Main Menu
Cyber Security
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
The Truth About Identity Attacks: How to Protect Your Business and Data
CISA Warns of Ongoing Cyber Threats to U.S. Oil and Gas Infrastructure
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
The Rising Tide of Supply Chain Cybersecurity Risks in 2025
Fighting AI with AI: Using Artificial Intelligence to Strengthen Enterprise Cybersecurity
27 Million Records Allegedly Leaked from French Retailer Boulanger
13 Cybersecurity Assumptions That Are Getting You Hacked (And What to Do Instead)
Navigating the Complex Intersection of AI and Data Privacy
Cookie-Bite Attack Uses Chrome Extension to Steal Microsoft Session Tokens and Bypass MFA
Ad Fraud Operation ‘Scallywag’ Used WordPress Plugins to Generate 1.4 Billion Daily Ad Requests
FBI Warns of IC3 Impersonation Scam Targeting Victims of Online Fraud
Remote Desktop Protocol (RDP): A Double-Edged Sword for IT Teams
Google Faces £5 Billion UK Antitrust Lawsuit Over Search Advertising Practices
Skyward Specialty Insurance Data Breach Exposes Sensitive Information
Hacker Forum ‘Cracked’ Resurfaces Online After FBI Seizure in Global Cybercrime Operation
Wolters Kluwer Data Breach Claim Raises Alarms Across Fortune 500 Network
Fall River Public Schools Responds to Cybersecurity Breach
COBIT 2019 vs. COBIT 5: What’s New and Why It Matters
The Soaring Cost of Data Breaches for Enterprise Businesses in 2024
ChatGPT is Down Worldwide Impacting Millions
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
10 Key Benefits of Cyber Tabletop Exercises
Network Security in a Digital World: Understanding and Mitigating Risks
WhatsApp Patches Zero-Day Flaw Exploited by Paragon Spyware
The Mirai Botnet: The Infamous DDoS Weapon
Compliance Isn’t Security: Why a Checklist Alone Won’t Stop Cyberattacks
Outsourcing Cybersecurity Could Save Your Company Millions – Here’s How
CISA Warns of Craft CMS Code Injection Flaw
The North Face Discloses April Credential Stuffing Attack Impacting Customer Accounts
News
The North Face Discloses April Credential Stuffing Attack Impacting Customer Accounts
Mitchell Langley June 3, 2025
The North Face has confirmed a credential stuffing attack in April, exposing customer data including names, addresses, and emails. Payment information remains unaffected.
Nokota Packers Targeted in Ransomware Attack by Emerging J Group Gang
News
Nokota Packers Targeted in Ransomware Attack by Emerging J Group Gang
Andrew Doyle June 3, 2025
North Dakota-based Nokota Packers has reportedly suffered a ransomware attack by the J Group gang, with hackers claiming to have stolen 50GB of sensitive data. ...
Stormous Ransomware Gang Claims Volkswagen Hack Without Proof
News
Stormous Ransomware Gang Claims Volkswagen Hack Without Proof
Mitchell Langley June 3, 2025
Stormous ransomware gang claims a breach at Volkswagen, but provides no sample data. Researchers find no evidence yet of compromised systems or stolen information.
Cartier Confirms Customer Data Exposure Following Cybersecurity Breach
News
Cartier Confirms Customer Data Exposure Following Cybersecurity Breach
Andrew Doyle June 3, 2025
Cartier has confirmed a cyberattack that exposed limited customer data, including names and email addresses. Sensitive financial and login information was not compromised.
Russian Market Becomes Leading Hub for Stolen Credentials from Info-Stealer Malware
News
Russian Market Becomes Leading Hub for Stolen Credentials from Info-Stealer Malware
Mitchell Langley June 3, 2025
The Russian Market has surged in popularity as a major cybercrime marketplace, offering stolen credentials harvested by info-stealer malware like Lumma and Acreed.
Remote Code Execution Flaw in vBulletin Forum Software Under Active Exploitation
News
Remote Code Execution Flaw in vBulletin Forum Software Under Active Exploitation
Mitchell Langley June 1, 2025
Two critical vBulletin vulnerabilities, actively exploited in the wild, allow attackers to execute code remotely by abusing template logic and PHP’s Reflection API.
