Cyber Security
News
RedCurl Cyberespionage Group Deploys Ransomware Targeting Hyper-V
Mitchell Langley
March 27, 2025
RedCurl, a known cyberespionage group, has deployed QWCrypt ransomware targeting Hyper-V servers, marking a significant shift in their tactics and raising concerns about their motivations.
News
Garden of Life Faces Three Class-Action Lawsuits Following Data Breach
Andrew Doyle
March 27, 2025
Garden of Life faces three class-action lawsuits after a data breach exposed customer payment card information, alleging negligence and inadequate data security.
News
NSW Government Website Data Breach With 9,000 Court files
Andrew Doyle
March 27, 2025
major data breach exposed 9,000 sensitive NSW court files. Authorities are investigating, aiming to identify accessed data within a week. Victims are urged to ...
News
StreamElements Confirms Third-Party Data Breach Affecting 210,000 Users
Mitchell Langley
March 27, 2025
StreamElements confirms a third-party data breach exposing data for 210,000 users, highlighting the risks of relying on external vendors.
News
Oracle Customers Validate Stolen Data from Cloud Server Breach
Andrew Doyle
March 27, 2025
Oracle denies a data breach affecting 6 million users, but independent verification confirms the authenticity of stolen data, contradicting their claims.
News
Sydney Tools Data Breach Exposes 34 Million+ Customer Orders
Mitchell Langley
March 26, 2025
A massive data breach at Sydney Tools exposed over 34 million customer orders and sensitive employee data, including names, addresses, and salaries. The unsecured database ...
News
South Carolina Eye Clinic Suffers Data Breach: Ransomware Suspected
Mitchell Langley
March 26, 2025
Columbia Eye Clinic in South Carolina suffered a data breach, potentially a ransomware attack, exposing patient data including names, contact information, and procedure codes.
News
Urgent Security Update: Authentication Bypass Vulnerability in VMware Tools for Windows (CVE-2025-22230)
Andrew Doyle
March 26, 2025
Critical VMware Tools vulnerability (CVE-2025-22230) enables privilege escalation on Windows VMs. Immediate patching is paramount for enterprise security.
News
Numotion Data Breach Impacts Nearly 500,000 Individuals
Andrew Doyle
March 26, 2025
Numotion's latest data breach exposed the personal and health information of nearly 500,000 individuals, following a series of similar incidents, leading to multiple lawsuits.
News
Cloudflare R2 Service Outage: A Case Study in Human Error and System Design
Andrew Doyle
March 26, 2025
Cloudflare's R2 service suffered a 77-minute outage due to a password rotation error, highlighting the risks of human error in cloud infrastructure.
News
Next.js Flaw Allows Unauthorized Access
Mitchell Langley
March 25, 2025
Critical Next.js vulnerability (CVE-2025-29927) lets attackers bypass authorization, impacting versions before 15.2.3. Urgent updates are needed.
News
Ukraine Railway Hit by Cyberattack: Online Systems Disrupted
Andrew Doyle
March 25, 2025
A major cyberattack targeted Ukraine's railway system, disrupting online services but not train operations. Restoration efforts are ongoing.
Cybersecurity
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
Andrew Doyle
March 25, 2025
Chinese Weaver Ant hackers infiltrated a telecom network for over four years, using advanced techniques like web shell tunneling and data exfiltration.
News
Astral Foods Cyberattack: R20 Million Profit Plunge
Andrew Doyle
March 25, 2025
Astral Foods suffered a cyberattack causing a R20 million profit loss and operational disruption. Swift recovery was implemented, but the incident highlights the need for ...
News
VanHelsing Ransomware Targets Multiple Platforms Including Windows and ESXi Systems
Mitchell Langley
March 25, 2025
The new VanHelsing ransomware targets various systems, employing advanced encryption techniques and demanding ransoms up to $500,000 from its victims.
News
INTERPOL Operation Red Card Nets 300 Cybercrime Suspects in Africa
Andrew Doyle
March 25, 2025
INTERPOL's Operation Red Card resulted in the arrest of 306 cybercrime suspects across seven African nations, seizing thousands of devices used in various scams.
News
Oracle Cloud Breach Compromises 6 Million Records, Threatening 140,000 Businesses
Mitchell Langley
March 24, 2025
A massive Oracle Cloud breach exposed 6 million records, impacting 140,000 businesses. The attacker, "rose87168," is selling the data and demanding ransoms.
News
NYU Data Breach: Class Action Lawsuit Investigation Underway
Andrew Doyle
March 24, 2025
NYU's March 2025 data breach exposed millions of applicants' personal data, prompting a class action lawsuit investigation. Attorneys seek to recover compensation for affected individuals.
News
Microsoft’s Trusted Signing Service Abused to Code-Sign Malware
Andrew Doyle
March 24, 2025
Microsoft's Trusted Signing service is being abused to code-sign malware using short-lived certificates. This allows malicious software to bypass security and appear legitimate. Microsoft is ...
News
Coinbase Targeted in GitHub Actions Breach
Mitchell Langley
March 24, 2025
A major GitHub Actions breach targeted Coinbase, exploiting the tj-actions/changed-files action to steal secrets. Although Coinbase claims no damage, the attack highlights supply chain vulnerabilities.
