Cyber Security
Application Security
Microsoft Patches Exploited Exchange XSS as Secure Boot Deadline Looms
Microsoft's June Patch Tuesday closes the actively exploited Exchange Server CVE-2026-42897 and sets a 17-day countdown to a critical Secure Boot deadline.
CVE Vulnerability Alerts
Check Point VPN CVE-2026-50751 Exploited by Qilin Before Patch Release
Check Point disclosed CVE-2026-50751, a critical VPN authentication bypass exploited by Qilin ransomware for five weeks, and released an emergency hotfix.
Application Security
WhatsApp Files Contempt Motion Over New NSO Group Spyware Activity
WhatsApp detected new NSO Group activity violating a permanent court injunction and filed a federal contempt motion against the Israeli surveillance firm.
Cybersecurity
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
TheGentlemen ransomware posted 12 victims across 8 countries in one day, including two healthcare providers with HIPAA and NHS breach notification exposure.
Application Security
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Gogs version 0.14.3 patches a critical CVSSv4 9.4 RCE zero-day that had exposed 2,300 internet-facing servers for ten days with a public Metasploit exploit.
Cybersecurity
Akira, Qilin, and Nightspire Post 4 Victims on Ransomware Leak Sites
Akira, Qilin, and Nightspire claimed four victims including a port trade association, a German security firm, a youth nonprofit, and a commercial printer.
Blog
What Is Dropper Malware and How Does It Evade Detection
Dropper malware secretly installs payloads while evading detection. Learn how droppers work, evasion techniques, and endpoint defense strategies.
Cybersecurity
TVING Data Breach Triggers South Korean Government Probe
South Korea's largest streaming platform TVING suffered a data breach exposing user IDs, contact details, and encrypted national ID-derived identifiers.
Application Security
AI Agent Finds 21 FFmpeg Zero-Days Including Unauthenticated RCE
Depthfirst's autonomous AI security agent spent $1,000 to find 21 zero-days in FFmpeg, including an unauthenticated RCE triggered by a 183-byte packet.
Application Security
Anthropic Engineers Deploy Inside NSA to Run Mythos Cyber AI
Anthropic has deployed six engineers inside NSA to operate Mythos, an AI reported capable of zero-day exploitation across major operating systems and browsers.
Application Security
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
Researcher Taylor Hornby used Claude Opus 4.8 to uncover a four-year-old Zcash Orchard flaw that could have enabled undetectable counterfeit ZEC creation.
CVE Vulnerability Alerts
C0XMO Botnet Exploits DD-WRT CVE-2021-27137, Evicts Rival Malware
Fortinet researchers found C0XMO, a Gafgyt variant exploiting CVE-2021-27137 in DD-WRT routers, that kills rival botnets and supports 19 DDoS attack methods.
Cybersecurity
ShinyHunters Publishes 234 GB of DentaQuest Records for 2.6M
ShinyHunters published 234 GB of DentaQuest healthcare records for 2.6 million patients after ransom talks failed, exposing Medicaid IDs and enrollment data.
Cybersecurity
Six Ransomware Groups Post Cross-Sector Victims in Single Day
Play, Genesis, Nova, Incransom, Blackwater, and Krybit each posted victims on the same day, spanning automotive, dental, higher education, travel, and retail.
Cybersecurity
Payload Ransomware Hits Retailer, Textile Firm, and Hotel Group
Payload ransomware posted Plaza Lama, Hansoll Textile, and Villea Hotels on its Tor leak site, targeting the Dominican Republic, Vietnam, and Malaysia.
CVE Vulnerability Alerts
CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
SolarWinds patches actively exploited Serv-U DoS bug CVE-2026-28318 while CISA adds it to the KEV catalog and orders remediation at federal civilian agencies.
Application Security
VerdantBamboo PLENET Backdoor Sustained 18-Month M365 Intrusion
Volexity found Chinese APT VerdantBamboo used new PLENET and AGENTPSD malware to maintain 18 months of undetected Microsoft 365 access via MSP compromise.
Cybersecurity
CoinbaseCartel Ransomware Targets Cambridge Mobile Telematics
CoinbaseCartel posted Cambridge Mobile Telematics on its dark web leak site, threatening to expose driving behavior data for millions of insured drivers.
Cybersecurity
Anubis Ransomware Wiper Mode Targets US Law Firm and UK Contractor
Anubis ransomware used its WIPEMODE against a US estate law firm and UK contractor; Nova claimed an Indian hospital and Securotrop hit Kriete Truck Centers.
Blog
DNS Tunneling: How Attacks Work, Detection, and Prevention
DNS tunneling hides malicious traffic inside DNS queries to evade firewalls. Learn how attacks work, how to detect them, and how to stop them.
