Main Menu
Cyber Security
Microsoft Unveils Windows 11 Recovery Tools to Reduce Downtime and Data Loss
FCC Reconsiders Biden-Era Cybersecurity Rules After Industry Pushback
Cloudflare Outage Causes Global Disruptions but Rules Out Cyberattack
Pennsylvania Attorney General’s Office Confirms Data Breach After Ransomware Attack
ShadowRay 2.0 Botnet Campaign Exploits Ray Clusters for Cryptomining
Attackers Exploit Open Source AI Framework Ray to Build Self-Replicating Botnet
EVALUSION Threat Cluster Uses Fake ClickFix Tools to Push Dual Malware Payloads
Pentagon Auditors Warn That Social Media Oversharing Poses Operational Security Risk
Eurofiber France Breach Exposes Customer Data via Ticket System Exploit
Coinbase Under Fire for Alleged Delay in Disclosing Customer Data Breach
Princeton University Data Breach Exposes Sensitive Information in Cyberattack
Malicious NPM Packages Use Adspect Cloaking to Evade Researchers and Target Victims
Azure Faces Record-Breaking 15.72 Tbps DDoS Attack by Aisuru Botnet
GoSign Desktop Vulnerability Exposes Users to Man-in-the-Middle and Supply Chain Attacks
Threat Actors Revive Legacy “Finger” Protocol to Evade Detection and Deliver Payloads
Jaguar Land Rover Attributes £196 Million Quarterly Loss to Cyberattack Fallout
Microsoft Confirms KB5068781 Update Errors Impacting Windows 10 Devices
RondoDox Botnet Exploits Critical Eval Injection Flaw in XWiki
Critical Remote Code Execution Flaws Found in AI Inference Engines Due to Unsafe Deserialization
Fortinet Quietly Patches FortiWeb Zero-Day Vulnerability Exploited in Active Attacks
Threat Group ShinyHunters Hacks Checkout.com, Demands Ransom Over Legacy Cloud Breach
Australia Warns of Chinese Cyber Probing Into Critical Infrastructure
Amazon Identifies Massive NPM Package Flooding Attack as Token-Farming Campaign
Logitech Confirms Data Breach After Clop Ransomware Attacks Oracle Systems
U.S. DOJ Secures Guilty Pleas in North Korea IT Worker and Crypto Fraud Case
CISA Warns of Akira Ransomware Targeting Nutanix AHV Virtual Machines
DoorDash Discloses October Cybersecurity Breach Exposing User Contact Information
IndonesianFoods Worm Overwhelms npm With 100,000 Auto-Generated Packages
Fortinet FortiWeb Vulnerability Exploited to Create Unauthorized Admin Accounts
ASUS Patches Critical Authentication Bypass Vulnerability in DSL Series Routers
Microsoft Adds False-Positive Reporting to Teams Security Alerts
Application Security
Microsoft Adds False-Positive Reporting to Teams Security Alerts
Mitchell Langley November 19, 2025
Microsoft is adding a false-positive reporting feature to Teams, allowing users to flag messages incorrectly quarantined by Defender for Office 365. The feedback will help ...
Microsoft to Integrate Sysmon Natively into Windows 11 and Server 2025
Application Security
Microsoft to Integrate Sysmon Natively into Windows 11 and Server 2025
Andrew Doyle November 19, 2025
Microsoft is bringing one of its most widely-used threat detection tools, Sysmon (System Monitor), into the Windows operating system itself—removing ...
U.S. Cyber Chief Signals More Offensive Operations, But Keeps Timeline Secret
Cybersecurity
U.S. Cyber Chief Signals More Offensive Operations, But Keeps Timeline Secret
Mitchell Langley November 19, 2025
The U.S. is preparing to expand offensive cyber operations in response to escalating nation-state attacks, according to National Cyber Director Sean Cairncross. While timelines remain ...
Microsoft Unveils Windows 11 Recovery Tools to Reduce Downtime and Data Loss
Application Security
Microsoft Unveils Windows 11 Recovery Tools to Reduce Downtime and Data Loss
Gabby Lee November 19, 2025
Microsoft is introducing two new Windows 11 recovery tools—Point-in-Time Restore and Cloud Rebuild—to help enterprises quickly recover from misconfigurations, faulty updates, or system failures. The ...
Sneaky 2FA PhaaS Platform Adds Browser-in-the-Browser Attacks to Bypass MFA
News
Sneaky 2FA PhaaS Platform Adds Browser-in-the-Browser Attacks to Bypass MFA
Gabby Lee November 19, 2025
The Sneaky 2FA phishing platform now incorporates Browser-in-the-Browser deception, enabling attackers to convincingly mimic legitimate login windows and harvest credentials and MFA codes. This upgrade ...
