Cyber Security
Cybersecurity
Five Eyes Warn Chinese Spies Use Fake Jobs to Target Clearances
Five Eyes agencies warn Chinese military intelligence is using fake job listings on LinkedIn to recruit government and military insiders for espionage.
Application Security
IronWorm Rust Malware Hits 36 npm Packages in Supply Chain Attack
JFrog researchers discovered IronWorm, a Rust-based infostealer with an eBPF rootkit, injected into 36 npm packages to steal AI API keys and self-propagate.
Application Security
Hola Browser for Windows Bundled Monero Miner in Supply Chain Hit
AppEsteem found a Monero cryptominer bundled inside Hola Browser's Windows installer, hidden as a Windows service and excluded from Windows Defender scanning.
Cybersecurity
Russia Seeks Extremist Label for Cyber Partisans and Silent Crow
Russia's Supreme Court will consider designating Belarusian Cyber Partisans and Silent Crow as extremist groups following the 2025 Aeroflot cyberattack.
Cybersecurity
Play Ransomware Hits Law Firm, Food Tech, Church, and Factory
Play ransomware posted four US victims in a single day: a food processing manufacturer, a law firm, a religious organization, and a manufacturing company.
Cybersecurity
Akira Threatens to Publish 53 GB from US Parts Maker and Ohio MLS
Akira ransomware posted National Standard Parts Associates and Northern Ohio Regional MLS, threatening 53 GB of employee records, contracts, and financial data.
Cybersecurity
Qilin Ransomware Hits Avcon Jet, Slovenian Food Group, and Trican
Qilin ransomware posted Avcon Jet, SKUPINA Don Don, and Trican in a three-country sweep targeting private aviation, food retail, and Canadian oilfield services.
Cybersecurity
TheGentlemen Hits Saudi Arabia, India, Thailand, and Portugal
TheGentlemen ransomware struck Saudi Arabia, India, Thailand, and Portugal in one day, including a first GCC target, as the group exceeds 330 victims in 2026.
Cybersecurity
WorldLeaks Targets Thai Infrastructure Giant CH Karnchang
WorldLeaks claimed CH Karnchang, Thailand's major infrastructure builder, and United Auto Supply in a pure data extortion operation with no file encryption.
Cybersecurity
Supreme Court Upholds $200M FCC Fines on AT&T and Verizon
The Supreme Court ruled 8-1 to uphold FCC authority to fine AT&T and Verizon for selling subscriber GPS location data to third parties without consent.
Cybersecurity
FTC Seeks Public Comment on X Corp Bid to Void Twitter Settlement
The FTC opened a public comment period on X Corp's petition to set aside the $150 million Twitter privacy consent decree, with public comments due ...
CVE Vulnerability Alerts
CISA Orders Patch for Linux Container Escape CVE-2022-0492
CISA added the Linux kernel CVE-2022-0492 container escape flaw to the KEV catalog, confirming active exploitation with a three-day federal patch deadline.
Application Security
CISA Flags Magento RCE CVE-2026-45247; 150K Stores Exposed
CISA added CVE-2026-45247 to its KEV catalog, confirming active exploitation of a CVSS 9.8 Magento RCE flaw that threatens 150,000 e-commerce stores worldwide.
Cybersecurity
CISA, FBI, NSA, DOE Warn of Active Attacks on Fuel Tank Monitors
CISA, FBI, NSA, and DOE warned of active attacks on internet-exposed fuel tank monitoring systems via authentication bypass and command injection techniques.
Cybersecurity
OFAC Sanctions Nobitex, Iran’s Largest Crypto Exchange
OFAC sanctioned Nobitex and three companion Iranian crypto exchanges for facilitating IRGC transactions and converting ransomware proceeds into usable funds.
Application Security
Burst Statistics CVE-2026-8181 Under Mass Exploitation
CVE-2026-8181 in Burst Statistics for WordPress is under mass exploitation, with Wordfence blocking 7,400 daily attempts against over 200,000 affected sites.
CVE Vulnerability Alerts
Acer Wave 7 Routers Carry Two Max-Severity Zero-Days
Gergo Pap disclosed CVE-2026-49200 and CVE-2026-49201 in Acer Wave 7 routers, enabling credential theft and backdoor access with no patch until end of month.
Application Security
Public PoC Released for Cisco Unified CM SSRF Bug
Cisco confirmed public PoC code for CVE-2026-20230, a Unified CM SSRF enabling unauthenticated file writes and potential root access on enterprise systems.
Cybersecurity
TheGentlemen and Genesis Ransomware Hit Two US Clinics
TheGentlemen ransomware claimed Michigan Surgical Center while Genesis targeted Family Medical Associates of Raleigh, exposing PHI to double-extortion pressure.
Cybersecurity
CISA Faces $700M More Cuts as Mullin Signals Restructure
DHS Secretary Mullin testified CISA will target 2,800 employees and face 700 million more in budget cuts, with a new Senate-confirmed director to be nominated.
