligence Briefing: Analyzing Emerging Attack Vectors
Congress Struggles to Renew Cyber Threat Sharing Act Amid Rising Cybersecurity Concerns
Brickstorm Backdoor Used Espionage Campaign Against U.S. Tech
GitHub Notifications Abused to Impersonate Y Combinator for Crypto Theft
Interpol Operation HAECHI VI Recovers $439 Million From Global Cybercrime Networks
China Mandates 1-Hour Cybersecurity Incident Reporting Under New CAC Rules
WestJet Data Breach Exposes Passports and IDs for 1.2 Million Customers
Cybersecurity
WestJet Data Breach Exposes Passports and IDs for 1.2 Million Customers
Andrew Doyle October 2, 2025
WestJet confirmed a June cyberattack exposed passports, IDs, and travel records of 1.2 million customers. The airline is notifying victims and offering two years of ...
Sendit Sued by FTC for Alleged Illegal Collection of Children’s Data
Cybersecurity
Sendit Sued by FTC for Alleged Illegal Collection of Children’s Data
Mitchell Langley October 2, 2025
The FTC referred a complaint alleging Sendit collected children’s personal data without parental consent and used deceptive subscription practices, prompting a DoJ referral and potential ...
China Tightens Cyber Rules, Forcing One-Hour Reporting for Major Incidents
Cybersecurity
China Tightens Cyber Rules, Forcing One-Hour Reporting for Major Incidents
Syed Arslan October 2, 2025
China’s Cyberspace Administration will require operators to report major cyber incidents within 60 minutes, or 30 minutes for severe events, with penalties for concealment or ...
Klopatra Android RAT Masquerades as IPTV and VPN App, Drains Banking Devices across Europe
Cybersecurity
Klopatra Android RAT Masquerades as IPTV and VPN App, Drains Banking Devices across Europe
Gabby Lee October 2, 2025
Klopatra, disguised as an IPTV/VPN app, uses Accessibility abuse and a black-screen VNC to capture credentials and remotely drain over 3,000 Android devices across Europe.
Allianz Life Confirms July Breach Exposed SSNs for Nearly 1.5 Million People
Cybersecurity
Allianz Life Confirms July Breach Exposed SSNs for Nearly 1.5 Million People
Andrew Doyle October 2, 2025
Allianz Life confirmed a July CRM compromise exposed names, addresses, dates of birth and Social Security numbers for 1,497,036 people and offered two years of ...
Axonius Identities Review 2025 Unified IAM, Governance & Security
Identity and Access Management
Axonius Identities Review 2025: Unified IAM, Governance & Security
Mitchell Langley October 1, 2025
Axonius Identities delivers unified identity governance, lifecycle automation, and identity security posture for both human and non-human identities across complex enterprise environments, with actionable policy ...
11 Types of Social Engineering Attacks and How to Prevent Them
Blog
11 Types of Social Engineering Attacks and How to Prevent Them
Andrew Doyle October 1, 2025
This detailed guide explores eleven prevalent social engineering attack types, explaining their mechanisms and offering practical preventative measures for individuals and organizations. Understand the psychology ...
Cain and Abel The Classic Cybersecurity Tool for Password Recovery and Network Testing
Application Security
Cain and Abel: The Classic Cybersecurity Tool for Password Recovery and Network Testing
Andrew Doyle October 1, 2025
Cain and Abel is a powerful password recovery and penetration testing tool. Learn its features, uses, risks, and best practices for ethical cybersecurity operations.
UK Government Backs Jaguar Land Rover With £1.5 Billion Loan Guarantee After Cyberattack
Cybersecurity
UK Government Backs Jaguar Land Rover With £1.5 Billion Loan Guarantee After Cyberattack
Andrew Doyle October 1, 2025
The UK guaranteed £1.5bn to stabilise JLR after a major cyberattack; phased restart underway as forensic work, supplier relief and insurance clarity continue.