Cisco IOS XE Wireless LAN Controller Vulnerability Exposes Enterprises to Remote Code Execution Risks
News
Cisco IOS XE Wireless LAN Controller Vulnerability Exposes Enterprises to Remote Code Execution Risks
Andrew Doyle June 1, 2025
Exploit details for a critical Cisco IOS XE Wireless LAN Controller vulnerability (CVE-2025-20188) are now public, raising urgent concerns about remote code execution risks.
Germany Identifies TrickBot and Conti Ransomware Ringleader as Vitaly Kovalev
News
Germany Identifies TrickBot and Conti Ransomware Ringleader as Vitaly Kovalev
Mitchell Langley June 1, 2025
Germany has named Vitaly Kovalev, aka "Stern," as the leader of the Conti ransomware and TrickBot gangs in a major breakthrough tied to Operation Endgame. ...
Latrodectus Malware Infected Over 44,000 IPs Before Operation Endgame Takedown
News
Latrodectus Malware Infected Over 44,000 IPs Before Operation Endgame Takedown
Andrew Doyle June 1, 2025
Latrodectus malware infected over 44,000 IP addresses before Operation Endgame's global takedown, with Shadowserver warning of critical ongoing threats across infected systems.
Kaiser Permanente Recovers from Widespread Network Outage That Disrupted Patient Services Nationwide
News
Kaiser Permanente Recovers from Widespread Network Outage That Disrupted Patient Services Nationwide
Mitchell Langley June 1, 2025
Kaiser Permanente suffered a major network outage that disrupted electronic health records and patient services across the U.S. System functionality was restored the following day. ...
184 Million Login Credentials Exposed in Major Unprotected Database Leak
News
184 Million Login Credentials Exposed in Major Unprotected Database Leak
Andrew Doyle June 1, 2025
Over 184 million login credentials were exposed online in plain text, revealing widespread negligence in data protection and the growing threat of credential-based cyberattacks.
Victoria’s Secret Takes Website Offline Following Security Incident
News
Victoria’s Secret Takes Website Offline Following Security Incident
Mitchell Langley May 30, 2025
Victoria’s Secret temporarily disabled its website and limited in-store services to address a cybersecurity incident. Third-party experts have been engaged; stores remain open.
Unimed Data Leak Exposes 14 Million Sensitive Patient-Doctor Messages
News
Unimed Data Leak Exposes 14 Million Sensitive Patient-Doctor Messages
Mitchell Langley May 30, 2025
An exposed Unimed server leaked over 14 million private patient-doctor messages, including medical data, documents, and IDs—posing major cybersecurity and privacy risks.
Russian Nuclear Facility Blueprints Exposed in Massive Security Breach
News
Russian Nuclear Facility Blueprints Exposed in Massive Security Breach
Andrew Doyle May 30, 2025
Russian nuclear facility blueprints were exposed in a public procurement database, revealing sensitive layouts of missile silos and bunkers tied to Moscow’s nuclear modernization.
APT41 Exploits Google Calendar for Stealth Malware Control and Data Theft
News
APT41 Exploits Google Calendar for Stealth Malware Control and Data Theft
Mitchell Langley May 30, 2025
Chinese APT41 hackers used Google Calendar to run malware operations and exfiltrate data, exploiting Calendar events for covert command-and-control and stealth communications.
RE/MAX Targeted by Medusa Ransomware in Alleged 150GB Data Breach
News
RE/MAX Targeted by Medusa Ransomware in Alleged 150GB Data Breach
Mitchell Langley May 29, 2025
Medusa ransomware claims a 150GB data breach at RE/MAX and demands $200K ransom. Exposed files include agent details, commissions, and internal property documents.
German Cybersecurity Agency Flags Critical Windows Server 2025 Flaw Enabling Domain Takeover
News
German Cybersecurity Agency Flags Critical Windows Server 2025 Flaw Enabling Domain Takeover
Mitchell Langley May 29, 2025
BSI warns of an unpatched flaw in Windows Server 2025 Active Directory that allows domain takeover via dMSA. Microsoft rates it moderate; Germany rates it ...
