Cyber Security
Cybersecurity
EtherRAT Malware Implant Utilizes Linux Persistence Mechanisms in React2Shell Attack
EtherRAT, a new malware implant, is linked to the recent React2Shell cyberattack, exploiting Linux persistence methods and utilizing Ethereum smart contracts for control.
Cybersecurity
OpenAI Responds to ChatGPT Plus Subscription Controversy Over Ads
ChatGPT Plus users have raised concerns about perceived advertisements. OpenAI defends its approach, clarifying these are app recommendations, not ads.
Cybersecurity
Portugal Establishes Legal Safe Harbor for Ethical Hackers
Portugal reforms cybercrime law, creating a legal safe harbor for ethical hackers engaged in good-faith security research. This landmark amendment aims to address the growing ...
Cybersecurity
Clickjacking Tactics Exploit SVG and CSS: Understanding the New Threat
Security researcher Lyra Rebane reveals a new clickjacking attack method leveraging SVG and CSS. This tactic bypasses traditional defense approaches, demanding updated security measures. Professionals ...
Application Security
IDEsaster: Uncovering Security Flaws in AI-Powered IDEs
In an alarming revelation, over 30 security vulnerabilities in AI-powered Integrated Development Environments (IDEs) have been uncovered, potentially impacting countless developers. The collective vulnerabilities have ...
CVE Vulnerability Alerts
Critical RSC Vulnerability Added to CISA’s KEV Catalog Due to Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a serious flaw impacting React Server Components (RSC) to its Known Exploited Vulnerabilities (KEV) catalog. ...
CVE Vulnerability Alerts
React2Shell Vulnerability Exposes Over 77,000 IPs Worldwide
Over 77,000 Internet-exposed IP addresses are endangered by the critical React2Shell vulnerability, CVE-2025-55182. Attackers have already compromised over 30 organizations, spanning diverse industry sectors. This ...
Cybersecurity
FBI Warns of Social Media Images Exploited for Virtual Kidnapping Scams
Criminals are exploiting social media images, altering them for use in virtual kidnapping and extortion scams. The FBI warns the public about these deceptive practices ...
CVE Vulnerability Alerts
Apache Tika Vulnerability CVE-2025-66516 Exposes Systems to Critical Risks
Apache Tika users face critical risks due to a severe vulnerability allowing XML external entity (XXE) attacks. With a CVSS score of 10.0, the flaw ...
Endpoint Security
GlobalProtect Logins and SonicWall APIs Come Under Fire from Hacking Campaign
A sophisticated hacking campaign launched on December 2, 2025, is targeting Palo Alto's GlobalProtect portals and SonicWall's SonicOS API endpoints. Involving over 7,000 IPs linked ...
Endpoint Security
ASUS Confirms Third-party Breach as Everest Ransomware Group Strikes
ASUS has verified a disruption resulting from a third-party breach. The Everest ransomware group has claimed responsibility, asserting they compromised companies like ASUS, ArcSoft, and ...
Cybersecurity
India Reverses Decision on Mandating Preinstalled Cybersecurity App on Smartphones
In a surprising turn, the Indian government has withdrawn its directive for smartphone manufacturers to preinstall the “Sanchar Saathi” app. This move follows privacy concerns ...
Cybersecurity
Virginia Brothers Face Conspiracy Charges Over Alleged Data Theft and Database Destruction
Two brothers in Virginia are accused of conspiring to steal sensitive information and destroy government databases post-termination from their roles as federal contractors. The charges, ...
Cybersecurity
Russia Orders Block on FaceTime and Snapchat Amid Security Concerns
Russian agency Roskomnadzor has blocked access to Apple's FaceTime and Snapchat, alleging their use to coordinate terrorism. Experts suggest this move affects digital communication and ...
Data Security
Inotiv Reports Massive Data Breach Impacting Thousands
Inotiv, a major research organization, disclosed a ransomware attack that exposed personal, financial, and medical information of over 9,500 individuals. The breach underscores the persistent ...
Cybersecurity
Agentic Security Fortifies Its Position with $130 Million Funding Round
Agentic Security has secured a substantial $130 million in funding, underscoring the growing demand for innovative cybersecurity solutions. The new capital aims to bolster the ...
Cybersecurity
Porsche Owners in Russia Face Unexpected Disruption: Satellite Security System Malfunction
Porsche cars in several Russian cities experienced engine shutdowns after the failure of the satellite security system, leaving owners and dealers scrambling for solutions. The ...
Cybersecurity
Hackers Breach Marquis: A Fintech Data Nightmare
In a critical security breach, hackers infiltrated Marquis, a fintech firm, compromising personal and financial data of more than 780,000 individuals. The data breach highlights ...
Cybersecurity
AI Used to Delete Government Databases in Breach of Cybersecurity Protocols
Twin brothers, already known for hacking offenses, used remaining access to federal databases to erase nearly 100 systems via AI soon after being terminated. This ...
Application Security
Chinese Hackers Exploit VMware vSphere with Brickstorm Malware: CISA’s Critical Alert
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to network defenders concerning Chinese threat actors using Brickstorm malware to compromise VMware vSphere ...