TOP CYBERSECURITY HEADLINES
This Week’s Security Spotlight
Cybersecurity
CISA to Issue Binding AI Security Directive This Week
Application Security
Fake Claude Code Installers on Google Sites Steal AI API Keys
Application Security
IBM WebSphere CVE-2026-8633: CVSS 9.8 No-Auth RCE Flaw Patched
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
Russia Seeks Extremist Label for Cyber Partisans and Silent Crow
Russia's Supreme Court will consider designating Belarusian Cyber Partisans and Silent Crow as extremist groups following the 2025 Aeroflot cyberattack.
Play Ransomware Hits Law Firm, Food Tech, Church, and Factory
Play ransomware posted four US victims in a single day: a food processing manufacturer, a law firm, a religious organization, and a manufacturing company.
Akira Threatens to Publish 53 GB from US Parts Maker and Ohio MLS
Akira ransomware posted National Standard Parts Associates and Northern Ohio Regional MLS, threatening 53 GB of employee records, contracts, and financial data.
Qilin Ransomware Hits Avcon Jet, Slovenian Food Group, and Trican
Qilin ransomware posted Avcon Jet, SKUPINA Don Don, and Trican in a three-country sweep targeting private aviation, food retail, and Canadian oilfield services.
TheGentlemen Hits Saudi Arabia, India, Thailand, and Portugal
TheGentlemen ransomware struck Saudi Arabia, India, Thailand, and Portugal in one day, including a first GCC target, as the group exceeds 330 victims in 2026.
WorldLeaks Targets Thai Infrastructure Giant CH Karnchang
WorldLeaks claimed CH Karnchang, Thailand's major infrastructure builder, and United Auto Supply in a pure data extortion operation with no file encryption.
Supreme Court Upholds $200M FCC Fines on AT&T and Verizon
The Supreme Court ruled 8-1 to uphold FCC authority to fine AT&T and Verizon for selling subscriber GPS location data to third parties without consent.
FTC Seeks Public Comment on X Corp Bid to Void Twitter Settlement
The FTC opened a public comment period on X Corp's petition to set aside the $150 million Twitter privacy consent decree, with public comments due ...
CISA Orders Patch for Linux Container Escape CVE-2022-0492
CISA added the Linux kernel CVE-2022-0492 container escape flaw to the KEV catalog, confirming active exploitation with a three-day federal patch deadline.
CISA Flags Magento RCE CVE-2026-45247; 150K Stores Exposed
CISA added CVE-2026-45247 to its KEV catalog, confirming active exploitation of a CVSS 9.8 Magento RCE flaw that threatens 150,000 e-commerce stores worldwide.
CISA, FBI, NSA, DOE Warn of Active Attacks on Fuel Tank Monitors
CISA, FBI, NSA, and DOE warned of active attacks on internet-exposed fuel tank monitoring systems via authentication bypass and command injection techniques.
OFAC Sanctions Nobitex, Iran’s Largest Crypto Exchange
OFAC sanctioned Nobitex and three companion Iranian crypto exchanges for facilitating IRGC transactions and converting ransomware proceeds into usable funds.
Burst Statistics CVE-2026-8181 Under Mass Exploitation
CVE-2026-8181 in Burst Statistics for WordPress is under mass exploitation, with Wordfence blocking 7,400 daily attempts against over 200,000 affected sites.
Acer Wave 7 Routers Carry Two Max-Severity Zero-Days
Gergo Pap disclosed CVE-2026-49200 and CVE-2026-49201 in Acer Wave 7 routers, enabling credential theft and backdoor access with no patch until end of month.
Public PoC Released for Cisco Unified CM SSRF Bug
Cisco confirmed public PoC code for CVE-2026-20230, a Unified CM SSRF enabling unauthenticated file writes and potential root access on enterprise systems.
TheGentlemen and Genesis Ransomware Hit Two US Clinics
TheGentlemen ransomware claimed Michigan Surgical Center while Genesis targeted Family Medical Associates of Raleigh, exposing PHI to double-extortion pressure.
CISA Faces $700M More Cuts as Mullin Signals Restructure
DHS Secretary Mullin testified CISA will target 2,800 employees and face 700 million more in budget cuts, with a new Senate-confirmed director to be nominated.
DragonForce and Nitrogen Ransomware Hit Three Continents
DragonForce claimed Lebanon IT firm SETS Solutions and Mexican manufacturer Copamex, while Nitrogen posted U.S. real estate developer Pyramid in parallel.
AI Tool Uncovers Two-Year-Old Redis RCE CVE-2026-23479
Team Xint Code used an AI tool to find CVE-2026-23479, a two-year-old Redis RCE posing high risk in cloud environments where Redis runs without authentication.
CISA to Issue Binding AI Security Directive This Week
CISA will issue a binding directive from the AI executive order, mandating AI vulnerability management rules for all federal civilian executive branch agencies.