1.6 Million Customer Emails Exposed in Etsy and TikTok Shop Data Leak
News
1.6 Million Customer Emails Exposed in Etsy and TikTok Shop Data Leak
Andrew Doyle May 29, 2025
An exposed Azure storage bucket leaked 1.6 million customer emails from Etsy, TikTok Shop, and others, revealing names, addresses, and order data.
Everest Ransomware Targets Jordan Kuwait Bank in Alleged Data Breach
News
Everest Ransomware Targets Jordan Kuwait Bank in Alleged Data Breach
Andrew Doyle May 29, 2025
Everest ransomware group claims to have breached Jordan Kuwait Bank, stealing 11.7GB of internal data, including personal employee details, and demanding ransom by May 31. ...
Chaos Ransomware Claims Attack on Global Charity Giant Salvation Army
News
Chaos Ransomware Claims Attack on Global Charity Giant Salvation Army
Mitchell Langley May 29, 2025
Chaos ransomware has claimed a cyberattack on the Salvation Army, threatening to leak sensitive charity data unless demands are met. Scope and content remain undisclosed. ...
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
News
LockBit Ransomware Gang Breached, Internal Negotiation Data and Affiliate Info Leaked
Andrew Doyle May 12, 2025
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Cybersecurity
Play Ransomware Exploited Windows Logging Vulnerability in Zero-Day Attacks
Syed Arslan May 8, 2025
Ransomware Victims on Dark Web – 04th March, 2025
Ransomware
Ransomware Victims on Dark Web – 04th March, 2025
Gabby Lee April 21, 2025
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
News
Interlock Ransomware Gang Deploys ClickFix Attacks Using Fake IT Tools to Compromise Networks
Andrew Doyle April 21, 2025

TOP CYBERSECURITY HEADLINES

Cartier Confirms Customer Data Exposure Following Cybersecurity Breach
News
Cartier Confirms Customer Data Exposure Following Cybersecurity Breach
Russian Market Becomes Leading Hub for Stolen Credentials from Info-Stealer Malware
News
Russian Market Becomes Leading Hub for Stolen Credentials from Info-Stealer Malware
Remote Code Execution Flaw in vBulletin Forum Software Under Active Exploitation
News
Remote Code Execution Flaw in vBulletin Forum Software Under Active Exploitation
Cisco IOS XE Wireless LAN Controller Vulnerability Exposes Enterprises to Remote Code Execution Risks
News
Cisco IOS XE Wireless LAN Controller Vulnerability Exposes Enterprises to Remote Code Execution Risks

SECURITYWEEK INDUSTRY EXPERTS

The North Face Discloses April Credential Stuffing Attack Impacting Customer Accounts
News
The North Face Discloses April Credential Stuffing Attack Impacting Customer Accounts
Mitchell Langley June 3, 2025
Nokota Packers Targeted in Ransomware Attack by Emerging J Group Gang
News
Nokota Packers Targeted in Ransomware Attack by Emerging J Group Gang
Andrew Doyle June 3, 2025
Stormous Ransomware Gang Claims Volkswagen Hack Without Proof
News
Stormous Ransomware Gang Claims Volkswagen Hack Without Proof
Mitchell Langley June 3, 2025
Cartier Confirms Customer Data Exposure Following Cybersecurity Breach
News
Cartier Confirms Customer Data Exposure Following Cybersecurity Breach
Andrew Doyle June 3, 2025
More In News
Trending
What is a Whaling Phishing Attack?