Harrods Suffers New Data Breach Exposing 430,000 Customer Records
Cybersecurity
Harrods Suffers New Data Breach Exposing 430,000 Customer Records
Mitchell Langley September 30, 2025
A third-party compromise exposed 430,000 Harrods customer records; names, contacts and marketing tags were leaked—customers should expect increased phishing risk and follow protective guidance.
Friends of NRA Posts Mailing List Online, Exposing Nearly 10,000 Supporter Records
Cybersecurity
Friends of NRA Posts Mailing List Online, Exposing Nearly 10,000 Supporter Records
Gabby Lee September 30, 2025
A 2018 Friends of NRA mailing list containing nearly 10,000 names and addresses was indexed publicly; removal, compliance assessment, and data-handling reforms are now urgent ...
How to Enable Kernel-mode Hardware-Enforced Stack Protection in Windows 11
Application Security
How to Enable Kernel-mode Hardware-Enforced Stack Protection in Windows 11
Andrew Doyle September 30, 2025
Enable Kernel-mode Hardware-enforced Stack Protection in Windows 11
Medusa Ransomware Claims Comcast Data Haul; $1.2M Extortion Demand Posted
Cybersecurity
Medusa Ransomware Claims Comcast Data Haul; $1.2M Extortion Demand Posted
Mitchell Langley September 30, 2025
Medusa claims 834.4GB exfiltration from Comcast and demands $1.2M; companies should preserve evidence, hunt IOCs, validate backups, and coordinate with CISA/FBI guidance.
Spacecom Breach Claims Questioned Amid Hacktivist Group’s Bold Assertions
Cybersecurity
Spacecom Breach Claims Questioned Amid Hacktivist Group’s Bold Assertions
Gabby Lee September 30, 2025
Hacktivist group Handala claimed a major Spacecom breach, but researchers found limited evidence. Analysts warn of social engineering risks and rising hacktivist campaigns targeting critical ...
Asahi Group Suspends Operations After Cyberattack Disrupts Japanese Headquarters
Cybersecurity
Asahi Group Suspends Operations After Cyberattack Disrupts Japanese Headquarters
Andrew Doyle September 30, 2025
Asahi has suspended orders, shipments and customer services in Japan after a cyberattack; investigation continues into whether systems were encrypted or sensitive data were exfiltrated.
WestJet Notifies U.S. Travelers After June Data Breach
Cybersecurity
WestJet Notifies U.S. Travelers After June Data Breach
Gabby Lee September 30, 2025
WestJet warns some passenger and loyalty data were accessed in a June intrusion; travelers should monitor accounts, enable MFA, and watch for phishing or identity-fraud ...
Microsoft Warns of New XCSSET macOS Malware Variant Targeting Xcode Devs
Application Security
Microsoft Warns of New XCSSET macOS Malware Variant Targeting Xcode Devs
Andrew Doyle September 30, 2025
Microsoft detects a new XCSSET variant targeting Xcode projects with clipboard hijacking, Firefox data theft, and LaunchDaemon persistence—inspect builds, patch systems, and harden CI pipelines.
Maryland Department of Transportation Confirms Data Loss in Rhysida Ransomware Attack
Cybersecurity
Maryland Department of Transportation Confirms Data Loss in Rhysida Ransomware Attack
Mitchell Langley September 30, 2025
Rhysida claims to have stolen MDOT employee IDs and background checks and demands 30 BTC; MDOT confirms data loss while investigators and responders work to ...
Co-Op Reports $107 Million Loss After Scattered Spider Cyberattack
Cybersecurity
Co-Op Reports $107 Million Loss After Scattered Spider Cyberattack
Gabby Lee September 30, 2025
The Co-operative Group has disclosed over $100 million in profit losses from the April 2025 Scattered Spider cyberattack. The breach caused £206 million in lost ...
Texas Compliance Vendor Exposes 40K+ Sensitive DOT Records in S3 Leak
Cybersecurity
Texas Compliance Vendor Exposes 40K+ Sensitive DOT Records in S3 Leak
Andrew Doyle September 30, 2025
Misconfigured S3 storage exposed 18,000 Social Security cards and 23,000 driver licenses tied to AJT Compliance’s DOT SHIELD, putting Texas truckers at high risk of ...
