Main Menu
Cyber Security
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
CISA Expands Catalog to Include New Vulnerabilities Exploited by Ransomware Groups
Kimwolf Botnet: A New Threat to Millions of Android Devices
Ledger Breach Due to Global-e Attack Compromises Customer Data
Russia-Aligned Threat Actor UAC-0184 Utilizes Viber to Target Ukrainian Military and Government
Sedgwick Breach Raises Concerns Over Security of Government Data Transfers
Brightspeed Experiences Large-Scale Data Breach Claimed by Crimson Collective
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
AI Agents Emerge as a Significant Challenge for Cybersecurity by 2026
Trump Orders Emcore to Divest Chip Manufacturing Assets
France Probes AI-Generated Sexual Deepfakes Targeting Women and Teens
Adobe ColdFusion Cyberattacks Surge During Holiday Period
British Security Researcher Earns Australia’s Prestigious Visa for Vulnerability Discovery
Ongoing Cryptocurrency Thefts Linked to 2022 LastPass Breach
Netflix Documentary Could Explore Crypto Crime: Part 2 Potential
OFAC Lifts Sanctions on Individuals Linked to Predator Spyware Consortium
Disney Agrees to $10 Million Settlement for COPPA Violations
New Variant of Shai Hulud Malware Found in npm Registry
Unleash Protocol Experiences a $3.9 Million Cryptocurrency Loss
European Space Agency Confirms Breach Impacting Servers with Unclassified Engineering Data
‘Zoom Stealer’ Puts Millions at Risk via Web Extensions on Major Browsers
Critical Vulnerability in SmarterTools SmarterMail Poses Severe Cybersecurity Risk
CISA Orders Federal Agencies to Patch Critical MongoDB Vulnerability Called MongoBleed
A Record Year: Cybersecurity Acquisitions in 2025 Surpass $84 Billion
How Artificial Intelligence is Being Integrated into Security Operations
Mustang Panda’s Novel Kernel-Mode Rootkit Used in Mid-2025 Cyber Attack Analysis
Coupang to Distribute $1.17 Billion in Vouchers Following Data Breach
Renewed Exploitation of FortiOS Two-Factor Authentication Bypass
Generative AI Elevates Active Directory Password Attacks
Identity and Access Management
Generative AI Elevates Active Directory Password Attacks
Andrew Doyle January 7, 2026
Generative AI is revolutionizing password attacks on Active Directory, utilizing advanced algorithms to exploit weak passwords. Specops Software highlights how AI-driven techniques are increasing the ...
Phishers Pose as Booking.com to Compromise European Hotels
News
Phishers Pose as Booking.com to Compromise European Hotels
Mitchell Langley January 7, 2026
In a newly identified cybersecurity threat, attackers are imitating Booking.com to infiltrate European hotels. Employees are manipulated into installing malware under the guise of handling ...
Researchers Trap Scattered Lapsus$ Hunters in Honeypot
News
Researchers Trap Scattered Lapsus$ Hunters in Honeypot
Gabby Lee January 7, 2026
In an effort to better understand new hacking techniques, researchers have deployed honeypots—a deceptive cybersecurity strategy—to lure attackers from the Scattered Lapsus$ group. These controlled ...
Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
Cybersecurity
Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
Andrew Doyle January 7, 2026
A critical flaw in TOTOLINK EX200 allows remote attackers full control. Tracked as CVE-2025-65606, the vulnerability presents significant risks for users.
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
Application Security
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
Mitchell Langley January 7, 2026
Cybersecurity experts have discovered browser extensions that secretly exfiltrate conversations and browsing activities from ChatGPT and DeepSeek, exposing users to potential data compromises. Over 900,000 ...
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
Cybersecurity
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
Gabby Lee January 6, 2026
Google's latest Android security patch addresses the critical Dolby audio decoder vulnerability, CVE-2025-54957, originally discovered in October 2025. The issue was initially resolved in December ...
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
Endpoint Security
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
Andrew Doyle January 6, 2026
Threat actors have been exploiting a command injection vulnerability identified in out-of-support D-Link DSL router models. The flaw allows remote execution of malicious commands, compromising ...
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
Application Security
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
Mitchell Langley January 6, 2026
NordVPN denied allegations of a breach on its Salesforce development servers, clarifying that the accessed data was from a third-party test platform's dummy data.