FCC Reconsiders Biden-Era Cybersecurity Rules After Industry Pushback
Cybersecurity
FCC Reconsiders Biden-Era Cybersecurity Rules After Industry Pushback
Mitchell Langley November 19, 2025
The FCC is preparing to vote on rolling back cybersecurity rules imposed after the Salt Typhoon espionage campaign, following heavy telecom industry pushback. Carriers argue ...
Cloudflare Outage Causes Global Disruptions but Rules Out Cyberattack
Network Security
Cloudflare Outage Causes Global Disruptions but Rules Out Cyberattack
Andrew Doyle November 18, 2025
A configuration error at Cloudflare on November 18 caused a major global outage affecting ChatGPT, Shopify, X, and multiple public-sector sites. Though resolved within an ...
MI5 Warns of Chinese Espionage Campaign Exploiting LinkedIn for Intelligence Gathering
News
MI5 Warns of Chinese Espionage Campaign Exploiting LinkedIn for Intelligence Gathering
Gabby Lee November 18, 2025
MI5 warns that Chinese intelligence operatives are using LinkedIn and fake recruiters to target UK professionals with access to sensitive information. Thousands have reportedly been ...
Pennsylvania Attorney General’s Office Confirms Data Breach After Ransomware Attack
Cybersecurity
Pennsylvania Attorney General’s Office Confirms Data Breach After Ransomware Attack
Andrew Doyle November 18, 2025
A ransomware attack by the Inc Ransom group has hit the Pennsylvania Office of the Attorney General, with attackers claiming to have stolen over 700GB ...
ShadowRay 2.0 Botnet Campaign Exploits Ray Clusters for Cryptomining
Endpoint Security
ShadowRay 2.0 Botnet Campaign Exploits Ray Clusters for Cryptomining
Mitchell Langley November 18, 2025
ShadowRay 2.0 is exploiting an unauthenticated RCE flaw in older Ray Cluster deployments, infecting more than 5,000 exposed nodes and turning them into a self-spreading ...
Attackers Exploit Open Source AI Framework Ray to Build Self-Replicating Botnet
Cybersecurity
Attackers Exploit Open Source AI Framework Ray to Build Self-Replicating Botnet
Gabby Lee November 18, 2025
A new wave of attacks is compromising unsecured Ray clusters and turning them into self-replicating botnets. By abusing exposed Ray endpoints, attackers deploy malware that ...
EVALUSION Threat Cluster Uses Fake ClickFix Tools to Push Dual Malware Payloads
Cybersecurity
EVALUSION Threat Cluster Uses Fake ClickFix Tools to Push Dual Malware Payloads
Mitchell Langley November 18, 2025
A malware campaign tied to the EVALUSION threat cluster is abusing fake ClickFix utilities to deploy Amatera Stealer or NetSupport RAT. The attackers use staged ...
Pentagon Auditors Warn That Social Media Oversharing Poses Operational Security Risk
Information Security
Pentagon Auditors Warn That Social Media Oversharing Poses Operational Security Risk
Mitchell Langley November 18, 2025
Government auditors warn that DoD personnel may be unintentionally leaking sensitive details on social media, including deployment data and unit locations. Outdated policies, weak training, ...
Eurofiber France Breach Exposes Customer Data via Ticket System Exploit
Data Security
Eurofiber France Breach Exposes Customer Data via Ticket System Exploit
Gabby Lee November 18, 2025
Eurofiber France disclosed a breach caused by a vulnerability in its ticketing system, allowing attackers to access historical support records containing contact details and service ...
Coinbase Under Fire for Alleged Delay in Disclosing Customer Data Breach
Information Security
Coinbase Under Fire for Alleged Delay in Disclosing Customer Data Breach
Andrew Doyle November 17, 2025
A researcher claims Coinbase knew months earlier about a December 2024 breach involving insider social-engineering that exposed data for nearly 70,000 users. Coinbase later confirmed ...
Princeton University Data Breach Exposes Sensitive Information in Cyberattack
Data Security
Princeton University Data Breach Exposes Sensitive Information in Cyberattack
Mitchell Langley November 17, 2025
A cyberattack on Princeton University exposed a database containing personal and institutional information tied to alumni, donors, faculty, staff, and students. Princeton is investigating with ...