Data Security
Inotiv Reports Massive Data Breach Impacting Thousands
TOP CYBERSECURITY HEADLINES
Application Security
IDEsaster: Uncovering Security Flaws in AI-Powered IDEs
CVE Vulnerability Alerts
Critical RSC Vulnerability Added to CISA’s KEV Catalog Due to Active Exploitation
CVE Vulnerability Alerts
React2Shell Vulnerability Exposes Over 77,000 IPs Worldwide
This Week’s Security Spotlight
Endpoint Security
ASUS Confirms Third-party Breach as Everest Ransomware Group Strikes
CVE Vulnerability Alerts
React Server Components’ Security Flaw Risks Unauthenticated Remote Code Execution
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
Clickjacking Tactics Exploit SVG and CSS: Understanding the New Threat
Security researcher Lyra Rebane reveals a new clickjacking attack method leveraging SVG and CSS. This tactic bypasses traditional defense approaches, demanding updated security measures. Professionals ...
IDEsaster: Uncovering Security Flaws in AI-Powered IDEs
In an alarming revelation, over 30 security vulnerabilities in AI-powered Integrated Development Environments (IDEs) have been uncovered, potentially impacting countless developers. The collective vulnerabilities have ...
Critical RSC Vulnerability Added to CISA’s KEV Catalog Due to Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a serious flaw impacting React Server Components (RSC) to its Known Exploited Vulnerabilities (KEV) catalog. ...
React2Shell Vulnerability Exposes Over 77,000 IPs Worldwide
Over 77,000 Internet-exposed IP addresses are endangered by the critical React2Shell vulnerability, CVE-2025-55182. Attackers have already compromised over 30 organizations, spanning diverse industry sectors. This ...
FBI Warns of Social Media Images Exploited for Virtual Kidnapping Scams
Criminals are exploiting social media images, altering them for use in virtual kidnapping and extortion scams. The FBI warns the public about these deceptive practices ...
Apache Tika Vulnerability CVE-2025-66516 Exposes Systems to Critical Risks
Apache Tika users face critical risks due to a severe vulnerability allowing XML external entity (XXE) attacks. With a CVSS score of 10.0, the flaw ...
GlobalProtect Logins and SonicWall APIs Come Under Fire from Hacking Campaign
A sophisticated hacking campaign launched on December 2, 2025, is targeting Palo Alto's GlobalProtect portals and SonicWall's SonicOS API endpoints. Involving over 7,000 IPs linked ...
ASUS Confirms Third-party Breach as Everest Ransomware Group Strikes
ASUS has verified a disruption resulting from a third-party breach. The Everest ransomware group has claimed responsibility, asserting they compromised companies like ASUS, ArcSoft, and ...
India Reverses Decision on Mandating Preinstalled Cybersecurity App on Smartphones
In a surprising turn, the Indian government has withdrawn its directive for smartphone manufacturers to preinstall the “Sanchar Saathi” app. This move follows privacy concerns ...
Virginia Brothers Face Conspiracy Charges Over Alleged Data Theft and Database Destruction
Two brothers in Virginia are accused of conspiring to steal sensitive information and destroy government databases post-termination from their roles as federal contractors. The charges, ...
Russia Orders Block on FaceTime and Snapchat Amid Security Concerns
Russian agency Roskomnadzor has blocked access to Apple's FaceTime and Snapchat, alleging their use to coordinate terrorism. Experts suggest this move affects digital communication and ...
Inotiv Reports Massive Data Breach Impacting Thousands
Inotiv, a major research organization, disclosed a ransomware attack that exposed personal, financial, and medical information of over 9,500 individuals. The breach underscores the persistent ...
Agentic Security Fortifies Its Position with $130 Million Funding Round
Agentic Security has secured a substantial $130 million in funding, underscoring the growing demand for innovative cybersecurity solutions. The new capital aims to bolster the ...
Porsche Owners in Russia Face Unexpected Disruption: Satellite Security System Malfunction
Porsche cars in several Russian cities experienced engine shutdowns after the failure of the satellite security system, leaving owners and dealers scrambling for solutions. The ...
Hackers Breach Marquis: A Fintech Data Nightmare
In a critical security breach, hackers infiltrated Marquis, a fintech firm, compromising personal and financial data of more than 780,000 individuals. The data breach highlights ...
AI Used to Delete Government Databases in Breach of Cybersecurity Protocols
Twin brothers, already known for hacking offenses, used remaining access to federal databases to erase nearly 100 systems via AI soon after being terminated. This ...
Chinese Hackers Exploit VMware vSphere with Brickstorm Malware: CISA’s Critical Alert
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to network defenders concerning Chinese threat actors using Brickstorm malware to compromise VMware vSphere ...
Silver Fox Impersonates Russian Hackers in Tactical SEO Poisoning Campaign
Silver Fox orchestrates deceptive tactics by emulating a Russian hacking group in an SEO poisoning campaign, targeting Chinese organizations. Utilizing Microsoft Teams lures, the campaign ...
Intellexa’s Predator Spyware Exploits Zero-click ‘Aladdin’ Mechanism in Targeted Attacks
Intellexa's Predator spyware employs a zero-click infection method named 'Aladdin,' allowing malware to spread via malicious ads. The sophistication of this method underscores the evolving ...
DragonForce Ransomware: A New Collaboration in Cybercrime
The combined force of DragonForce and English-speaking hackers brings sophisticated social engineering to ransomware attacks. Discover the advancement and implication of this collaboration in the ...