CISA Expands Catalog to Include New Vulnerabilities Exploited by Ransomware Groups
Cybersecurity
CISA Expands Catalog to Include New Vulnerabilities Exploited by Ransomware Groups
Mitchell Langley January 6, 2026
The CISA KEV catalog now logs 1,484 vulnerabilities, after adding 24 new entries tied to ransomware exploits, signaling significant cybersecurity challenges.
Kimwolf Botnet A New Threat to Millions of Android Devices
Cybersecurity
Kimwolf Botnet: A New Threat to Millions of Android Devices
Gabby Lee January 6, 2026
The Kimwolf botnet has infected more than 2 million Android devices, using residential proxy networks to evade detection. Researchers warn its tactics mirror the Aisuru ...
Ledger Breach Due to Global-e Attack Compromises Customer Data
Data Security
Ledger Breach Due to Global-e Attack Compromises Customer Data
Andrew Doyle January 6, 2026
Ledger informs about data breach from Global-e compromise, affecting customer information and highlighting third-party vulnerabilities.
Russia-Aligned Threat Actor UAC-0184 Utilizes Viber to Target Ukrainian Military and Government
Application Security
Russia-Aligned Threat Actor UAC-0184 Utilizes Viber to Target Ukrainian Military and Government
Gabby Lee January 6, 2026
Russia-aligned threat actor UAC-0184 employs Viber messaging platform, delivering malicious ZIP archives aimed at the Ukrainian military and government sectors, marking persistent intelligence activities in ...
Cybersecurity Operation Snares Former ShinyHunters Member
News
Cybersecurity Operation Snares Former ShinyHunters Member
Andrew Doyle January 6, 2026
The Scattered Lapsus$ Hunters were caught in a cybersecurity sting, resulting in a subpoena for a former ShinyHunters member accused of data theft.
Sedgwick Breach Raises Concerns Over Security of Government Data Transfers
Data Security
Sedgwick Breach Raises Concerns Over Security of Government Data Transfers
Andrew Doyle January 6, 2026
Hackers have targeted a file transfer system used by Sedgwick’s government-focused subsidiary. This breach raises concerns about the security of sensitive data managed by government ...
Brightspeed Experiences Large-Scale Data Breach Claimed by Crimson Collective
Cybersecurity
Brightspeed Experiences Large-Scale Data Breach Claimed by Crimson Collective
Mitchell Langley January 6, 2026
A substantial data breach at Brightspeed has been claimed by the hacking group Crimson Collective. They assert responsibility for stealing personal information from over one ...
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
Information Security
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
Gabby Lee January 6, 2026
The Trump administration has lifted sanctions on three individuals linked to the Intellexa spyware consortium. This consortium is associated with the Predator surveillance tool, leading ...
AI Agents Emerge as a Significant Challenge for Cybersecurity by 2026
Cybersecurity
AI Agents Emerge as a Significant Challenge for Cybersecurity by 2026
Andrew Doyle January 5, 2026
AI agents are anticipated to become a notable insider threat by 2026, requiring firms to modify their security strategies, as a report from Palo Alto ...
ShinyHunters' Strategic Use of Decoy Accounts in Cyber Espionage
News
ShinyHunters’ Strategic Use of Decoy Accounts in Cyber Espionage
Mitchell Langley January 5, 2026
In September 2025, a significant development in the realm of cyber threats emerged with the activities of a hacker group ...
Trump Orders Emcore to Divest Chip Manufacturing Assets
Cybersecurity
Trump Orders Emcore to Divest Chip Manufacturing Assets
Andrew Doyle January 5, 2026
President Trump's recent decision mandates Emcore Corp. to divest its computer chip operation, underscoring a calculated effort to protect U.S. security interests. This article examines ...
France Probes AI-Generated Sexual Deepfakes Targeting Women and Teens
Cybersecurity
France Probes AI-Generated Sexual Deepfakes Targeting Women and Teens
Mitchell Langley January 5, 2026
The French authorities have launched an investigation into AI-generated sexually explicit deepfakes that altered images of hundreds of women and teenagers. Utilizing an AI tool ...
Generative AI Elevates Active Directory Password Attacks
Identity and Access Management
Generative AI Elevates Active Directory Password Attacks
Andrew Doyle January 7, 2026
Ledger Breach Due to Global-e Attack Compromises Customer Data
Data Security
Ledger Breach Due to Global-e Attack Compromises Customer Data
Andrew Doyle January 6, 2026
Ledger Breach Due to Global-e Attack Compromises Customer Data
Data Security
Ledger Breach Due to Global-e Attack Compromises Customer Data
Andrew Doyle January 6, 2026
Gavin Webb's Role in the Takedown of LockBit Ransomware
News
Gavin Webb’s Role in the Takedown of LockBit Ransomware
Gabby Lee January 5, 2026