Dutch Police Dismantle Bulletproof Hosting Platform Used by Cybercriminals
News
Dutch Police Dismantle Bulletproof Hosting Platform Used by Cybercriminals
Mitchell Langley November 17, 2025
Dutch authorities have seized roughly 250 servers tied to a bulletproof hosting service that catered exclusively to cybercriminals, disrupting infrastructure used for malware, phishing, and ...
Malicious NPM Packages Use Adspect Cloaking to Evade Researchers and Target Victims
Cybersecurity
Malicious NPM Packages Use Adspect Cloaking to Evade Researchers and Target Victims
Gabby Lee November 17, 2025
Seven malicious npm packages used Adspect-based traffic cloaking to avoid detection and selectively deliver staged JavaScript payloads to targeted developers. The packages acted as downloaders ...
Azure Faces Record-Breaking 15.72 Tbps DDoS Attack by Aisuru Botnet
Application Security
Azure Faces Record-Breaking 15.72 Tbps DDoS Attack by Aisuru Botnet
Andrew Doyle November 17, 2025
A record-breaking 15.72 Tbps DDoS attack from the Aisuru botnet targeted Microsoft Azure, showcasing rapidly evolving botnet capabilities. Despite the massive, multi-vector assault, Azure’s automated ...
GoSign Desktop Vulnerability Exposes Users to Man-in-the-Middle and Supply Chain Attacks
Application Security
GoSign Desktop Vulnerability Exposes Users to Man-in-the-Middle and Supply Chain Attacks
Andrew Doyle November 17, 2025
Researchers uncovered serious flaws in GoSign Desktop, where disabled TLS certificate validation and an unsigned update mechanism expose users to MitM attacks and malicious updates. ...
Microsoft Adds False-Positive Reporting to Teams Security Alerts
Application Security
Microsoft Adds False-Positive Reporting to Teams Security Alerts
Mitchell Langley November 19, 2025
Eurofiber France Breach Exposes Customer Data via Ticket System Exploit
Data Security
Eurofiber France Breach Exposes Customer Data via Ticket System Exploit
Gabby Lee November 18, 2025
Pennsylvania Attorney General’s Office Confirms Data Breach After Ransomware Attack
Cybersecurity
Pennsylvania Attorney General’s Office Confirms Data Breach After Ransomware Attack
Andrew Doyle November 18, 2025
EVALUSION Threat Cluster Uses Fake ClickFix Tools to Push Dual Malware Payloads
Cybersecurity
EVALUSION Threat Cluster Uses Fake ClickFix Tools to Push Dual Malware Payloads
Mitchell Langley November 18, 2025

TOP CYBERSECURITY HEADLINES

Microsoft Unveils Windows 11 Recovery Tools to Reduce Downtime and Data Loss
Application Security
Microsoft Unveils Windows 11 Recovery Tools to Reduce Downtime and Data Loss
Sneaky 2FA PhaaS Platform Adds Browser-in-the-Browser Attacks to Bypass MFA
News
Sneaky 2FA PhaaS Platform Adds Browser-in-the-Browser Attacks to Bypass MFA
FCC Reconsiders Biden-Era Cybersecurity Rules After Industry Pushback
Cybersecurity
FCC Reconsiders Biden-Era Cybersecurity Rules After Industry Pushback
Cloudflare Outage Causes Global Disruptions but Rules Out Cyberattack
Network Security
Cloudflare Outage Causes Global Disruptions but Rules Out Cyberattack

This Week’s Security Spotlight

Cloudflare Outage Causes Global Disruptions but Rules Out Cyberattack
Network Security
Cloudflare Outage Causes Global Disruptions but Rules Out Cyberattack
Andrew Doyle November 18, 2025
MI5 Warns of Chinese Espionage Campaign Exploiting LinkedIn for Intelligence Gathering
News
MI5 Warns of Chinese Espionage Campaign Exploiting LinkedIn for Intelligence Gathering
Gabby Lee November 18, 2025
Pentagon Auditors Warn That Social Media Oversharing Poses Operational Security Risk
Information Security
Pentagon Auditors Warn That Social Media Oversharing Poses Operational Security Risk
Mitchell Langley November 18, 2025
Microsoft Confirms KB5068781 Update Errors Impacting Windows 10 Devices
Application Security
Microsoft Confirms KB5068781 Update Errors Impacting Windows 10 Devices
Gabby Lee November 17, 2025
More In News
Trending
Google Sues Chinese Cybercriminal Group Behind Massive “Lighthouse” Smishing Campaign
LinkedIn Becomes a Launchpad for Phishing Campaigns Targeting Executives
Route Redirect Automates Large-Scale Microsoft 365 Phishing
Swiss Cybersecurity Agency Warns of Phishing Scam Targeting Apple ID Credentials

