Cyber Security
Cybersecurity
North Korea’s Covert IT Workforce Exposed: Unmasking the Chollima Scheme
A joint investigation by BCA LTD, NorthScan, and ANY.RUN reveals North Korea's persistent infiltration scheme. The study exposes remote IT workers linked to the Lazarus ...
Cybersecurity
FTC Targets EdTech Giant Illuminate After Data Breach Exposes 10 Million Students
The Federal Trade Commission proposed significant actions against Illuminate Education following a 2021 incident that compromised data of 10 million students. The firm's measures raise ...
Cybersecurity
Cybersecurity Incident at Three-Council: Data Breach Adds Complexity
Kensington and Chelsea Council acknowledges a data breach as their IT system experiences disruption during a cyber incident. Historical data was accessed and copied, escalating ...
Cybersecurity
GlassWorm Supply Chain Attack Compromises Developer Tools
The GlassWorm supply chain attack returns, infiltrating Microsoft Visual Studio Marketplace and Open VSX with 24 extensions that impersonate popular developer frameworks such as Flutter, ...
Cybersecurity
Shai-Hulud Strikes Again: Massive Data Exposure from NPM Attack
Shai-Hulud's second attack compromised NPM packages, exposing 400,000 secrets. The breach affected thousands of GitHub repositories and underlines vulnerabilities inherent in open-source software supply chains.
Application Security
Microsoft Investigates Defender XDR Portal Access Disruptions
Microsoft faces a challenge as users report limited access to the Defender XDR portal. For over 10 hours, customers have experienced obstacles accessing key features, ...
Cybersecurity
University of Pennsylvania Data Breach: Clop’s Zero-Day Exploit Targets Oracle’s E-Business Suite
The University of Pennsylvania recently disclosed a data breach affecting over 1,400 individuals. Attackers exploited a zero-day vulnerability in Oracle’s E-Business Suite, linked to the ...
Cybersecurity
Zafran Security Accelerates Global Expansion with $60 Million Series C Funding
Zafran Security, a cybersecurity startup, has raised $60 million in Series C funding to enhance product innovation and global reach. This development marks a significant ...
Cybersecurity
Albiriox Banking Trojan Poses New Threat to Android Devices
Cybersecurity experts are on high alert with the emergence of Albiriox, an Android banking trojan sold for $720 monthly. This new threat from Russian cybercriminals ...
Cybersecurity
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
Cybercriminals are increasingly using sophisticated techniques such as deepfakes, fake resumes, and stolen identities to penetrate corporate hiring processes. Strengthening vetting and access controls can ...
Cybersecurity
Young Cybercriminals: Rebels Without a Cause in the Digital World
Emerging data reveals most young cybercriminals outgrow illicit activities by age 20. This shift signals their maturation process beyond digital crime, although a few remain ...
Cybersecurity
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
In a sweeping international effort, authorities targeted cryptomixer services for aiding in cybercriminal activities. Operation Olympia led to a significant Bitcoin haul.
Application Security
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
ShadyPanda malware campaign has quietly infiltrated over 4.3 million installations of Chrome and Edge browser extensions. It deceived users by masquerading as legitimate tools, allowing ...
Cybersecurity
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
The open-source SmartTube client for Android TV faced a security breach after an attacker accessed the developer's signing keys. This led to the distribution of ...
Data Security
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Coupang, a leading retailer in South Korea, has confirmed a data breach compromising the personal information of 33.7 million customers. This major incident raises significant ...
Application Security
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
A seven-year campaign has infected 4.3 million users with malware through browser extensions. Despite warnings, some extensions persist in the Microsoft Edge store, continuing to ...
Application Security
India’s Telecommunications Ministry Mandates Preloaded Cybersecurity App
India's telecommunications ministry is mandating the preloading of the Sanchar Saathi cybersecurity app on new mobile devices. The app, designed to enhance user safety, is ...
Application Security
Microsoft Tackles Excel Attachment Issue in New Outlook Client
Microsoft is aware of and addressing an issue that hinders some users from opening Excel email attachments in the updated Outlook client. The issue can ...
CVE Vulnerability Alerts
CISA Updates KEV Catalog to Include OpenPLC ScadaBR Vulnerability
CISA updates its Known Exploited Vulnerabilities (KEV) catalog with CVE-2021-26829, a security flaw impacting OpenPLC ScadaBR, used in industrial control systems.
Cybersecurity
OpenAI’s Ad Experiment Sparks Debate on AI, Privacy, and Monetization
OpenAI begins testing advertisements within its ChatGPT platform, exploring new monetization avenues. This initiative may significantly influence the web economy, raising questions about user data ...