TOP CYBERSECURITY HEADLINES

Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
Cybersecurity
Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
Application Security
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
Cybersecurity
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
Endpoint Security
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability

This Week’s Security Spotlight

Sedgwick Breach Raises Concerns Over Security of Government Data Transfers
Data Security
Sedgwick Breach Raises Concerns Over Security of Government Data Transfers
Andrew Doyle January 6, 2026
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
Information Security
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
Gabby Lee January 6, 2026
A Record Year Cybersecurity Acquisitions in 2025 Surpass $84 Billion
Cybersecurity
A Record Year: Cybersecurity Acquisitions in 2025 Surpass $84 Billion
Andrew Doyle December 31, 2025
Malicious NPM Package ‘Lotusbail’ Targets WhatsApp Credentials
Application Security
Malicious NPM Package ‘Lotusbail’ Targets WhatsApp Credentials
Gabby Lee December 28, 2025
More In News
Trending
Grubhub Users Face Sophisticated Phishing Scam Promising Bitcoin Payouts
Feds Seize Database Targeting $28 Million Bank Account Theft
Arrests in Nigeria Reveal Cyberattack Links to Raccoon0365 and Microsoft 365
Phishing Attacks by Operation ForumTroll in Russia: A Closer Look at October 2025 Campaign

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Palo Alto Networks Uncovers 194,000-Domain Smishing Campaign Linked to “Smishing Triad”
October 28, 2025
Podcasts
Coveware Reports Historic Drop in Ransomware Payments: Only 23% of Victims Paid in Q3 2025
October 28, 2025
Podcasts
Firefox Add-Ons Must Declare Data Collection—or Be Rejected
October 28, 2025