WestJet Data Breach Exposes Passports and IDs for 1.2 Million Customers
Cybersecurity
WestJet Data Breach Exposes Passports and IDs for 1.2 Million Customers
Andrew Doyle October 2, 2025
11 Types of Social Engineering Attacks and How to Prevent Them
Blog
11 Types of Social Engineering Attacks and How to Prevent Them
Andrew Doyle October 1, 2025
Clarins Listed by Everest Ransomware Gang on Dark Web Post
Cybersecurity
Clarins Listed by Everest Ransomware Gang on Dark Web Post
Mitchell Langley September 23, 2025
Maryland’s Paratransit Ransomware Strike Cyberattack Disrupts Disabled Transit Services
News
Maryland’s Paratransit Ransomware Strike: Cyberattack Disrupts Disabled Transit Services
Mitchell Langley September 2, 2025

TOP CYBERSECURITY HEADLINES

Klopatra Android RAT Masquerades as IPTV and VPN App, Drains Banking Devices across Europe
Cybersecurity
Klopatra Android RAT Masquerades as IPTV and VPN App, Drains Banking Devices across Europe
Allianz Life Confirms July Breach Exposed SSNs for Nearly 1.5 Million People
Cybersecurity
Allianz Life Confirms July Breach Exposed SSNs for Nearly 1.5 Million People
UK Government Backs Jaguar Land Rover With £1.5 Billion Loan Guarantee After Cyberattack
Cybersecurity
UK Government Backs Jaguar Land Rover With £1.5 Billion Loan Guarantee After Cyberattack
Harrods Suffers New Data Breach Exposing 430,000 Customer Records
Cybersecurity
Harrods Suffers New Data Breach Exposing 430,000 Customer Records

This Week’s Security Spotlight

Harrods Suffers New Data Breach Exposing 430,000 Customer Records
Cybersecurity
Harrods Suffers New Data Breach Exposing 430,000 Customer Records
Mitchell Langley September 30, 2025
Congress Struggles to Renew Cyber Threat Sharing Act Amid Rising Cybersecurity Concerns
Cybersecurity
Congress Struggles to Renew Cyber Threat Sharing Act Amid Rising Cybersecurity Concerns
Mitchell Langley September 25, 2025
VMScape Attack Bypasses Hypervisor Isolation on AMD and Intel CPUs
Cybersecurity
VMScape Attack Bypasses Hypervisor Isolation on AMD and Intel CPUs
Mitchell Langley September 23, 2025
UK Arrests Scattered Spider Teens Linked to TfL Cyberattack
Cybersecurity
UK Arrests Scattered Spider Teens Linked to TfL Cyberattack
Andrew Doyle September 23, 2025
More In News
Trending
UpCrypter Phishing Campaign Exploits Fake Emails to Deliver RAT Payloads
Deepfake Vishing Incidents Surge by 170% in Q2 2025
ClickFix Phishing Campaign Targets Booking.com Using Infostealers and RATs
Darcula PhaaS 3.0 Auto-Generates Phishing Kits for Any Brand

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Broadcom Patches VMware Zero-Day: CVE-2025-41244 Exploited by China-Linked UNC5174
October 1, 2025
Podcasts
Seven Years, £5.5 Billion, 128,000 Victims – The Case of Yadi Zhang
October 1, 2025
Podcasts
Cisco ASA/FTD Flaws Under Siege: 50,000 Devices at Risk from Active Exploits
October 1, 2025

Cyber Security News

WestJet Data Breach Exposes Passports and IDs for 1.2 Million Customers
Cybersecurity
WestJet Data Breach Exposes Passports and IDs for 1.2 Million Customers
October 2, 2025
Sendit Sued by FTC for Alleged Illegal Collection of Children’s Data
Cybersecurity
Sendit Sued by FTC for Alleged Illegal Collection of Children’s Data
October 2, 2025
China Tightens Cyber Rules, Forcing One-Hour Reporting for Major Incidents
Cybersecurity
China Tightens Cyber Rules, Forcing One-Hour Reporting for Major Incidents
October 2, 2025
Klopatra Android RAT Masquerades as IPTV and VPN App, Drains Banking Devices across Europe
Cybersecurity
Klopatra Android RAT Masquerades as IPTV and VPN App, Drains Banking Devices across Europe
October 2, 2025
Allianz Life Confirms July Breach Exposed SSNs for Nearly 1.5 Million People
Cybersecurity
Allianz Life Confirms July Breach Exposed SSNs for Nearly 1.5 Million People
October 2, 2025
Axonius Identities Review 2025 Unified IAM, Governance & Security
Identity and Access Management
Axonius Identities Review 2025: Unified IAM, Governance & Security
October 1, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Detection Tools
Klopatra Android RAT Masquerades as IPTV and VPN App, Drains Banking Devices across Europe
October 2, 2025
Klopatra, disguised as an IPTV/VPN app, uses Accessibility abuse and a black-screen VNC to capture credentials and remotely drain over 3,000 Android devices across Europe.