Phishing Attacks on the Rise: Businesses Face Growing Cyberthreat
Email Spoofing 101: Understanding the Basics and How to Protect Your Enterprise Data
How AI is Revolutionizing Phishing Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
CVE-2025-48827 & 48828: How vBulletin’s API and Template Engine Got Weaponized
June 3, 2025
Podcasts
JINX-0132: How Cryptojackers Hijacked DevOps Infrastructure via Nomad and Docker
June 3, 2025
Podcasts
Multi-Stage Phishing Attacks Now Use Google Infrastructure—Here’s How
June 2, 2025

Cyber Security News

Quantum Hacking Is Coming How to Prepare with Post-Quantum Security Today
Blog
Quantum Hacking Is Coming: How to Prepare with Post-Quantum Security Today
May 22, 2025
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
Cybersecurity
Interlock Ransomware Suspected in Kettering Health System-Wide Outage
May 22, 2025
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
Cybersecurity
RVTools Supply Chain Attack Delivered Bumblebee Malware via Trojanized Installer
May 21, 2025
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
Cybersecurity
Chinese Hackers Exploiting SAP NetWeaver Servers via Zero-Day Vulnerability
May 12, 2025
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
Cybersecurity
iClicker Website Compromised in ClickFix Malware Attack Targeting Students and Faculty
May 12, 2025
The Truth About Identity Attacks How to Protect Your Business and Data
Blog
The Truth About Identity Attacks: How to Protect Your Business and Data
May 8, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Threat Actors
  • Threat Detection Tools
  • Uncategorized
Google Chrome vs. Failing CAs: The Policy Behind the Distrust
June 3, 2025
In this episode, we dissect Google’s recent and upcoming decisions to distrust several Certificate Authorities (CAs) within the Chrome Root Store, including Entrust, Chunghwa Telecom, ...
CVE-2025-48827 & 48828: How vBulletin’s API and Template Engine Got Weaponized
June 3, 2025
Two critical, actively exploited vulnerabilities in vBulletin forum software—CVE-2025-48827 and CVE-2025-48828—have put thousands of websites at immediate risk of full system compromise. In this episode, ...
JINX-0132: How Cryptojackers Hijacked DevOps Infrastructure via Nomad and Docker
June 3, 2025
In this episode, we dissect the JINX-0132 cryptojacking campaign — a real-world example of how threat actors are exploiting cloud and DevOps environments to mine ...
Cartier Confirms Customer Data Exposure Following Cybersecurity Breach
June 3, 2025
Cartier has confirmed a cyberattack that exposed limited customer data, including names and email addresses. Sensitive financial and login information was not compromised.
Russian Market Becomes Leading Hub for Stolen Credentials from Info-Stealer Malware
June 3, 2025
The Russian Market has surged in popularity as a major cybercrime marketplace, offering stolen credentials harvested by info-stealer malware like Lumma and Acreed.
Multi-Stage Phishing Attacks Now Use Google Infrastructure—Here’s How
June 2, 2025
Recent phishing campaigns have entered a new phase—one where trust is weaponized. In this episode, we break down how cybercriminals are exploiting legitimate services like ...
Password Hashes Leaked via Linux Crash Handlers: The Truth Behind CVE-2025-5054 & 4598
June 2, 2025
In this episode, we unpack two newly disclosed Linux vulnerabilities—CVE-2025-5054 and CVE-2025-4598—discovered by the Qualys Threat Research Unit (TRU). These race condition flaws impact Ubuntu’s ...
Inside the AVCheck Takedown: How Law Enforcement Disrupted a Key Cybercrime Tool
June 2, 2025
In this episode, we unpack the international takedown of AVCheck, one of the largest counter antivirus (CAV) services used by cybercriminals to test and fine-tune ...
Kaiser Permanente Recovers from Widespread Network Outage That Disrupted Patient Services Nationwide
June 1, 2025
Kaiser Permanente suffered a major network outage that disrupted electronic health records and patient services across the U.S. System functionality was restored the following day. ...
Latrodectus Malware Infected Over 44,000 IPs Before Operation Endgame Takedown
June 1, 2025
Latrodectus malware infected over 44,000 IP addresses before Operation Endgame's global takedown, with Shadowserver warning of critical ongoing threats across infected systems.
Germany Identifies TrickBot and Conti Ransomware Ringleader as Vitaly Kovalev
June 1, 2025
Germany has named Vitaly Kovalev, aka "Stern," as the leader of the Conti ransomware and TrickBot gangs in a major breakthrough tied to Operation Endgame. ...