TOP CYBERSECURITY HEADLINES
Application Security
Microsoft Investigates Defender XDR Portal Access Disruptions
This Week’s Security Spotlight
Application Security
New Microsoft Teams Guest Access Flaw Bypasses Defender Protections
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
GlassWorm Supply Chain Attack Compromises Developer Tools
The GlassWorm supply chain attack returns, infiltrating Microsoft Visual Studio Marketplace and Open VSX with 24 extensions that impersonate popular developer frameworks such as Flutter, ...
Shai-Hulud Strikes Again: Massive Data Exposure from NPM Attack
Shai-Hulud's second attack compromised NPM packages, exposing 400,000 secrets. The breach affected thousands of GitHub repositories and underlines vulnerabilities inherent in open-source software supply chains.
Microsoft Investigates Defender XDR Portal Access Disruptions
Microsoft faces a challenge as users report limited access to the Defender XDR portal. For over 10 hours, customers have experienced obstacles accessing key features, ...
University of Pennsylvania Data Breach: Clop’s Zero-Day Exploit Targets Oracle’s E-Business Suite
The University of Pennsylvania recently disclosed a data breach affecting over 1,400 individuals. Attackers exploited a zero-day vulnerability in Oracle’s E-Business Suite, linked to the ...
Zafran Security Accelerates Global Expansion with $60 Million Series C Funding
Zafran Security, a cybersecurity startup, has raised $60 million in Series C funding to enhance product innovation and global reach. This development marks a significant ...
Albiriox Banking Trojan Poses New Threat to Android Devices
Cybersecurity experts are on high alert with the emergence of Albiriox, an Android banking trojan sold for $720 monthly. This new threat from Russian cybercriminals ...
Hackers Exploit Hiring Processes With Deepfakes and Fake Resumes
Cybercriminals are increasingly using sophisticated techniques such as deepfakes, fake resumes, and stolen identities to penetrate corporate hiring processes. Strengthening vetting and access controls can ...
Young Cybercriminals: Rebels Without a Cause in the Digital World
Emerging data reveals most young cybercriminals outgrow illicit activities by age 20. This shift signals their maturation process beyond digital crime, although a few remain ...
$29 Million in Bitcoin Seized from Cryptomixer: Implications for Cybercrime
In a sweeping international effort, authorities targeted cryptomixer services for aiding in cybercriminal activities. Operation Olympia led to a significant Bitcoin haul.
ShadyPanda Malware Exploits Browser Extensions for Mass Infiltration
ShadyPanda malware campaign has quietly infiltrated over 4.3 million installations of Chrome and Edge browser extensions. It deceived users by masquerading as legitimate tools, allowing ...
SmartTube YouTube Client for Android TV Compromised in Malicious Update Incident
The open-source SmartTube client for Android TV faced a security breach after an attacker accessed the developer's signing keys. This led to the distribution of ...
South Korea’s Coupang Faces Data Breach Impacting Millions: Implications for The Retail Giant
Coupang, a leading retailer in South Korea, has confirmed a data breach compromising the personal information of 33.7 million customers. This major incident raises significant ...
Seven-Year Browser Extension Campaign Poses Significant Threat to Users
A seven-year campaign has infected 4.3 million users with malware through browser extensions. Despite warnings, some extensions persist in the Microsoft Edge store, continuing to ...
India’s Telecommunications Ministry Mandates Preloaded Cybersecurity App
India's telecommunications ministry is mandating the preloading of the Sanchar Saathi cybersecurity app on new mobile devices. The app, designed to enhance user safety, is ...
Microsoft Tackles Excel Attachment Issue in New Outlook Client
Microsoft is aware of and addressing an issue that hinders some users from opening Excel email attachments in the updated Outlook client. The issue can ...
CISA Updates KEV Catalog to Include OpenPLC ScadaBR Vulnerability
CISA updates its Known Exploited Vulnerabilities (KEV) catalog with CVE-2021-26829, a security flaw impacting OpenPLC ScadaBR, used in industrial control systems.
OpenAI’s Ad Experiment Sparks Debate on AI, Privacy, and Monetization
OpenAI begins testing advertisements within its ChatGPT platform, exploring new monetization avenues. This initiative may significantly influence the web economy, raising questions about user data ...
OBR Launches Investigation After Budget Forecast Leak
The Office for Budget Responsibility (OBR) has enlisted Ciaran Martin, ex-chief of the National Cyber Security Centre (NCSC), to investigate how its Budget day forecast ...
Man Sentenced for Running “Evil Twin” Network at Australian Airports
A 44-year-old man was sentenced in Australia to over seven years in prison for creating an "evil twin" WiFi network to steal data from travelers ...
French Football Federation Data Breach Exposes Administrative Management Software
The French Football Federation confirmed a cybersecurity breach after attackers accessed its administrative management software. The breach involved unauthorized access through a compromised account, potentially ...