Allianz Life Confirms July Breach Exposed SSNs for Nearly 1.5 Million People
October 2, 2025
Allianz Life confirmed a July CRM compromise exposed names, addresses, dates of birth and Social Security numbers for 1,497,036 people and offered two years of ...
FTC vs. Sendit: Lawsuit Alleges Data Theft, Fake Messages, and Subscription Traps
October 1, 2025
The Federal Trade Commission (FTC) has filed a high-profile lawsuit against Sendit, a social media companion app popular among teenagers, and its CEO. The case ...
Broadcom Patches VMware Zero-Day: CVE-2025-41244 Exploited by China-Linked UNC5174
October 1, 2025
Broadcom has released a critical security update addressing six vulnerabilities across VMware products, including four rated high-severity. At the center of the update is CVE-2025-41244, ...
Seven Years, £5.5 Billion, 128,000 Victims – The Case of Yadi Zhang
October 1, 2025
In a historic case that has captured global attention, UK authorities have secured a conviction against Zhimin Qian (also known as Yadi Zhang), the Chinese ...
Axonius Identities Review 2025: Unified IAM, Governance & Security
October 1, 2025
Axonius Identities delivers unified identity governance, lifecycle automation, and identity security posture for both human and non-human identities across complex enterprise environments, with actionable policy ...
11 Types of Social Engineering Attacks and How to Prevent Them
October 1, 2025
This detailed guide explores eleven prevalent social engineering attack types, explaining their mechanisms and offering practical preventative measures for individuals and organizations. Understand the psychology ...
Cisco ASA/FTD Flaws Under Siege: 50,000 Devices at Risk from Active Exploits
October 1, 2025
Two newly disclosed critical vulnerabilities—CVE-2025-20333 and CVE-2025-20362—are wreaking havoc across the global cybersecurity landscape, with nearly 50,000 Cisco ASA and FTD appliances actively under threat. ...
Cain and Abel: The Classic Cybersecurity Tool for Password Recovery and Network Testing
October 1, 2025
Cain and Abel is a powerful password recovery and penetration testing tool. Learn its features, uses, risks, and best practices for ethical cybersecurity operations.
MatrixPDF: The New Phishing Toolkit That Turns Safe PDFs into Cyber Weapons
October 1, 2025
A new cybercrime toolkit called MatrixPDF is changing the phishing landscape by weaponizing one of the most trusted file formats: PDFs. Marketed on cybercrime forums ...
UK Government Backs Jaguar Land Rover With £1.5 Billion Loan Guarantee After Cyberattack
October 1, 2025
The UK guaranteed £1.5bn to stabilise JLR after a major cyberattack; phased restart underway as forensic work, supplier relief and insurance clarity continue.
Harrods Suffers New Data Breach Exposing 430,000 Customer Records
September 30, 2025
A third-party compromise exposed 430,000 Harrods customer records; names, contacts and marketing tags were leaked—customers should expect increased phishing risk and follow protective guidance.