Cisco IOS XE Wireless LAN Controller Vulnerability Exposes Enterprises to Remote Code Execution Risks
June 1, 2025
Exploit details for a critical Cisco IOS XE Wireless LAN Controller vulnerability (CVE-2025-20188) are now public, raising urgent concerns about remote code execution risks.
Remote Code Execution Flaw in vBulletin Forum Software Under Active Exploitation
June 1, 2025
Two critical vBulletin vulnerabilities, actively exploited in the wild, allow attackers to execute code remotely by abusing template logic and PHP’s Reflection API.
184 Million Login Credentials Exposed in Major Unprotected Database Leak
June 1, 2025
Over 184 million login credentials were exposed online in plain text, revealing widespread negligence in data protection and the growing threat of credential-based cyberattacks.
Browser vs. GPU: Firefox 139 Collides with NVIDIA Drivers
May 30, 2025
In this episode, we dive into the graphical corruption saga triggered by Firefox version 139, released on May 27, 2025. Aimed at uncovering what went ...
ConnectWise Breach: Nation-State Exploits CVE-2025-3935 in ScreenConnect
May 30, 2025
ConnectWise has confirmed a cyberattack targeting ScreenConnect, its remote access solution used by thousands of Managed Service Providers (MSPs). The breach is reportedly tied to ...
Unbound Raises $4M to Secure Generative AI in the Enterprise
May 30, 2025
In this episode, we break down the recent $4 million seed funding round for Unbound, a startup tackling one of the biggest unsolved problems in ...
This Week In Cybersecurity: 26th to 30th May, 2025
May 30, 2025
"Cybersecurity threats escalate as ransomware attacks target major organizations, exposing sensitive data and highlighting vulnerabilities in systems across various industries. Stay informed."
Victoria’s Secret Takes Website Offline Following Security Incident
May 30, 2025
Victoria’s Secret temporarily disabled its website and limited in-store services to address a cybersecurity incident. Third-party experts have been engaged; stores remain open.
Unimed Data Leak Exposes 14 Million Sensitive Patient-Doctor Messages
May 30, 2025
An exposed Unimed server leaked over 14 million private patient-doctor messages, including medical data, documents, and IDs—posing major cybersecurity and privacy risks.
Google Chrome vs. Failing CAs: The Policy Behind the Distrust
CVE-2025-48827 & 48828: How vBulletin’s API and Template Engine Got Weaponized
JINX-0132: How Cryptojackers Hijacked DevOps Infrastructure via Nomad and Docker
Cartier Confirms Customer Data Exposure Following Cybersecurity Breach
Russian Market Becomes Leading Hub for Stolen Credentials from Info-Stealer Malware
Multi-Stage Phishing Attacks Now Use Google Infrastructure—Here’s How
Password Hashes Leaked via Linux Crash Handlers: The Truth Behind CVE-2025-5054 & 4598
Inside the AVCheck Takedown: How Law Enforcement Disrupted a Key Cybercrime Tool
Kaiser Permanente Recovers from Widespread Network Outage That Disrupted Patient Services Nationwide
Latrodectus Malware Infected Over 44,000 IPs Before Operation Endgame Takedown
Germany Identifies TrickBot and Conti Ransomware Ringleader as Vitaly Kovalev
Cisco IOS XE Wireless LAN Controller Vulnerability Exposes Enterprises to Remote Code Execution Risks
Remote Code Execution Flaw in vBulletin Forum Software Under Active Exploitation
184 Million Login Credentials Exposed in Major Unprotected Database Leak
Browser vs. GPU: Firefox 139 Collides with NVIDIA Drivers
ConnectWise Breach: Nation-State Exploits CVE-2025-3935 in ScreenConnect
Unbound Raises $4M to Secure Generative AI in the Enterprise
This Week In Cybersecurity: 26th to 30th May, 2025
Victoria’s Secret Takes Website Offline Following Security Incident
Unimed Data Leak Exposes 14 Million Sensitive Patient-Doctor Messages