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Palo Alto Networks Uncovers 194,000-Domain Smishing Campaign Linked to “Smishing Triad”
October 28, 2025
Podcasts
Coveware Reports Historic Drop in Ransomware Payments: Only 23% of Victims Paid in Q3 2025
October 28, 2025
Podcasts
Firefox Add-Ons Must Declare Data Collection—or Be Rejected
October 28, 2025

Cyber Security News

Microsoft Adds False-Positive Reporting to Teams Security Alerts
Application Security
Microsoft Adds False-Positive Reporting to Teams Security Alerts
November 19, 2025
Microsoft to Integrate Sysmon Natively into Windows 11 and Server 2025
Application Security
Microsoft to Integrate Sysmon Natively into Windows 11 and Server 2025
November 19, 2025
U.S. Cyber Chief Signals More Offensive Operations, But Keeps Timeline Secret
Cybersecurity
U.S. Cyber Chief Signals More Offensive Operations, But Keeps Timeline Secret
November 19, 2025
Microsoft Unveils Windows 11 Recovery Tools to Reduce Downtime and Data Loss
Application Security
Microsoft Unveils Windows 11 Recovery Tools to Reduce Downtime and Data Loss
November 19, 2025
FCC Reconsiders Biden-Era Cybersecurity Rules After Industry Pushback
Cybersecurity
FCC Reconsiders Biden-Era Cybersecurity Rules After Industry Pushback
November 19, 2025
Cloudflare Outage Causes Global Disruptions but Rules Out Cyberattack
Network Security
Cloudflare Outage Causes Global Disruptions but Rules Out Cyberattack
November 18, 2025
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Microsoft Unveils Windows 11 Recovery Tools to Reduce Downtime and Data Loss
November 19, 2025
Microsoft is introducing two new Windows 11 recovery tools—Point-in-Time Restore and Cloud Rebuild—to help enterprises quickly recover from misconfigurations, faulty updates, or system failures. The ...
Sneaky 2FA PhaaS Platform Adds Browser-in-the-Browser Attacks to Bypass MFA
November 19, 2025
The Sneaky 2FA phishing platform now incorporates Browser-in-the-Browser deception, enabling attackers to convincingly mimic legitimate login windows and harvest credentials and MFA codes. This upgrade ...
FCC Reconsiders Biden-Era Cybersecurity Rules After Industry Pushback
November 19, 2025
The FCC is preparing to vote on rolling back cybersecurity rules imposed after the Salt Typhoon espionage campaign, following heavy telecom industry pushback. Carriers argue ...
Cloudflare Outage Causes Global Disruptions but Rules Out Cyberattack
November 18, 2025
A configuration error at Cloudflare on November 18 caused a major global outage affecting ChatGPT, Shopify, X, and multiple public-sector sites. Though resolved within an ...
MI5 Warns of Chinese Espionage Campaign Exploiting LinkedIn for Intelligence Gathering
November 18, 2025
MI5 warns that Chinese intelligence operatives are using LinkedIn and fake recruiters to target UK professionals with access to sensitive information. Thousands have reportedly been ...
Pennsylvania Attorney General’s Office Confirms Data Breach After Ransomware Attack
November 18, 2025
A ransomware attack by the Inc Ransom group has hit the Pennsylvania Office of the Attorney General, with attackers claiming to have stolen over 700GB ...
ShadowRay 2.0 Botnet Campaign Exploits Ray Clusters for Cryptomining
November 18, 2025
ShadowRay 2.0 is exploiting an unauthenticated RCE flaw in older Ray Cluster deployments, infecting more than 5,000 exposed nodes and turning them into a self-spreading ...
Attackers Exploit Open Source AI Framework Ray to Build Self-Replicating Botnet
November 18, 2025
A new wave of attacks is compromising unsecured Ray clusters and turning them into self-replicating botnets. By abusing exposed Ray endpoints, attackers deploy malware that ...
EVALUSION Threat Cluster Uses Fake ClickFix Tools to Push Dual Malware Payloads
November 18, 2025
A malware campaign tied to the EVALUSION threat cluster is abusing fake ClickFix utilities to deploy Amatera Stealer or NetSupport RAT. The attackers use staged ...
Pentagon Auditors Warn That Social Media Oversharing Poses Operational Security Risk
November 18, 2025
Government auditors warn that DoD personnel may be unintentionally leaking sensitive details on social media, including deployment data and unit locations. Outdated policies, weak training, ...