Friends of NRA Posts Mailing List Online, Exposing Nearly 10,000 Supporter Records
September 30, 2025
A 2018 Friends of NRA mailing list containing nearly 10,000 names and addresses was indexed publicly; removal, compliance assessment, and data-handling reforms are now urgent ...
Asahi Brewery Cyberattack Halts Domestic Operations Across Japan
September 30, 2025
Asahi Group Holdings, Ltd.—the brewer behind some of the world’s most iconic beers, including Peroni and Grolsch—has been hit by a crippling cyberattack that froze ...
Akira Ransomware Exploits SonicWall Flaw with Record-Breaking Speed
September 30, 2025
The Akira ransomware group has once again raised the stakes in cybercrime by exploiting a critical SonicWall vulnerability—CVE-2024-40766—to infiltrate corporate networks through SSL VPN accounts, ...
Ex-Hacktivist “Sabu” Backs SafeHill’s $2.6M Bet on Continuous Threat Management
September 30, 2025
A new cybersecurity startup with an infamous name attached is making headlines. SafeHill—formerly known as Tacticly—has secured $2.6 million in pre-seed funding to accelerate the ...
How to Enable Kernel-mode Hardware-Enforced Stack Protection in Windows 11
September 30, 2025
Enable Kernel-mode Hardware-enforced Stack Protection in Windows 11
Medusa Ransomware Claims Comcast Data Haul; $1.2M Extortion Demand Posted
September 30, 2025
Medusa claims 834.4GB exfiltration from Comcast and demands $1.2M; companies should preserve evidence, hunt IOCs, validate backups, and coordinate with CISA/FBI guidance.
Spacecom Breach Claims Questioned Amid Hacktivist Group’s Bold Assertions
September 30, 2025
Hacktivist group Handala claimed a major Spacecom breach, but researchers found limited evidence. Analysts warn of social engineering risks and rising hacktivist campaigns targeting critical ...
Asahi Group Suspends Operations After Cyberattack Disrupts Japanese Headquarters
September 30, 2025
Asahi has suspended orders, shipments and customer services in Japan after a cyberattack; investigation continues into whether systems were encrypted or sensitive data were exfiltrated.
Klopatra Android RAT Masquerades as IPTV and VPN App, Drains Banking Devices across Europe
Allianz Life Confirms July Breach Exposed SSNs for Nearly 1.5 Million People
FTC vs. Sendit: Lawsuit Alleges Data Theft, Fake Messages, and Subscription Traps
Broadcom Patches VMware Zero-Day: CVE-2025-41244 Exploited by China-Linked UNC5174
Seven Years, £5.5 Billion, 128,000 Victims – The Case of Yadi Zhang
Axonius Identities Review 2025: Unified IAM, Governance & Security
11 Types of Social Engineering Attacks and How to Prevent Them
Cisco ASA/FTD Flaws Under Siege: 50,000 Devices at Risk from Active Exploits
Cain and Abel: The Classic Cybersecurity Tool for Password Recovery and Network Testing
MatrixPDF: The New Phishing Toolkit That Turns Safe PDFs into Cyber Weapons
UK Government Backs Jaguar Land Rover With £1.5 Billion Loan Guarantee After Cyberattack
Harrods Suffers New Data Breach Exposing 430,000 Customer Records
Friends of NRA Posts Mailing List Online, Exposing Nearly 10,000 Supporter Records
Asahi Brewery Cyberattack Halts Domestic Operations Across Japan
Akira Ransomware Exploits SonicWall Flaw with Record-Breaking Speed
Ex-Hacktivist “Sabu” Backs SafeHill’s $2.6M Bet on Continuous Threat Management
How to Enable Kernel-mode Hardware-Enforced Stack Protection in Windows 11
Medusa Ransomware Claims Comcast Data Haul; $1.2M Extortion Demand Posted
Spacecom Breach Claims Questioned Amid Hacktivist Group’s Bold Assertions
Asahi Group Suspends Operations After Cyberattack Disrupts Japanese Headquarters