Application Security
Microsoft Patches Exploited Exchange XSS as Secure Boot Deadline Looms
CVE Vulnerability Alerts
Check Point VPN CVE-2026-50751 Exploited by Qilin Before Patch Release
TOP CYBERSECURITY HEADLINES
Application Security
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Cybersecurity
TVING Data Breach Triggers South Korean Government Probe
This Week’s Security Spotlight
Application Security
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
CVE Vulnerability Alerts
CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
CVE Vulnerability Alerts
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
TheGentlemen ransomware posted 12 victims across 8 countries in one day, including two healthcare providers with HIPAA and NHS breach notification exposure.
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Gogs version 0.14.3 patches a critical CVSSv4 9.4 RCE zero-day that had exposed 2,300 internet-facing servers for ten days with a public Metasploit exploit.
Akira, Qilin, and Nightspire Post 4 Victims on Ransomware Leak Sites
Akira, Qilin, and Nightspire claimed four victims including a port trade association, a German security firm, a youth nonprofit, and a commercial printer.
What Is Dropper Malware and How Does It Evade Detection
Dropper malware secretly installs payloads while evading detection. Learn how droppers work, evasion techniques, and endpoint defense strategies.
TVING Data Breach Triggers South Korean Government Probe
South Korea's largest streaming platform TVING suffered a data breach exposing user IDs, contact details, and encrypted national ID-derived identifiers.
AI Agent Finds 21 FFmpeg Zero-Days Including Unauthenticated RCE
Depthfirst's autonomous AI security agent spent $1,000 to find 21 zero-days in FFmpeg, including an unauthenticated RCE triggered by a 183-byte packet.
Anthropic Engineers Deploy Inside NSA to Run Mythos Cyber AI
Anthropic has deployed six engineers inside NSA to operate Mythos, an AI reported capable of zero-day exploitation across major operating systems and browsers.
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
Researcher Taylor Hornby used Claude Opus 4.8 to uncover a four-year-old Zcash Orchard flaw that could have enabled undetectable counterfeit ZEC creation.
C0XMO Botnet Exploits DD-WRT CVE-2021-27137, Evicts Rival Malware
Fortinet researchers found C0XMO, a Gafgyt variant exploiting CVE-2021-27137 in DD-WRT routers, that kills rival botnets and supports 19 DDoS attack methods.
ShinyHunters Publishes 234 GB of DentaQuest Records for 2.6M
ShinyHunters published 234 GB of DentaQuest healthcare records for 2.6 million patients after ransom talks failed, exposing Medicaid IDs and enrollment data.
Six Ransomware Groups Post Cross-Sector Victims in Single Day
Play, Genesis, Nova, Incransom, Blackwater, and Krybit each posted victims on the same day, spanning automotive, dental, higher education, travel, and retail.
Payload Ransomware Hits Retailer, Textile Firm, and Hotel Group
Payload ransomware posted Plaza Lama, Hansoll Textile, and Villea Hotels on its Tor leak site, targeting the Dominican Republic, Vietnam, and Malaysia.
CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
SolarWinds patches actively exploited Serv-U DoS bug CVE-2026-28318 while CISA adds it to the KEV catalog and orders remediation at federal civilian agencies.
VerdantBamboo PLENET Backdoor Sustained 18-Month M365 Intrusion
Volexity found Chinese APT VerdantBamboo used new PLENET and AGENTPSD malware to maintain 18 months of undetected Microsoft 365 access via MSP compromise.
CoinbaseCartel Ransomware Targets Cambridge Mobile Telematics
CoinbaseCartel posted Cambridge Mobile Telematics on its dark web leak site, threatening to expose driving behavior data for millions of insured drivers.
Anubis Ransomware Wiper Mode Targets US Law Firm and UK Contractor
Anubis ransomware used its WIPEMODE against a US estate law firm and UK contractor; Nova claimed an Indian hospital and Securotrop hit Kriete Truck Centers.
DNS Tunneling: How Attacks Work, Detection, and Prevention
DNS tunneling hides malicious traffic inside DNS queries to evade firewalls. Learn how attacks work, how to detect them, and how to stop them.
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
Cisco disclosed CVE-2026-20245, a command injection zero-day in Catalyst SD-WAN Manager enabling root access via file upload, with no patch available.
Five Eyes Warn Chinese Spies Use Fake Jobs to Target Clearances
Five Eyes agencies warn Chinese military intelligence is using fake job listings on LinkedIn to recruit government and military insiders for espionage.
IronWorm Rust Malware Hits 36 npm Packages in Supply Chain Attack
JFrog researchers discovered IronWorm, a Rust-based infostealer with an eBPF rootkit, injected into 36 npm packages to steal AI API keys and self-propagate.