Cyber Security News

Generative AI Elevates Active Directory Password Attacks
Identity and Access Management
Generative AI Elevates Active Directory Password Attacks
January 7, 2026
Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
Cybersecurity
Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
January 7, 2026
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
Application Security
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
January 7, 2026
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
Cybersecurity
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
January 6, 2026
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
Endpoint Security
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
January 6, 2026
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
Application Security
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
January 6, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
January 7, 2026
A critical flaw in TOTOLINK EX200 allows remote attackers full control. Tracked as CVE-2025-65606, the vulnerability presents significant risks for users.
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
January 7, 2026
Cybersecurity experts have discovered browser extensions that secretly exfiltrate conversations and browsing activities from ChatGPT and DeepSeek, exposing users to potential data compromises. Over 900,000 ...
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
January 6, 2026
Google's latest Android security patch addresses the critical Dolby audio decoder vulnerability, CVE-2025-54957, originally discovered in October 2025. The issue was initially resolved in December ...
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
January 6, 2026
Threat actors have been exploiting a command injection vulnerability identified in out-of-support D-Link DSL router models. The flaw allows remote execution of malicious commands, compromising ...
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
January 6, 2026
NordVPN denied allegations of a breach on its Salesforce development servers, clarifying that the accessed data was from a third-party test platform's dummy data.
CISA Expands Catalog to Include New Vulnerabilities Exploited by Ransomware Groups
January 6, 2026
The CISA KEV catalog now logs 1,484 vulnerabilities, after adding 24 new entries tied to ransomware exploits, signaling significant cybersecurity challenges.
Kimwolf Botnet: A New Threat to Millions of Android Devices
January 6, 2026
The Kimwolf botnet has infected more than 2 million Android devices, using residential proxy networks to evade detection. Researchers warn its tactics mirror the Aisuru ...
Ledger Breach Due to Global-e Attack Compromises Customer Data
January 6, 2026
Ledger informs about data breach from Global-e compromise, affecting customer information and highlighting third-party vulnerabilities.
Russia-Aligned Threat Actor UAC-0184 Utilizes Viber to Target Ukrainian Military and Government
January 6, 2026
Russia-aligned threat actor UAC-0184 employs Viber messaging platform, delivering malicious ZIP archives aimed at the Ukrainian military and government sectors, marking persistent intelligence activities in ...
Cybersecurity Operation Snares Former ShinyHunters Member
January 6, 2026
The Scattered Lapsus$ Hunters were caught in a cybersecurity sting, resulting in a subpoena for a former ShinyHunters member accused of data theft.
Sedgwick Breach Raises Concerns Over Security of Government Data Transfers
January 6, 2026
Hackers have targeted a file transfer system used by Sedgwick’s government-focused subsidiary. This breach raises concerns about the security of sensitive data managed by government ...
Brightspeed Experiences Large-Scale Data Breach Claimed by Crimson Collective
January 6, 2026
A substantial data breach at Brightspeed has been claimed by the hacking group Crimson Collective. They assert responsibility for stealing personal information from over one ...
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
January 6, 2026
The Trump administration has lifted sanctions on three individuals linked to the Intellexa spyware consortium. This consortium is associated with the Predator surveillance tool, leading ...
AI Agents Emerge as a Significant Challenge for Cybersecurity by 2026
January 5, 2026
AI agents are anticipated to become a notable insider threat by 2026, requiring firms to modify their security strategies, as a report from Palo Alto ...
ShinyHunters’ Strategic Use of Decoy Accounts in Cyber Espionage
January 5, 2026
In September 2025, a significant development in the realm of cyber threats emerged with the activities of a hacker group known as the “ShinyHunters” or ...
Trump Orders Emcore to Divest Chip Manufacturing Assets
January 5, 2026
President Trump's recent decision mandates Emcore Corp. to divest its computer chip operation, underscoring a calculated effort to protect U.S. security interests. This article examines ...
France Probes AI-Generated Sexual Deepfakes Targeting Women and Teens
January 5, 2026
The French authorities have launched an investigation into AI-generated sexually explicit deepfakes that altered images of hundreds of women and teenagers. Utilizing an AI tool ...
Adobe ColdFusion Cyberattacks Surge During Holiday Period
January 5, 2026
GreyNoise detected a significant surge in attack attempts targeting Adobe ColdFusion vulnerabilities over Christmas 2025, revealing a coordinated effort exploiting multiple vulnerabilities in ColdFusion servers.
Phishing Campaign Targets Users with Google Cloud Application Exploitation
January 5, 2026
Recent phishing operations exploit Google Cloud Application Integration, sending fake Google emails that deceive users into trusting malicious messages.
Two US Cybersecurity Professionals Admit Guilt in Ransomware Schemes
January 5, 2026
Ryan Goldberg and Kevin Martin, two American cybersecurity professionals, have confessed to being affiliates of the notorious BlackCat/Alphv ransomware group. This revelation poses significant implications ...
Unpatched Vulnerability in TOTOLINK EX200 Puts Devices at Risk
Chrome Extensions Compromise Privacy by Exfiltrating ChatGPT and DeepSeek Conversations
Android’s January 2026 Update Patches Critical Dolby Audio Decoder Vulnerability
D-Link Routers Face New Threat as Attackers Exploit Legacy Vulnerability
NordVPN Denies Salesforce Server Breach Claims, Clarifying Access to Dummy Data
CISA Expands Catalog to Include New Vulnerabilities Exploited by Ransomware Groups
Kimwolf Botnet: A New Threat to Millions of Android Devices
Ledger Breach Due to Global-e Attack Compromises Customer Data
Russia-Aligned Threat Actor UAC-0184 Utilizes Viber to Target Ukrainian Military and Government
Cybersecurity Operation Snares Former ShinyHunters Member
Sedgwick Breach Raises Concerns Over Security of Government Data Transfers
Brightspeed Experiences Large-Scale Data Breach Claimed by Crimson Collective
The Trump Administration Lifts Sanctions With Implications for Spyware Distribution
AI Agents Emerge as a Significant Challenge for Cybersecurity by 2026
ShinyHunters’ Strategic Use of Decoy Accounts in Cyber Espionage
Trump Orders Emcore to Divest Chip Manufacturing Assets
France Probes AI-Generated Sexual Deepfakes Targeting Women and Teens
Adobe ColdFusion Cyberattacks Surge During Holiday Period
Phishing Campaign Targets Users with Google Cloud Application Exploitation
Two US Cybersecurity Professionals Admit Guilt in Ransomware Schemes