Eurofiber France Breach Exposes Customer Data via Ticket System Exploit
November 18, 2025
Eurofiber France disclosed a breach caused by a vulnerability in its ticketing system, allowing attackers to access historical support records containing contact details and service ...
Coinbase Under Fire for Alleged Delay in Disclosing Customer Data Breach
November 17, 2025
A researcher claims Coinbase knew months earlier about a December 2024 breach involving insider social-engineering that exposed data for nearly 70,000 users. Coinbase later confirmed ...
Princeton University Data Breach Exposes Sensitive Information in Cyberattack
November 17, 2025
A cyberattack on Princeton University exposed a database containing personal and institutional information tied to alumni, donors, faculty, staff, and students. Princeton is investigating with ...
Dutch Police Dismantle Bulletproof Hosting Platform Used by Cybercriminals
November 17, 2025
Dutch authorities have seized roughly 250 servers tied to a bulletproof hosting service that catered exclusively to cybercriminals, disrupting infrastructure used for malware, phishing, and ...
Malicious NPM Packages Use Adspect Cloaking to Evade Researchers and Target Victims
November 17, 2025
Seven malicious npm packages used Adspect-based traffic cloaking to avoid detection and selectively deliver staged JavaScript payloads to targeted developers. The packages acted as downloaders ...
Azure Faces Record-Breaking 15.72 Tbps DDoS Attack by Aisuru Botnet
November 17, 2025
A record-breaking 15.72 Tbps DDoS attack from the Aisuru botnet targeted Microsoft Azure, showcasing rapidly evolving botnet capabilities. Despite the massive, multi-vector assault, Azure’s automated ...
GoSign Desktop Vulnerability Exposes Users to Man-in-the-Middle and Supply Chain Attacks
November 17, 2025
Researchers uncovered serious flaws in GoSign Desktop, where disabled TLS certificate validation and an unsigned update mechanism expose users to MitM attacks and malicious updates. ...
Threat Actors Revive Legacy “Finger” Protocol to Evade Detection and Deliver Payloads
November 17, 2025
Researchers have uncovered cybercriminals abusing the long-abandoned UNIX “finger” protocol to stealthily fetch and execute commands on Windows systems. By using this legacy tool for ...
Jaguar Land Rover Attributes £196 Million Quarterly Loss to Cyberattack Fallout
November 17, 2025
Jaguar Land Rover revealed that a major cyberattack caused £196 million in losses this quarter, significantly impacting operations despite otherwise strong performance. The incident, linked ...
Microsoft Confirms KB5068781 Update Errors Impacting Windows 10 Devices
November 17, 2025
Microsoft is investigating installation failures affecting the Windows 10 KB5068781 ESU update, with error 0x800f0922 impacting volume-licensed enterprise systems. The issue leaves legacy environments temporarily ...
Microsoft Unveils Windows 11 Recovery Tools to Reduce Downtime and Data Loss
Sneaky 2FA PhaaS Platform Adds Browser-in-the-Browser Attacks to Bypass MFA
FCC Reconsiders Biden-Era Cybersecurity Rules After Industry Pushback
Cloudflare Outage Causes Global Disruptions but Rules Out Cyberattack
MI5 Warns of Chinese Espionage Campaign Exploiting LinkedIn for Intelligence Gathering
Pennsylvania Attorney General’s Office Confirms Data Breach After Ransomware Attack
ShadowRay 2.0 Botnet Campaign Exploits Ray Clusters for Cryptomining
Attackers Exploit Open Source AI Framework Ray to Build Self-Replicating Botnet
EVALUSION Threat Cluster Uses Fake ClickFix Tools to Push Dual Malware Payloads
Pentagon Auditors Warn That Social Media Oversharing Poses Operational Security Risk
Eurofiber France Breach Exposes Customer Data via Ticket System Exploit
Coinbase Under Fire for Alleged Delay in Disclosing Customer Data Breach
Princeton University Data Breach Exposes Sensitive Information in Cyberattack
Dutch Police Dismantle Bulletproof Hosting Platform Used by Cybercriminals
Malicious NPM Packages Use Adspect Cloaking to Evade Researchers and Target Victims
Azure Faces Record-Breaking 15.72 Tbps DDoS Attack by Aisuru Botnet
GoSign Desktop Vulnerability Exposes Users to Man-in-the-Middle and Supply Chain Attacks
Threat Actors Revive Legacy “Finger” Protocol to Evade Detection and Deliver Payloads
Jaguar Land Rover Attributes £196 Million Quarterly Loss to Cyberattack Fallout
Microsoft Confirms KB5068781 Update Errors Impacting Windows 10 Devices