News
EncryptHub Ransomware and Infostealer Campaign Targets 618 Organizations Globally
Andrew Doyle
February 27, 2025
News
NailaoLocker Ransomware Targets EU Healthcare Sector in a Cyberattack
Mitchell Langley
February 20, 2025
News
Akira Ransomware Attack Targets Defunct Australian Media Company
Andrew Doyle
February 17, 2025
TOP CYBERSECURITY HEADLINES
SECURITYWEEK INDUSTRY EXPERTS
News
RedCurl Cyberespionage Group Deploys Ransomware Targeting Hyper-V
Mitchell Langley
March 27, 2025
News
Garden of Life Faces Three Class-Action Lawsuits Following Data Breach
Andrew Doyle
March 27, 2025
News
StreamElements Confirms Third-Party Data Breach Affecting 210,000 Users
Mitchell Langley
March 27, 2025
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Feature Videos
- All
- Application Security
- Blog
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Information Security
- Network Security
- News
- Phishing
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Threat Actors
- Threat Detection Tools
- Uncategorized
StreamElements Confirms Third-Party Data Breach Affecting 210,000 Users
March 27, 2025
StreamElements confirms a third-party data breach exposing data for 210,000 users, highlighting the risks of relying on external vendors.
Oracle Customers Validate Stolen Data from Cloud Server Breach
March 27, 2025
Oracle denies a data breach affecting 6 million users, but independent verification confirms the authenticity of stolen data, contradicting their claims.
Urgent Security Update: Authentication Bypass Vulnerability in VMware Tools for Windows (CVE-2025-22230)
March 26, 2025
Critical VMware Tools vulnerability (CVE-2025-22230) enables privilege escalation on Windows VMs. Immediate patching is paramount for enterprise security.
South Carolina Eye Clinic Suffers Data Breach: Ransomware Suspected
March 26, 2025
Columbia Eye Clinic in South Carolina suffered a data breach, potentially a ransomware attack, exposing patient data including names, contact information, and procedure codes.
Sydney Tools Data Breach Exposes 34 Million+ Customer Orders
March 26, 2025
A massive data breach at Sydney Tools exposed over 34 million customer orders and sensitive employee data, including names, addresses, and salaries. The unsecured database ...
Numotion Data Breach Impacts Nearly 500,000 Individuals
March 26, 2025
Numotion's latest data breach exposed the personal and health information of nearly 500,000 individuals, following a series of similar incidents, leading to multiple lawsuits.
Cloudflare R2 Service Outage: A Case Study in Human Error and System Design
March 26, 2025
Cloudflare's R2 service suffered a 77-minute outage due to a password rotation error, highlighting the risks of human error in cloud infrastructure.
Next.js Flaw Allows Unauthorized Access
March 25, 2025
Critical Next.js vulnerability (CVE-2025-29927) lets attackers bypass authorization, impacting versions before 15.2.3. Urgent updates are needed.
Ukraine Railway Hit by Cyberattack: Online Systems Disrupted
March 25, 2025
A major cyberattack targeted Ukraine's railway system, disrupting online services but not train operations. Restoration efforts are ongoing.
Chinese Weaver Ant Hackers Spied on Telco Network for Four Years
March 25, 2025
Chinese Weaver Ant hackers infiltrated a telecom network for over four years, using advanced techniques like web shell tunneling and data exfiltration.
Astral Foods Cyberattack: R20 Million Profit Plunge
March 25, 2025
Astral Foods suffered a cyberattack causing a R20 million profit loss and operational disruption. Swift recovery was implemented, but the incident highlights the need for ...
VanHelsing Ransomware Targets Multiple Platforms Including Windows and ESXi Systems
March 25, 2025
The new VanHelsing ransomware targets various systems, employing advanced encryption techniques and demanding ransoms up to $500,000 from its victims.
INTERPOL Operation Red Card Nets 300 Cybercrime Suspects in Africa
March 25, 2025
INTERPOL's Operation Red Card resulted in the arrest of 306 cybercrime suspects across seven African nations, seizing thousands of devices used in various scams.
Oracle Cloud Breach Compromises 6 Million Records, Threatening 140,000 Businesses
March 24, 2025
A massive Oracle Cloud breach exposed 6 million records, impacting 140,000 businesses. The attacker, "rose87168," is selling the data and demanding ransoms.
NYU Data Breach: Class Action Lawsuit Investigation Underway
March 24, 2025
NYU's March 2025 data breach exposed millions of applicants' personal data, prompting a class action lawsuit investigation. Attorneys seek to recover compensation for affected individuals.
Microsoft’s Trusted Signing Service Abused to Code-Sign Malware
March 24, 2025
Microsoft's Trusted Signing service is being abused to code-sign malware using short-lived certificates. This allows malicious software to bypass security and appear legitimate. Microsoft is ...
10 Key Benefits of Cyber Tabletop Exercises
March 24, 2025
Regular cybersecurity tabletop exercises are crucial for identifying weaknesses and strengthening your defenses. This blog explores the ten major advantages of incorporating these simulations into ...
Coinbase Targeted in GitHub Actions Breach
March 24, 2025
A major GitHub Actions breach targeted Coinbase, exploiting the tj-actions/changed-files action to steal secrets. Although Coinbase claims no damage, the attack highlights supply chain vulnerabilities.
CISA Says NAKIVO Backup Flaw is Actively Exploited in Attacks
March 21, 2025
CISA warns of a critical NAKIVO backup flaw, CVE-2024-48248, allowing unauthorized file access, urging organizations to patch systems promptly.
GitHub Supply Chain Attack Exposes Secrets in 218 Repositories
March 21, 2025
A GitHub Action supply chain attack exposed secrets from 218 repositories due to malicious code in tj-actions/changed-files, impacting popular projects and potentially causing further supply ...